Eleventh Circuit Protects Right to Encrypt Data
February 24, 2012 6:20 AM   Subscribe

This seems like great news, so I'm sure any minute now someone will explain to me how this is actually terrible.
posted by jcreigh at 6:21 AM on February 24, 2012 [3 favorites]

I forgot to mention that the decision is also in conflict with a recent decision from a district court in Colorado, requiring a woman accused of bank fraud to decrypt her hard drive for law enforcement. The appellate court in that case dismissed the appeal as not ripe just two days ago.
posted by monju_bosatsu at 6:24 AM on February 24, 2012

So, what is to prevent the government from lying, saying they know the names of the files, force an unlock, "Woops, I guess they weren't there! But wait, what is this?" And then the contents of the differently named files generally match the content of the ones they were looking for/named? Would that still be admissible? What if they found files completely unrelated to the case, but still criminal in nature. Say they were looking for kiddie porn, but found terrorist information instead, for example?
posted by symbioid at 6:31 AM on February 24, 2012

But... how will the government be able to keep us safe??
posted by Trurl at 6:31 AM on February 24, 2012 [1 favorite]

@symbiod -
Hard to say. I mean, the last time IIRC he straight-up had child porno up on his desktop in a TSA checkpoint, which by analogy would be like a police officer having to turn his headlights on to see through a cloud of pot smoke.

Typically for a relatively nontechnical panel of judges, I'm not sure if they've really established whether filenames are sufficient to force you to unlock your data. I'll go read the rest of the case and report back.
posted by fifthrider at 6:34 AM on February 24, 2012

I correct myself; for in re: Boucher it was an ICE checkpoint. Still, a fairly extreme case of fairly extreme stupidity.
posted by fifthrider at 6:36 AM on February 24, 2012

I'll just leave the obligatorily link to XKCD here. Because given the current trends, do you think what some liberal judges have to say will affect anything?
posted by Old'n'Busted at 6:40 AM on February 24, 2012 [2 favorites]

I don't see why knowing filenames would force you to unlock anything.

Law-talking dude: Did you solicit that prostitute?
JOHN Doe: I take the Fifth.
LTD: But I saw you talking to her, so you have to tell me what you said.
JD: CURSE YOU!
posted by DU at 6:42 AM on February 24, 2012 [3 favorites]

Note to self: Rename "illegal financial transactions" and "kiddie porn" files on my laptop.
posted by The 10th Regiment of Foot at 6:46 AM on February 24, 2012 [2 favorites]

Totally beat me to this one.

This seems to be a good ruling. Basic facts:

The feds get wind of a YouTube with material involving underage girls. They start an investigation into the identity of the account holder. The local sheriff's department manages to track down three IP addresses connected with the account which were traced to three separate hotels. The only common guest was the Defendant, who remains anonymous. The cops got a warrant to search the Defendant's room, did so, and seized a bunch of hard drives.

Unfortunately for the cops, 1) the drives contained sections that were encrypted, and 2) there wasn't anything incriminating on the unencrypted sections. The cops' experts weren't able to access the encrypted sections. So they asked the Defendant to unencrypt the drives. The Defendant refused. The prosecution asked for a the court to find the Defendant in contempt, and the court did so. Defendant appealed.

Key holding:

Whether the drives’ contents are testimonial, however, is not the issue. What is at issue is whether the act of production may have some testimonial quality sufficient to trigger Fifth Amendment protection when the production explicitly or implicitly conveys some statement of fact.

In other words, by unencrypting the drives, the Defendant would be implicitly admitting that 1) the drives were his, 2) he encrypted them, and 3) he was responsible for their contents.

The court discussed two cases, Fischer and Hubbell. In the former, the prosecution already knew that certain documents existed and what they probably contained. The Supreme Court agreed with the prosecution. In the latter, the government couldn't show it had knowledge of the documents in question from any external source--or that they even existed--and couldn't produce an indictment without them. In this case, the cops really had no idea what was on the drives. Could have been child porn, could have been lolcats, could have been embarrassing fanfic, could have been blank.

The government made the key/lock analogy regarding encryption, and the court rejected it thoroughly.

The argument in an earlier thread largely follows what the Court said in this one. I actually suggested there that if there was a set of facts where the mere knowledge of the password would, in itself, be incriminating, that a defendant could plausibly take the Fifth. That's what happened here.
posted by valkyryn at 6:52 AM on February 24, 2012 [24 favorites]

For a non-law-speakin'-guy, could someone explain how far (if at all) this parallels the rights/responsibilities surrounding physical evidence?

Let's say I have been charged with trading in illegally bred furbies, which in anyone's book is a pretty horrific offence. While searching my flat the police have found my uncrackable safe. Can they compel me to hand over the (physical) key if:

a) They have good reason to think that an extremely shrill and persistent unlicensed furby is in that specific safe;
b) They know that a furby with a particularly accusatory stare is unaccounted for, and the safe is a plausible place to keep it;
c) They're not certain that there's evidence in there or that there's evidence unaccounted for, but somehow they do know that I put *something* in the safe just after meeting Jane "mad heels" Levinson, notorious furby dealer and suspected maker of overly-milky tea;
d) They just want to have a poke around, to see what they can find.

If i don't have the key on me, but instead would have to tell them where it's hidden (i.e. giving them information that could lead to finding evidence), does this change things? What if, instead of a physical key, it's a PIN that only I know?

I am interested in how the answers change along this continuum, but I'm more interested in the contrast/agreement between "unlocking" physical and virtual containers that could hold evidence.
Er, or maybe I should take this to AskMe
posted by metaBugs at 6:57 AM on February 24, 2012 [5 favorites]

I don't see why knowing filenames would force you to unlock anything.

Your example is inapposite because the defendant is still being required to give up the contents of their mind by testifying as to the substance of the conversation. These cases all involve documents that were already voluntarily created by the defendant. The argument is that if the police already know of the files' existence, possession and control, and authenticity, then requiring the defendant to decrypt them does not tell them anything they don't already know.

So, if the police already have a list of filenames (e.g. because they wiretapped your computer or they were downloaded in a sting operation), then they know of the files' existence. It's usually pretty hard to argue that the defendant doesn't have possession and control of the drive (e.g. "no, that's not mine, that's my roommate's"). It's likewise hard to argue against authenticity (e.g. "this drive is encrypted, yet somehow someone planted or altered those files").
posted by jedicus at 6:58 AM on February 24, 2012

There are more encrypted file systems that offer you some degree of plausible deniability now, like Elettra.

EncFS offers an --anykey option, meaning you need not install a "special plausible deniability" system, just use ordinary ol' EncFS. I doubt it offers much protection though since EncFS leaks file sizes, metadata, etc. like crazy.
posted by jeffburdges at 6:58 AM on February 24, 2012 [1 favorite]

Your example is inapposite because the defendant is still being required to give up the contents of their mind by testifying as to the substance of the conversation. These cases all involve documents that were already voluntarily created by the defendant.

There's a distinction between stuff I say and stuff I write? That seems pretty artificial and is going to break down once we have brain implants.

The argument is that if the police already know of the files' existence, possession and control, and authenticity, then requiring the defendant to decrypt them does not tell them anything they don't already know.

Then why do they need them decrypted?
posted by DU at 7:01 AM on February 24, 2012

I would be more excited about this ruling, if I wasn't so certain the Supremes will overturn it. [/cynicism]
posted by browse at 7:07 AM on February 24, 2012 [3 favorites]

There's a distinction between stuff I say and stuff I write? That seems pretty artificial and is going to break down once we have brain implants.

No, there's a distinction between stuff you are compelled to say by the polie and stuff that you already voluntarily wrote down. It's the difference between the police forcing you to answer the question "did you commit the crime?" and the police forcing you to hand over a voluntary confession you wrote before you were arrested.

To the extent brain implants cause a problem with this analysis the courts will address that then, not when it's still purely hypothetical. Courts tend not to be very proactive, since they prefer to rely on a fully-developed set of facts.

Then why do they need them decrypted?

Because they may need the files' contents in order to prove an element of the crime beyond a reasonable doubt. "nakedunderageperson.jpg" might not be enough.

Also, this is a grand jury case. The rules of evidence are substantially relaxed in a grand jury case. The evidence showing existence, possession and control, and authenticity might not be admissible in the actual trial (e.g. they could be based on hearsay). So the police can have enough evidence to compel production of the files at the grand jury trial but still need the files' contents in order to prove their case at trial.
posted by jedicus at 7:11 AM on February 24, 2012

There has been significant progress on reading images and sounds from the brain recently. I'm expecting that some court tries bypassing the 5th by reading a defendant's mind directly in my lifetime.

You could easily imagine cases like this one where they show the dependent the child porn imagine they believe he possesses while using some high tech tools for detecting visual recognition, past orgasms, etc.
posted by jeffburdges at 7:15 AM on February 24, 2012 [2 favorites]

There's a distinction between stuff I say and stuff I write? That seems pretty artificial and is going to break down once we have brain implants.

Always has been, and likely always will be. The distinction isn't between speech and writing, but between communication which is stored somewhere and communication which isn't. In its most basic form, it's the distinction between a telephone call, and a telephone call that's being recorded. The "brain implant" hypothetical just means that more and more communication will be memorialized.

Then why do they need them decrypted?

Because there might be information in there that's important.

Here's the thing: there is absolutely no argument that one's written communication is somehow protected by the Fifth Amendment. If it's out there, and the cops get ahold of it, they can use it, provided it is otherwise admissible.

The rules for the authentication of evidence are actually pretty strict. You can't just dump a bunch of exhibits in front of a judge or jury and go with it. You need evidence, called "foundation," supporting the authenticity of the documents.

So, for example, say I'm defending a car accident claim. I go on Facebook, and hey, there's a bunch of pictures of the plaintiff, taken after the accident, where they totally aren't liming the way they say they are. Great stuff, right? Well I can't just show up to trial with those photos, even if they are undeniably of the plaintiff, because I need foundation for them. So what I'll do is bring them to a deposition, show them to the plaintiff, and have the plaintiff testify that yes, that's her, and yes, they were taken after the accident. There's my foundation.

What's basically going on here is that requiring a criminal defendant to decrypt a drive the prosecution knows absolutely nothing about would be providing foundation for those documents they wouldn't otherwise have, and that's a testimonial act protected by the Fifth Amendment. But the files themselves are not so protected, so if the cops already know about the files, have reasonable cause to search them, and adequate foundation for who created them, they've already got the foundation they need. All they need is the content, and again, the content of the files is not protected by the Fifth Amendment.

So when the cops aren't actually looking for anything protected by the Fifth Amendment, a defendant could be forced to decrypt the files. But in this case, they were totally fishing, so the court shut them down.

I think the upshot of this holding is not that encryption is some kind of magical Fifth Amendment barrier, but that the cops have to do more legwork before they go for something like this. Hire some better consultants, do some social engineering, whatever. Just get some idea of what's on the drive before you demand the decryption.
posted by valkyryn at 7:17 AM on February 24, 2012 [8 favorites]

It's the difference between the police forcing you to answer the question "did you commit the crime?" and the police forcing you to hand over a voluntary confession you wrote before you were arrested.

I don't see a distinction here. How is thinking to myself (or saying to a colleague), "yep, I broke that law all right!" and writing down a note to myself "11:30 committed that crime (DONE)" any different? Paper is just an extension of my brain. Which is why I brought up brain implants. Paper, computers, brain implants and brain CELLS are all made out of the same stuff. Why would information instantiation in one format have a different legal standing than another.

Because they may need the files' contents in order to prove an element of the crime beyond a reasonable doubt.

I don't see how I'm not being a "witness against myself" in that case. If they can't prove the case without my help, then tough luck.
posted by DU at 7:17 AM on February 24, 2012 [1 favorite]

Fun prank: Next time you have access to your friend's computer, make a 50 GB file full of random bytes in some obscure location on their hard drive and label it "encrypteddrive.bin"
posted by burnmp3s at 7:17 AM on February 24, 2012 [2 favorites]

DU: There's a distinction between stuff I say and stuff I write?

I understand your objection completely, but yes. The protection offered by the Fifth is really pretty narrow; you can't be forced to speak against yourself. That's about it, though. Everything else is on the table. Your paper diary can and will be used against you, and AFAIK it was always that way.

I've always sort of wondered what would happen, legally speaking, if you were ordered to hand over your pass-phrase but you claimed your pass-phrase was itself an admission of guilt, i.e., "IMurderedMrJones," or similar, and that therefore you were taking the Fifth on the basis of the pass-phrase itself and not on the basis of the data it unlocks.

I would guess that would make your encrypted data safe according to our cherished constitutional principles, but that the actual legal system we have today would be unlikely to buy it and would throw you in prison until you ponied up anyway.
posted by Western Infidels at 7:21 AM on February 24, 2012 [1 favorite]

Well I can't just show up to trial with those photos, even if they are undeniably of the plaintiff, because I need foundation for them. So what I'll do is bring them to a deposition, show them to the plaintiff, and have the plaintiff testify that yes, that's her, and yes, they were taken after the accident. There's my foundation.

Right, I totally get why you'd like to have the evildoer reveal all the details. My point is: Why can't they just refuse? I don't see a difference between saying "I did it" vs "here is the location of the paper that says I did it".
posted by DU at 7:23 AM on February 24, 2012

Paper, computers, brain implants and brain CELLS are all made out of the same stuff.

Upon closer inspection, I think you'll find some subtle differences...
posted by Fidel Cashflow at 7:23 AM on February 24, 2012

Upon closer inspection, I think you'll find some subtle differences...

Such as?

Also, the procedural answers to my questions have been helpful in telling me what the legal difference is. But I'm still looking for a philosophical justification. Between two arbitrary piles of "me being forced to tell the police stuff that will land me in jail".
posted by DU at 7:26 AM on February 24, 2012

Why would information instantiation in one format have a different legal standing than another.

Because in one case the instantiation is being compelled by the police and in the other case it isn't because it was already voluntarily created by the defendant. The distinction is relevant because in the former case the police can intimidate you into giving a false confession and in the latter case they can't. Hence, the Fifth Amendment is not implicated.

I don't see how I'm not being a "witness against myself" in that case. If they can't prove the case without my help, then tough luck.

Because you aren't a witness. Defendants can be compelled to cooperate (e.g. to behave themselves in court, to show up for trial, and myriad other small details).

My point is: Why can't they just refuse? I don't see a difference between saying "I did it" vs "here is the location of the paper that says I did it".

It's more like saying "I did it" vs "here is the paper that you already identified with some specificity and proved that it's in my possession and control and proved that I wrote it." Also it was written voluntarily before you arrested me, so you aren't compelling the creation of the words on the page, unlike compelling me to speak.
posted by jedicus at 7:26 AM on February 24, 2012 [1 favorite]

Your paper diary can and will be used against you, and AFAIK it was always that way.

Right, but if I created my paper diary by typing plaintext into an encryption program and then writing down the ciphertext on paper, I couldn't be compelled to help the police decrypt the handwritten diary. Making the ciphertext electronic doesn't meaningfully change anything.
posted by one more dead town's last parade at 7:27 AM on February 24, 2012

Paper is just an extension of my brain. . . . Paper, computers, brain implants and brain CELLS are all made out of the same stuff. Why would information instantiation in one format have a different legal standing than another.

For the same reason we think its okay to burn paper but not humans, i.e. because the courts, oddly enough, treat people as if they were categorically different than inanimate objects.
posted by valkyryn at 7:28 AM on February 24, 2012 [1 favorite]

Right, but if I created my paper diary by typing plaintext into an encryption program and then writing down the ciphertext on paper, I couldn't be compelled to help the police decrypt the handwritten diary.

Are you sure about that? The only help they'd need would be a copy of the diary and the decryption key. They can certainly get the diary, and this case shows that there may be circumstances under which they could compel the defendant to enter the key into a decryption program.

Making the ciphertext electronic doesn't meaningfully change anything.

It makes it much easier for the defendant to decrypt the ciphertext without giving the police the key itself.

For the same reason we think its okay to burn paper but not humans, i.e. because the courts, oddly enough, treat people as if they were categorically different than inanimate objects.

That's not really the operative difference here. The difference is between compelling testimony and compelling production of a pre-existing document. The real technological sticking point comes from the possibility of a highly accurate brain scan that could reliably read individual memories. But that's a long ways off and doesn't really have anything to do with this case.
posted by jedicus at 7:34 AM on February 24, 2012

If they can't prove the case without my help, then tough luck.

Oh, another set of examples of how a defendant's cooperation can be compelled: participating in a lineup (including being required to say something so that a witness can compare voices), having a mug shot taken, giving a blood or DNA sample, and being fingerprinted can all be compelled because they don't amount to testimonial evidence protected by the Fifth Amendment.
posted by jedicus at 7:36 AM on February 24, 2012 [1 favorite]

jeffburdges: There are more encrypted file systems that offer you some degree of plausible deniability now, like Elettra.

TrueCrypt has had a feature like this since forever, and I've wondered what the legal ramifications of such a thing might be, if a court case ever hung on such a thing. Once I would have guessed that such a system would be a great tool for dissidents of all stripes, but now I think it's actually a lot more likely to create incentives for government brutality instead.

The plausible deniability feature, for those unfamiliar, is a way of stuffing two encrypted volumes into a single encryption container. One password can be given away freely and will reveal one set of files. The very existence of the second encrypted volume is intended to be impossible to detect or prove. So when pressed, one can give up one password that reveals innocuous stuff (tax forms, phone numbers, forum passwords). Those demanding the password cannot tell if a second password (which might reveal your dastardly Furby-smuggling ring) even exists.

But if one uses a system with a plausible deniability feature, and there's a lot of free space in the volume one reveals freely, then the people demanding the password can certainly guess that a second volume is possible. Fifteen years ago, I thought that was great blow against The Man; now I think that's just a recipe for justifying torture.
posted by Western Infidels at 7:38 AM on February 24, 2012 [1 favorite]

It makes it much easier for the defendant to decrypt the ciphertext without giving the police the key itself.

But the defendant is not required to assist the prosecution in building a case against him, so that's not relevant.
posted by one more dead town's last parade at 7:38 AM on February 24, 2012

But the defendant is not required to assist the prosecution in building a case against him, so that's not relevant.

Sure they are. Do you think a DNA sample doesn't assist the prosecution? Participating in a line-up and reading a line for a witness? The Fifth Amendment does not contain a blanket prohibition against requiring the defendant's assistance. It has many important limitations.
posted by jedicus at 7:49 AM on February 24, 2012

But if one uses a system with a plausible deniability feature, and there's a lot of free space in the volume one reveals freely, then the people demanding the password can certainly guess that a second volume is possible. Fifteen years ago, I thought that was great blow against The Man; now I think that's just a recipe for justifying torture.

The genius/tragedy of torture is that, for the people inclined to use it, there's not much justification needed.
posted by phearlez at 7:51 AM on February 24, 2012 [1 favorite]

The Fifth Amendment does not contain a blanket prohibition against requiring the defendant's assistance.

No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.

posted by DU at 7:54 AM on February 24, 2012

Sure they are. Do you think a DNA sample doesn't assist the prosecution? Participating in a line-up and reading a line for a witness?

All of those things (and mug shots and fingerprints, which you mentioned above) can be obtained by following someone around in public.

You cannot, however, be forced to hand the state the contents of your brain to use as rope to hang you with.
posted by one more dead town's last parade at 7:54 AM on February 24, 2012 [3 favorites]

now I think that's just a recipe for justifying torture.

"Rubberhose cryptanalysis" as it's known, which the Rubberhose file system was designed to dissuade by making it technically impossible to prove that all of a volume's passwords had been revealed - even by the encrypter/victim. Of course, the alternative outcome is that the interrogators would simply keep up the torture indefinitely. Game theory would probably have something to say about this.
posted by phl at 7:57 AM on February 24, 2012

nor shall be compelled in any criminal case to be a witness against himself

You'll note that it does not say "nor shall be compelled in any criminal case to assist the prosecution." It specifically says "to be a witness" (i.e. to testify by speaking).

All of those things (and mug shots and fingerprints, which you mentioned above) can be obtained by following someone around in public.

Blood samples? Reading a particular line for a witness? You can't get either of those by following someone around. Anyway, this has nothing to do with public accessibility. I think you may be confusing it with the Fourth Amendment and warrants.
posted by jedicus at 8:02 AM on February 24, 2012 [1 favorite]

You cannot, however, be forced to hand the state the contents of your brain to use as rope to hang you with.

The defendant is not being required to state the contents of their brain. The police never learn the decryption key or password: the defendant enters it into a computer themselves. What the police do get are documents that the defendant created voluntarily (i.e. not under state compulsion) before being arrested.
posted by jedicus at 8:05 AM on February 24, 2012

Paper is just an extension of my brain. . . . Paper, computers, brain implants and brain CELLS are all made out of the same stuff. Why would information instantiation in one format have a different legal standing than another.

For the same reason we think its okay to burn paper but not humans, i.e. because the courts, oddly enough, treat people as if they were categorically different than inanimate objects.

I agree with your larger point but I don't think this is a good analogy. In a different sense, the inanimate objects are being treated the same as a witness against you.

I can't be forced to testify against myself but, if I confessed to someone else, they can be compelled to testify against me (spouse, attorney, and other exceptions notwithstanding).

My question is, if I confessed to someone and they are in hiding. If I'm the only one who knows where they are and how to contact them, can I be compelled to provide that information (IE, provide a phone number to call them or something)?
posted by VTX at 8:13 AM on February 24, 2012 [1 favorite]

For the same reason we think its okay to burn paper but not humans, i.e. because the courts, oddly enough, treat people as if they were categorically different than inanimate objects.

A completely false analogy. The courts are treating my BRAIN CELLS as a different category of STORAGE MEDIUM than paper and silicon. This is exactly why I brought up brain implants.

Or if you are hypothetical-averse: replacement limbs. If I use sign language to talk to myself about that awesome crime I committed, presumably I don't have to reveal that. What if I have a prosthetic hand? Did I "write it down" by transferring the information to a non-organic medium?
posted by DU at 8:18 AM on February 24, 2012 [1 favorite]

I think, the issue here, is that the prohibition against being forced to testify against yourself is there to prevent torture, not out of a universal philosophically consistent rule against self incrimination.

I don't see why a Justice system should have a problem with self incrimination. If the guilty incriminate themselves, that's a good thing.
posted by Richard Daly at 8:24 AM on February 24, 2012

the prohibition against being forced to testify against yourself is there to prevent torture, not out of a universal philosophically consistent rule against self incrimination.

In which case "tell me your password or I'll punch you" should still be illegal, right?
posted by DU at 8:26 AM on February 24, 2012

can I be compelled to provide that information (IE, provide a phone number to call them or something)?

I would think not because that's a testimonial statement and there is a separate right to silence. Now, suppose the defendant had earlier written down the witness's contact information. The defendant could be compelled to produce that document under the circumstances outlined in this case.

A completely false analogy.

I agree, and continuing that line of argumentation is a kind of a strawman. That's why I pointed out the relevant distinction in this case: "The difference is between compelling testimony and compelling production of a pre-existing document."

I think, the issue here, is that the prohibition against being forced to testify against yourself is there to prevent torture, not out of a universal philosophically consistent rule against self incrimination.

Torture is only an extreme version of compulsion. The distinction is between voluntary and involuntary self-incrimination. Involuntary self-incrimination invariably leads to abuse, whether it be torture, threats, indefinite detention, or what-have-you. So the focus is on involuntary self-incrimination, not the particular flavor of compulsion.

In which case "tell me your password or I'll punch you" should still be illegal, right?

Argh. The defendant is not being asked to tell anyone the password! The defendant is being asked to decrypt files that the defendant previously voluntarily created. This is one of the key distinctions upon which the result depends.
posted by jedicus at 8:31 AM on February 24, 2012 [1 favorite]

The defendant is not being required to state the contents of their brain. The police never learn the decryption key or password: the defendant enters it into a computer themselves. What the police do get are documents that the defendant created voluntarily (i.e. not under state compulsion) before being arrested.

It doesn't work like that. For a start, it could be easily argued that the act of entering the key into the computer, in that it uses a keyboard and intelligible Roman characters, constitutes a substantively testimonial act. (Leaving aside, for a moment, the issue of keyfiles.)

But more to the point: an encrypted volume, lacking its key, is definitionally indistinguishable from a block of random information. In a very real sense, therefore, it constitutes an algorithm or mnemonic for remembering information, and not that information itself. There is no way of proving what that file contains, short of the defendant inadvertently or voluntarily incriminating himself at some other time, or indeed whether such a file is even an encrypted container. Not only, therefore, does no meaningful information exist without information within the defendants knowledge, (which can very easily be claimed to be testimonial in nature,) there is no way of proving that the integrity of the suspected encrypted container is sound or that the defendant knows the key. (Save, as before, for the case where the defendant has already incriminated himself.)

The defendant participation suggested here is likewise substantively different from having a defendant participate in a lineup, because in a lineup it is the publicly visible characteristics of the defendant that are on display, not the contents of his mind, and the phrase he is compelled to speak as a voice sample is a parroting of another's speech, not his own personal testimony.
posted by fifthrider at 8:32 AM on February 24, 2012

The defendant is not being asked to tell anyone the password!

Whatever. The point is that Richard Daly said the rule was to prevent the use of torture as an evidence gathering tool. Compelling someone to type the password in doesn't get around that.
posted by DU at 8:33 AM on February 24, 2012

DU: The courts are treating my BRAIN CELLS as a different category of STORAGE MEDIUM than paper and silicon.

Eh, you can split that hair both ways, so to speak. In the case where another person testifies that you did indeed confess to them, the court is treating the witness's brain cells differently from your own brain cells, even though the ultimate source of the relevant information stored in both sets of brain cells is the same.
posted by Western Infidels at 8:35 AM on February 24, 2012

The defendant is not being asked to tell anyone the password!

The defendant is being asked to provide information, contained within his mind, that substantively assists the prosecution in establishing foundation for suspected evidence. Miranda v. Arizona, at the very least, indicates that that is legally fraught.
posted by fifthrider at 8:36 AM on February 24, 2012

The point is that Richard Daly said the rule was to prevent the use of torture as an evidence gathering tool.

Do you mean Richard Daley, former mayor of Chicago? What does his opinion on the Fifth Amendment's purpose have to do with anything? And once again, the Fifth Amendment is not about "gathering evidence." It's about testimonial statements. Entering a password is not a testimonial statement if the police already know of the existence, possession and control, and authenticity of the data contained on the encrypted drive.

The defendant is being asked to provide information, contained within his mind, that substantively assists the prosecution in establishing foundation for suspected evidence.

No, he isn't. The defendant does not provide the police with information contained within his mind. After the files are decrypted, the police do not have the password. That information is still secret. What the police do get are the contents of the files, and those are not protected by the Fifth Amendment.
posted by jedicus at 8:39 AM on February 24, 2012 [1 favorite]

The very existence of the second encrypted volume is intended to be impossible to detect or prove. So when pressed, one can give up one password that reveals innocuous stuff (tax forms, phone numbers, forum passwords). Those demanding the password cannot tell if a second password (which might reveal your dastardly Furby-smuggling ring) even exists.

IMO it's important that at least some of what ever you put in the encrypted drive be considered to be worthy of encryption. So if you've got 500GB of a 1TB drive encrypted with two volumes the first "I can reveal" better have nude pictures of your past girlfriends or something that isn't illegal but is something you wouldn't want your kids/parents/potential thiefs to have access to.
posted by Mitheral at 8:41 AM on February 24, 2012

It doesn't work like that. For a start, it could be easily argued that the act of entering the key into the computer, in that it uses a keyboard and intelligible Roman characters, constitutes a substantively testimonial act.

Yes, it does work like that. You can easily argue it but it would be wrong. There is no testimony because the information is not being conveyed to another person. The police do not get the password. The password remains a secret. There has been no testimony.

Not only, therefore, does no meaningful information exist without information within the defendants knowledge ... there is no way of proving that the integrity of the suspected encrypted container is sound or that the defendant knows the key

The court does not require absolute proof or even proof beyond a reasonable doubt at this stage. If the defendant is known to have downloaded certain files, and those files are not on an unencrypted part of the computer, and the encrypted drive is in the defendant's possession, then that's evidence that the files are on the encrypted drive. Similarly, if the drive is in the defendant's possession and there is no evidence that someone else has tampered with it, then there is evidence that the information is authentic and that the defendant knows the key.

The difficult case is one in which the defendant argues that he or she has forgotten the key. Can a court hold such a defendant in contempt? For how long?
posted by jedicus at 8:47 AM on February 24, 2012

The defendant is not being required to state the contents of their brain. The police never learn the decryption key or password: the defendant enters it into a computer themselves.

Given that the latter is produced directly from the former, this is a distinction without a difference. Whether it's on paper or electronic does not actually matter.

What the police do get are documents that the defendant created voluntarily (i.e. not under state compulsion) before being arrested.

The ciphertext was created voluntarily, and the prosecution is free to introduce it into evidence. Being required to create the plaintext from the ciphertext and the key is state compulsion.
posted by one more dead town's last parade at 8:47 AM on February 24, 2012

@jedicus:

You're not getting how public key encryption works: it's not a box. What it is is a cheatsheet for taking something you've memorized (the key) and, through a series of mathematical operations, converting it into a block of novel information.

But, to extend your inadequate box metaphor: public key encryption, properly implemented, is like a box, only you can't prove it's a box, or if it still contains what you think it contains even if it were a box, and you can't cut through the walls of the suspected box to prove it's a box. Also, you can't prove it's the defendant's hypothetical box, or that the defendant knows how to get into the box. (This is critical, because demonstrating that you know how to get into something is foundational testimony.) Moreover, what you think might be the box isn't even a box at all: it's instructions for making the box, written in a secret language that only the owner speaks.
posted by fifthrider at 8:47 AM on February 24, 2012

The ciphertext was created voluntarily, and the prosecution is free to introduce it into evidence. Being required to create the plaintext from the ciphertext and the key is state compulsion.

But it's not compulsion of a testimonial statement because the plaintext was already voluntarily created by the defendant prior to the encryption. That's the key difference because the privilege against self-incrimination only protects testimonial statements.

in a lineup it is the publicly visible characteristics of the defendant that are on display, not the contents of his mind, and the phrase he is compelled to speak as a voice sample is a parroting of another's speech, not his own personal testimony.

The defendant is not being compelled to give up the contents of his mind because the police never learn the password. What's being given up are the contents of the files, which are not protected by the Fifth Amendment. Anyway, I mentioned those examples primarily to show that the Fifth Amendment is not and never has been a blanket privilege against assisting the police or providing evidence.

You're not getting how public key encryption works

I have a couple of degrees in computer science. I know how public key encryption works, at least at a high level. I also know that drive encryption software (e.g. TrueCrypt) is typically not based on public key encryption but rather symmetric key encryption.

But the details of how it works are not relevant. What matters, legally, is that the defendant voluntarily created the plaintext at some point. Thus, the defendant can be compelled to produce it, so long as the act of production does not involve making a testimonial statement, such as admitting the existence, possession and control, and authenticity of the files. This is true whether the plaintext is encrypted, locked in a safe, or simply hidden.
posted by jedicus at 9:01 AM on February 24, 2012

All this back and forth about how encryption works is missing the point. If the prosecution can prove that the defendant has a particular document and it is relevant to the case, then the court can require the defendant to produce that document. How and where it is stored is irrelevant; you don't get a pass on producing the document because you stored in a particular way. In that case, the court can compel the decryption.
posted by nave at 9:04 AM on February 24, 2012 [1 favorite]

(This is critical, because demonstrating that you know how to get into something is foundational testimony.)

It's a good thing that the police must have separate evidence of the existence, possession and control, and authenticity of the files, then.
posted by jedicus at 9:04 AM on February 24, 2012

If a defendant hypothetically had an indestructible safe with a combination lock, could he be held in contempt for refusing to tell police the code? If he claimed he forgot/never knew the code, how long could he be held in contempt?
posted by crayz at 9:21 AM on February 24, 2012

But it's not compulsion of a testimonial statement because the plaintext was already voluntarily created by the defendant prior to the encryption.

You're assuming that the plaintext still exists, which it probably doesn't. You're requiring the defendant to create evidence against himself by using a secret in his brain. This is impermissible.

Similarly, if the documents were in a language spoken only by the defendant, you could not compel him to translate them without trampling all over the Fifth Amendment.
posted by one more dead town's last parade at 9:28 AM on February 24, 2012 [1 favorite]

You're assuming that the plaintext still exists, which it probably doesn't. You're requiring the defendant to create evidence against himself by using a secret in his brain. This is impermissible.

I did not assume that. That's why I said "the plaintext was already voluntarily created" and not "the plaintext still exists." It was voluntarily created by the defendant and then the defendant voluntarily transformed it into ciphertext.

But in any case, the information represented by the plaintext still exists. Encryption does not destroy information but rather transforms it, or else the encryption would not be reversible. This is about compelling the defendant to reverse that transformation, not to create the information anew.

That's the important distinction between a case like this and a case where the file was deleted (for simplicity we'll assume it was deleted through no fault of the defendant). Compelling the defendant to recreate a deleted file from his or her memory would be compelling a testimonial statement.
posted by jedicus at 9:36 AM on February 24, 2012

Again, you can't force a defendant to tell you secrets in order to give you more rope to hang him with.
posted by one more dead town's last parade at 9:40 AM on February 24, 2012

I gotta say, by the way, that I don't understand the approach that a lot of people are taking to this discussion. I'm explaining what the law appears to be (I say appears because it's still developing).* I'm not necessarily arguing that this is how it must be or ought to be, although frankly I don't see anything particularly objectionable about this decision. Various folks seem to feel that the law should be different, and that's fine, but that's largely unrelated to what the law is, descriptively.

* And to be clear I'm describing the law as part of the ethical aspiration of educating the public about the law. I am not giving legal advice. Anyone whose rights may be affected by this issue should hire a competent attorney in their jurisdiction.
posted by jedicus at 9:43 AM on February 24, 2012 [2 favorites]

Various folks seem to feel that the law should be different, and that's fine, but that's largely unrelated to what the law is, descriptively.

A distinction often lost here.
posted by Ironmouth at 9:44 AM on February 24, 2012

Again, you can't force a defendant to tell you secrets in order to give you more rope to hang him with.

Again, the Fifth Amendment does not protect "secrets" but rather testimonial statements. What testimonial statement does the defendant make in a case like this? To whom does he or she make it? The police do not learn the password and the information represented by the plaintext is not a testimonial statement under the Fifth Amendment. The act of entering the password is not a testimonial statement if the police have separate evidence of the existence, possession and control, and authenticity of the files. If you're going to argue that the law should be different then you'll have to argue within the relevant legal context.

(I am not, by the way, making some sort of "legal priesthood" argument. I've made it clear on MeFi before that I don't think the law or legal reasoning are particularly difficult to understand, though the may be a bit tedious at times (heck, that's one of the reasons I created my blog). I encourage anyone interested in these issues to read the relevant cases; they're all available for free online through, for example, Google Scholar.)
posted by jedicus at 9:51 AM on February 24, 2012 [1 favorite]

I'm explaining what the law appears to be

Oh, I wouldn't be surprised if SCOTUS, as currently composed, agreed with you. However, that would not make their interpretation of the law any more correct than it was in Plessy or Dred Scott.
posted by one more dead town's last parade at 9:51 AM on February 24, 2012

Oh, I wouldn't be surprised if SCOTUS, as currently composed, agreed with you. However, that would not make their interpretation of the law any more correct than it was in Plessy or Dred Scott.

Then I suggest reframing your statements in normative terms. Here's how I would argue your position, for example: "Science has shown that computers and stored memory become part of a person's extended self. Thus, stored data should be considered an extension of a person's memory, and compelling a person to assist the police in retrieving that data should be considered a compelled testimonial statement under the Fifth Amendment."

In addition to being, quite frankly, a much better argument, this neatly avoids the "yes it is! no it isn't!" problem that invariably happens when one person is describing a situation descriptively and the other person is describing it normatively but in descriptive terms.

But, I tell you, if the Supreme Court held that encryption was a magic barrier to prosecution for crimes like possession of child pornography, then the result would be one of two things: either a massive increase in alternative—and arguably worse—forms of evidence-gathering (e.g. government spyware, bugging people's homes) or a Constitutional amendment that would compromise the Fifth Amendment.
posted by jedicus at 10:02 AM on February 24, 2012 [1 favorite]

The act of entering the password is not a testimonial statement if the police have separate evidence of the existence, possession and control, and authenticity of the files.

Entering the password is still a testimonial statement that the files belong to the person at the keyboard. The defendant is not required to admit that the files are his if that's incriminating.

alternative—and arguably worse—forms of evidence-gathering (e.g. government spyware, bugging people's homes)

These require warrants, and can't be used as retroactive fishing expeditions.

At this point, if the key evidence is encrypted data, and the alternative is worse, you can just refuse to enter the password and be jailed for contempt long enough that you actually forget the password, at which point you walk free.
posted by one more dead town's last parade at 10:19 AM on February 24, 2012

Entering the password is still a testimonial statement that the files belong to the person at the keyboard.

Did you miss the "separate evidence of ... possession and control ... of the files" part? That includes the fact that the files belong to the person at the keyboard.

These require warrants, and can't be used as retroactive fishing expeditions.

I didn't say that the spyware would be installed without consent. If people voluntarily agree to be spied on, then no warrant is required, and the evidence is pretty clear that people will happily install all kinds of nonsense.

And as for bugging someone's home: that does require a warrant, but that only requires probable cause. If someone downloads a file from a government honeypot, that could well lead to a warrant.

Also, just to be clear, there's no retroactive fishing expedition here because of all of the separate evidence that the prosecution has to have. Were it a matter of obtaining a warrant, for example, they would already have enough evidence for one.

At this point, if the key evidence is encrypted data, and the alternative is worse, you can just refuse to enter the password and be jailed for contempt long enough that you actually forget the password, at which point you walk free.

Assuming that the court believes that you've actually forgotten it. That's why the result in a case of a forgotten password is much more interesting to me than this one.
posted by jedicus at 10:28 AM on February 24, 2012

I'll expand on my earlier comment about brain reading technology by observing :

There are many European countries with substantially more freedom than offered by the U.S. in this respect, i.e. they employ substantially stronger protections for the accused than the Bill of Rights. Assange routed all wikileaks submissions through Belgium for example because police aren't permitted to attempt to discern a journalists sources by any means in Belgium.

If any brain reading technology appeared tomorrow, there would be an enormous debate about when courts should use it in the U.S., complete with Jack Bower hooking up the terrorists on TV. European courts would otoh simply slap it down uniformly as violating Article 6 § 1 of the European Convention on Human Rights, or Article 10 of the Universal Declaration of Human Rights.
posted by jeffburdges at 10:38 AM on February 24, 2012 [1 favorite]

Did you miss the "separate evidence of ... possession and control ... of the files" part?

No. Why are you assuming that the defendant admits that the files are his? Refusing to do so would be an extension of his denial that the files are his. "Not my files, no point."

Also, just to be clear, there's no retroactive fishing expedition here because of all of the separate evidence that the prosecution has to have. Were it a matter of obtaining a warrant, for example, they would already have enough evidence for one.

Let's assume the court only wants break-and-enter.jpg. If that file exists on an encrypted volume, which is decrypted all at once, do you really think where-i-buried-the-bodies.txt isn't also going to be used once it's found?

Assuming that the court believes that you've actually forgotten it.

Given that the court would have no reason to believe you were lying (since you'd been truthful but non-compliant up to that point), they'd be on the fast track to holding you without any legal justification.
posted by one more dead town's last parade at 10:52 AM on February 24, 2012

No. Why are you assuming that the defendant admits that the files are his? Refusing to do so would be an extension of his denial that the files are his. "Not my files, no point."

The defendant wouldn't have to admit anything. For example, if the defendant lives alone and credit card data/receipts/warranty information show that he or she purchased the drive in question, that's pretty good evidence that the drive and its contents have been in the defendant's possession and control.

Let's assume the court only wants break-and-enter.jpg. If that file exists on an encrypted volume, which is decrypted all at once, do you really think where-i-buried-the-bodies.txt isn't also going to be used once it's found?

If the drive hadn't been encrypted the police would have been able to look through the whole thing anyway. Adding encryption doesn't really change the legal analysis there. Do you also have a problem with the plain view doctrine? (Honest question: I'm trying to suss out just how heterodox your views are.)

Given that the court would have no reason to believe you were lying (since you'd been truthful but non-compliant up to that point), they'd be on the fast track to holding you without any legal justification.

Sure the defendant has a reason for lying: they want to get out of jail without having to decrypt the drive. Forgetting the password (or claiming to) is pretty much the only way to do that. That's what makes it such a difficult case.
posted by jedicus at 11:11 AM on February 24, 2012 [1 favorite]

I am pretty sure I saw an article discussing this where someone did successfully use the "forgot my password" defense. Unfortunately, I'm not sure where I saw it, but I know it was related to this case, in sort of a "oh, by the way, this happened a couple years ago."
posted by [insert clever name here] at 11:14 AM on February 24, 2012

If the drive hadn't been encrypted the police would have been able to look through the whole thing anyway.

Well, yes. The same could be said for a document printed out and stuck in a folder.

Adding encryption doesn't really change the legal analysis there.

Not quite. If I've put the files in an archive so that I can't reveal File A (which you know about) without revealing File B (which you don't know about, and which reveals a crime nobody knows about), I don't have to decrypt the archive because it would reveal File B, but I don't have to tell you why I don't have to reveal File B, or even that File B exists.

Do you also have a problem with the plain view doctrine?

No, but encrypted files aren't in plain view.

I'm trying to suss out just how heterodox your views are.

Not very.
posted by one more dead town's last parade at 11:25 AM on February 24, 2012

No, but encrypted files aren't in plain view.

Well, you're talking about a situation in which the entire volume is decrypted at once. The same rationale behind the plain view doctrine applies after the decryption has occurred. The search for evidence of one crime does not preclude the possibility of finding evidence of another crime, and vice versa. And of course the subpoena would be for the whole drive anyway.

Not quite. If I've put the files in an archive so that I can't reveal File A (which you know about) without revealing File B (which you don't know about, and which reveals a crime nobody knows about), I don't have to decrypt the archive because it would reveal File B, but I don't have to tell you why I don't have to reveal File B, or even that File B exists.

See above for why I don't think that argument works as a legal matter, but as a matter of policy it would encourage people to commit a minor crime and then store a confession on the encrypted drive. That's the kind of absurd result that a court just isn't going to buy into.
posted by jedicus at 11:55 AM on February 24, 2012

as a matter of policy it would encourage people to commit a minor crime and then store a confession on the encrypted drive

Yes, I agree, and that's kind of silly, but it does offer that sort of protection. However, either the forced disclosure of previously unknown File B leads to File B and anything derived from it, or the fact that File B exists allows you to refuse to decrypt File A. The prosecution doesn't get to have it both ways.

Again, depending on how damning the encrypted files are, the best option may just be to sit in jail for contempt until you've forgotten the password. That way, the court bears full responsibility for destroying the evidence.
posted by one more dead town's last parade at 12:10 PM on February 24, 2012

Sure the defendant has a reason for lying: they want to get out of jail without having to decrypt the drive.

A judge's hunch does not constitute evidence that you're lying, especially without a history of having done so.
posted by one more dead town's last parade at 12:12 PM on February 24, 2012

However, either the forced disclosure of previously unknown File B leads to File B and anything derived from it, or the fact that File B exists allows you to refuse to decrypt File A. The prosecution doesn't get to have it both ways.

There's no contradiction or paradox or whatever you're implying. The answer is almost certainly "the forced disclosure of previously unknown File B leads to File B and anything derived from it." If the police in Boucher found a murder confession in the decrypted volume then that would have been fair game.

A judge's hunch does not constitute evidence that you're lying, especially without a history of having done so.

The only reason a judge could compel decryption in the first place is if there was separate evidence of existence, possession and control, and authenticity of incriminating evidence on the drive. If those are established, then it is a reasonable inference that the defendant remembers the password, especially if there is evidence that the drive was recently used (e.g. S.M.A.R.T. data, which drive encryption software generally can't or doesn't falsify). If the defendant then claims to have forgotten the password in the face of the contempt sanction, it's reasonable to infer that the defendant is simply lying in order to avoid both contempt and prosecution for the alleged crime.

But of course it's essentially impossible to prove that the defendant is lying, so what can the court do? Hold the defendant in contempt forever? As long as the maximum sentence for the alleged crime? Until a reasonable person would have cracked? And if the judge decides the person was telling the truth after all, do they get compensated somehow? It's a real mess.
posted by jedicus at 12:28 PM on February 24, 2012

If you believe that a defendant can be compelled to recreate evidence against him (by combining the ciphertext and key) despite the Fifth Amendment, what about the following hypotheticals?

1. The evidence against the defendant is written in a language that only the defendant can read. Can the defendant be compelled to translate the text into a language that the court can use?
2. The evidence against the defendant is stored in a format readable only by a program written by the defendant, of which no copy exists, but the defendant has the source code memorized. Can the defendant be compelled to rewrite the program so that the file can be interpreted?
3. The evidence against the defendant is on a removable storage medium invented by the defendant, but prior to the subpoena, the drive itself and any documentation that might help a third party rebuild it have been destroyed. The defendant, however, has it all memorized. Can he be compelled to build a new drive, or to assist the court in doing so?

And if the answers to these are different, why are they different?
posted by one more dead town's last parade at 12:33 PM on February 24, 2012

The answer is almost certainly "the forced disclosure of previously unknown File B leads to File B and anything derived from it."

Then the answer is also "I invoke my Fifth Amendment right against self-incrimination." Can't brute-force the key? Not my problem. (Can brute-force the key? Very much my problem.)

what can the court do? Hold the defendant in contempt forever?
Illegal.

As long as the maximum sentence for the alleged crime?
Punitive, and therefore illegal.

Until a reasonable person would have cracked?
Probably this one.

And if the judge decides the person was telling the truth after all, do they get compensated somehow?
They should, but you wouldn't see it happen.
posted by one more dead town's last parade at 12:44 PM on February 24, 2012

What is the suspect is a multidimensional energy being, and has hidden the evidence in another dimension, which our puny human scientists cannot access? Can the court compel said multidimensional energy being to return the evidence to our dimension?
posted by Banky_Edwards at 12:50 PM on February 24, 2012

If you believe that a defendant can be compelled to recreate evidence against him

As explained, the defendant isn't recreating anything. The information represented by the plaintext has only been transformed, not destroyed. There is no recreation going on.

Translation by the defendant involves recreation of the information.

Recreating the program, assisting in the creation of a reading device, and (to a lesser extent) translation also involve giving up the contents of the person's mind. They also require so much effort on the part of the defendant that it starts to run afoul of the 13th Amendment. The judge can't use civil contempt to compel the defendant to do work for the government, since the exception to the 13th Amendment only applies to punishing someone who has been convicted of a crime.

It's worth noting that there haven't been any forced translation cases, as far as my research indicates, so it's not even a foregone conclusion (heh) that a defendant couldn't be compelled to do so, although I think they couldn't.

Illegal.

State civil contempt can go on pretty much indefinitely as long as the contemnor has the ability to end the contempt at any time by cooperating. In some cases people have been held in contempt for several years. At the federal level it's limited to 18 months, though.

Punitive, and therefore illegal.

Setting a particular length of contempt tends to make the contempt criminal rather than civil. I wasn't suggesting that the contempt have a defined length but rather that it have a defined limit.
posted by jedicus at 1:02 PM on February 24, 2012

As explained, the defendant isn't recreating anything. The information represented by the plaintext has only been transformed, not destroyed. There is no recreation going on.
Translation by the defendant involves recreation of the information.

I really don't see the difference between these two. Both require the defendant's brain to succeed, and if the defendant dies or is otherwise permanently incapacitated, the information is lost to the ages.

(I'm not suggesting that the defendant be enslaved in the orphaned-format examples—if you want, give him an army of laborers to do the work for him and let him sit back and supervise from an easy chair—I just don't think he has to help the prosecution solve the puzzle.)
posted by one more dead town's last parade at 1:13 PM on February 24, 2012

one more dead town's last parade: If you believe that a defendant can be compelled to recreate evidence against him (by combining the ciphertext and key) despite the Fifth Amendment, what about the following hypotheticals?

1. The evidence against the defendant is written in a language that only the defendant can read. Can the defendant be compelled to translate the text into a language that the court can use?
2. The evidence against the defendant is stored in a format readable only by a program written by the defendant, of which no copy exists, but the defendant has the source code memorized. Can the defendant be compelled to rewrite the program so that the file can be interpreted?
3. The evidence against the defendant is on a removable storage medium invented by the defendant, but prior to the subpoena, the drive itself and any documentation that might help a third party rebuild it have been destroyed. The defendant, however, has it all memorized. Can he be compelled to build a new drive, or to assist the court in doing so?

And if the answers to these are different, why are they different

See, this is what I find baffling about how the law will handle encryption, especially in scenario #2/#3: you can make encryption forms that get so far from actual data being stored that the idea of presenting that data, even under court order, could effectively be indistinguishable from actually recreating that data anew. I find the legal discussion interesting, but I can't help but think the technology is entering spaces the law can't actually handle.


For example, I've long had a simple encryption idea (probably already invented, since it's just a form of obstruse steganography) that I'm curious about its efficacy- and how it would work in regards to the 4th/5th amendment and compulsion. Let's say I've gone and downloaded some especially heinous kiddy porn, or perhaps detailed plans for another 9/11 hijacking, etc- something that if found would have me locked up for years, and is about oh 20MB in size. Heck, it could just be the truth, which is that ever since I heard about Silk Road I've been interested in learning more about Tor and TrueCrypt.

However, being a mediocre but determined hacked/coder, I've gone and invented my own entirely custom "encryption"/storage mechanism that works like this: the user thinks of some mnemonic or other way of remembering a set of innocent and existing files, such as a particular playlist order of one's favorite "Queen" tracks in your Mp3 folder, each ~5MB, and each with an embedded "album art" photo. Or maybe it's a set of picture files, or a particular set of .dll's and versions found in my Windows\WinSxS folder- really, any set of otherwise meaningless files that are not likely volatile.

So if I load my custom program, and then tell it to load the set of Queen songs in the exact order I define, and my program then loads up the songs in that order, so song 1 is bytes 0-5MB, songs 2, 3, and 4 are bytes 5MB-10MB, 10MB-15MB, and 15MB-20MB, and song 5 is 0-5MB overwritten with an AND or OR or XOR or some other bit mapping, I'll end up after loading say ~20 or 40 songs in an order that no one could every actually begin to guess. This will give me a 20MB file of gibberish, and there would exist some bitmask that would turn that gibberish into a coherent video file. Technically, there exists some bitmask that turns that gibberish into any coherent file of the same size. That bitmask is stored/striped/hidden in those embedded "album art" photos. There would presumably also be a hashing passphrase- or two, or three, or four, etc, which could be unrelated mnemonic phrases, or segments of lyrics from the songs, etc- which I would be able to easily remember if I wanted to recreate the file. Lastly, there could be options for other mutations such as grabbing every other bit, or inverting the bits, or following some relatively easy to remember but complicated algorithm that would further scramble/unscramble the file. The core point here is that the file would be recreated through complicated steps entirely in the mind of the user, and never actually exist until just before the user wanted it to exist.

Now, whenever I want to view my battle plans, or watch child porn, or just track my drug orders from Silk Road, I'd recreate this file through a process stored entirely in my head. But the key element here is that there is a "file" on my drive that only exists by assembling other files, plus passphrase information, and where those files don't even show any steganographic elements (i.e., the album art, if you even thought to look there, would at best have small amounts of junk data). And if I wanted to "destroy" the data I could do something as innocuous as rating a song as 4 stars instead of 5. Hell, I could have an old iPod with song ratings on it, the mere act of plugging it in and having it sync would "erase" my hidden file.


Now, if I understand jedicus' point, it's that the knowledge of that file having been downloaded would be enough for the courts/police to compel me to produce the file, as "foundation"- they can't go on a fishing expedition but if they are looking for a specific file the encryption method itself, no matter how obtuse or arduous, is irrelevant. But since it's ridiculously steganographic, can they even prove I have a file? There's no "encrypteddrive.bin", there's not even recognizably junk data at the tail end of an image file, so it's not even plausible deniability: it's complete deniability. If they can't make their case from a download entry in a web server log, they have no case from the contents of my seized computer.


And that I think goes to the points that DU and one more dead town's last parade are trying to make, that can you really compel the decryption of a drive or producing of a file when at a certain point it might be impossible to prove there even is anything incriminating- much less specific documents for that "foundation" argument mentioned. I mean, you can guess that even a truecrypt hidden volume contains other, worse stuff... but how do you prove it? And what do you do if you compel the decryption but don't find what you are looking for- can you start a separate case for other items found?
posted by hincandenza at 1:42 PM on February 24, 2012

Oh, and sorry for the verbosity- that got kind of long.

Actually, to be honest I secretly embedded plans to kidnap jedicus in the above comment, which only looks like the ramblings of a long-winded gasbag. Can you decipher the hidden message? :)
posted by hincandenza at 1:43 PM on February 24, 2012

i.e., the album art, if you even thought to look there, would at best have small amounts of junk data

The problem with your scheme is that your bitmask wouldn't be a small amount of data, it would be around the same size as your hidden video file and would effectively be an encrypted version of the video file. It's a little more obvious if you think about it in terms of text rather than bytes. Let's say your audio file scheme results in a big chunk of gibberish text the same size as your plaintext you want to hide. How do you make your bitmask for the text, i.e. come up with instructions for turning the gibberish to your plaintext? Well the most obvious way would be to store each letter's offset from the target letter, and since the value of that offset is never going to be higher than the total number of unique characters, you can express each offset as a letter. At that point your gibberish file is effectively a one time pad and your "bitmask" data is the ciphertext. Since you are using arbitrary data as an encryption key, this is not really any different than using a file's contents as a key for any other kind of encryption, and all of your security rests on keeping that key a secret.
posted by burnmp3s at 2:07 PM on February 24, 2012

Oh, I'd considered that- the core of the scheme is basically a one-time pad, of sorts, since I can turn any file of size N into another file of size N using an arbitrary bitmask- so yes the bitmask starts at size N. And I did note that this is just basic steganography, but instead of hiding data in a file, it's hiding it across so many files that you couldn't recreate it without a very exacting sequence.

The thinking is that the file combinations could be done in a way that the bitmask has large sections of uniform data, and thus is more compressible- or at least stored off on another set of files of approximately the same collective size where the junk data wouldn't be as obvious (are the police going to test every file on your drive as valid- such as .dll's, .docs, etc). The example of the album art was one of "would anyone even think to look, or if the album art was junk data would they notice in most MP3 players that simply showed no picture if it got a format it couldn't handle"?
posted by hincandenza at 2:20 PM on February 24, 2012

I design my important passwords to be both easily rememberable when I want to remember them and easily forgettable when I wish to finally dump them.  I donno if I could consciously forget a password under duress, but I might make myself believe that I had, well the human mind is very complex that way.

There is an EFF article about crossing the U.S. boarder that advises travelers to store their data encrypted online, not on their computer, or failing that, to encrypt the data with a password they do not know, but can re-obtain after crossing the boarder, such as by xoring together several AES keys.   There isn't much they can do to force you to disclose a password that you must reobtain piecemeal from multiple others who reside in multiple nations, jedicus. I kinda doubt the courts could even compel you to reveal with whom you'd left the password fragments.
posted by jeffburdges at 2:30 PM on February 24, 2012

The thinking is that the file combinations could be done in a way that the bitmask has large sections of uniform data, and thus is more compressible

Not really possible. At the end of the day you are talking about storing X bits of random data using less X bits of space and that's simply not going to happen. Compression only works if there are exploitable regularities to the data and in your scheme the data is pseudo-random by design.

The example of the album art was one of "would anyone even think to look, or if the album art was junk data would they notice in most MP3 players that simply showed no picture if it got a format it couldn't handle"?

They would probably think to look there because if you ever planned to actually watch the video presumably you would have a decryption program, and your decryption program would have to have an option to grab data out of album art. The key is effectively your memory of the order of files and the data of the files, and since the data of the files are not secret than the only secret you are hiding is the order of the files. So your scheme is not any more cryptographically secure than simply using normal encryption with a key of "Track 1: (I Can't Get No) Satisfaction, Track 2:...", everything else is security by obscurity that you could put on top of any encryption scheme.
posted by burnmp3s at 2:37 PM on February 24, 2012

What happens if you "lose" your private key? If you have big secrets to hide, surely you're not going to keep the private key on the same partition.
posted by double block and bleed at 2:50 PM on February 24, 2012

Or, to over-beanplate it:

My decryption program pulls my private key from a darknet server. After each use, my local client wipes the local copy of the key and associated metadata. I've programmed the server to DoD-shred the drive containing the original key along with anything else that could incriminate me and to refill the drive with legally purchased Pat Boone songs and translations of The Book of Mormon in several languages if I don't log in every 2 days. I've been in police custody and unable to touch a computer for 3 days. I will provide my encryption password if asked, not that it will help them much.
posted by double block and bleed at 3:15 PM on February 24, 2012