Ruling could force Americans to decrypt laptops
(CNET) American citizens can be ordered to decrypt their PGP-scrambled hard drives for police to peruse for incriminating files, a federal judge in Colorado ruled today in what could become a precedent-setting case.
Judge Robert Blackburn ordered a Peyton, Colo. woman to decrypt the hard drive of a Toshiba laptop computer no later than February 21 -- or face the consequences, presumably including contempt of court.
Blackburn, a George W. Bush appointee, ruled that the Fifth Amendment posed no barrier to his decryption order. The Fifth Amendment says that nobody man be "compelled in any criminal case to be a witness against himself," which has become known as the right to avoid self-incrimination.
"I find and conclude that the Fifth Amendment is not implicated by requiring production of the unencrypted contents of the Toshiba Satellite M305 laptop computer," Blackburn wrote in a 10-page opinion today. He said the All Writs Act, which dates back to 1789 and has been used to require telephone companies to aid in surveillance, could be invoked in decrypting hard drives as well.
More:
http://www.cbsnews.com/8301-205_162-57364339/ruling-could-force-americans-to-decrypt-their-laptops/
Fool Count
(1,230 posts)Can they throw her in jail for being forgetful?
Tunkamerica
(4,444 posts)caseymoz
(5,763 posts)Last edited Tue Jan 24, 2012, 11:27 AM - Edit history (1)
It's not like it's a person you've spent time with and interviewed. People forget their passwords all the time, especially if they haven't used them in a while, including if they're in jail awaiting trial. And if you're like, over fifty . . .
Man, this is a bad ruling.
RKP5637
(67,111 posts)hack89
(39,171 posts)and how often she had accessed the drive the "I forgot" defense becomes very hard.
It may be hard with a thumb drive but is very easy with a laptop.
limpyhobbler
(8,244 posts)about these political activists in Iran and Egypt that were being tortured by the police to give up their Facebook and Twitter passwords.
RKP5637
(67,111 posts)TBF
(32,067 posts)this is how we communicate now & when folks want to limit that we need to fight for our first amendment rights
Kablooie
(18,634 posts)It seems to be the one point that most of us on both sides agree on.
They are wary of too much government intrusion in our personal lives as well.
TBF
(32,067 posts)because Ron Paul benefits as well. It have been very frustrating for me to watch progressives take up with him based on his anti-war stance (but for the wrong reasons - he just doesn't want to spend money on war), medicinal marijuana, and first amendment issues. We know on the flip side he is racist, misogynist and in favor of very limited government - which of course means the rush to austerity would be even quicker. Similarly, the libertarians in Silicon Valley (dot com owners) are the ones fighting SOPA/PIPA for us.
Suffice it to say I am not a fan of Eric Holder and I am finding most politicians very difficult to listen to these days. The one I can truly say I still support is Bernie Sanders. I wish he had more influence.
crikkett
(5,537 posts)even if those was the only three things that happened under Ron Paul, the world would be such an incredibly better place that Ron would earn his place on Mt Rushmore, if not on stained glass.
As it is, I believe that Ron Paul's goals are about as realistic as Obama's promises to end torture and close Gitmo.
All I wanted was for Obama to close the torture centers and since I voted for him, they've been doubled (Bagram) and made legal (NDAA).
TBF
(32,067 posts)safety nets destroyed for example. I'm not willing to let that happen.
Response to TBF (Reply #43)
Post removed
TBF
(32,067 posts)but he would have support from the republican house (and senate if we lose a few seats) to completely wipe out Social Security.
My view - I'd like to see ALL overseas bases closed and military spending condensed to taking care of our current Vets and defending our borders only - but thinking that will happen while we still have capitalism as an economic system is naive at best.
crikkett
(5,537 posts)But that doesn't make me want to give my vote to Obama again, and I'm not convinced SS can be privatized at this point in time, no matter who's President.
TBF
(32,067 posts)although the Senate currently would not support it. But maybe it would be like SOPA - once folks figure out what they're doing they would raise a loud enough fuss to get it tabled.
dreamnightwind
(4,775 posts)He said he's willing to consider ways to limit runaway spending in Medicare, Medicaid, and Social Security in order to get the tax cuts for the rich repealed. Hopefully my memory is accurate. I'm certain he included Social Security in this context in the speech. I'm not certain it was in relation to the tax cut repeals, I think so though.
I'm somewhat confident we can fend off attacks on Social Security if a Republican (or Libertarian) is POTUS. I'm much more concerned with our ability to fend them off when a Democratic POTUS puts them on the table. The changes to Social Security then get the benefit of support from the Dems who feel obligated to support anything our POTUS does, or who feel it must be ok since their guy is behind it. We saw this under Clinton, he got things through that G.H.W. Bush couldn't. We're seeing it now, too. Health care reform was a slightly modified Heritage Foundation plan, as I understand it.
Dems have to realize that's it's ok to give/withhold support of policy proposals based on the policies themselves, not based on who is championing them. I realize that's not a real popular sentiment with many on this board, but it needs to be said and said often.
TBF
(32,067 posts)I think it's as simple as Wall Street wanting SS privatized so they profit off the transactions (and both parties are swimming in donations from the Street).
OK to withhold policy support of course - we see folks doing that here all the time.
Personally I don't really think it's going to matter until we get rid of the capitalism. This system rewards greed so that is the behavior we are going to see.
opposes abortion, too. Would not be very good for women's rights to make decisions about their own bodies.
TBF
(32,067 posts)MidwestTransplant
(8,015 posts)zipplewrath
(16,646 posts)If this is pursued very far, I suspect it won't stand. Predominately because it rests upon the assertion that a person can be forced to speak (communicate actually). And since "corporations are people", there will be no small amount of interest at the corporate level to protect a corporation from forcibly decrypting their information.
It won't stop them from trying to "crack" the encryption, but I suspect they can no more force you to decrypt files as they can force you to tell them where the bodies are buried.
Kablooie
(18,634 posts)You can be compelled to do that.
It's not considered a 5th amendment right.
Pab Sungenis
(9,612 posts)But, also, last week I would have thought that the ruling in the GPS tracking case would be 5-4 at best, not unanimous.
Has there ever been a case where the court compelled someone to translate writing that they had done in code? That would be a better parallel than the keys to a safe.
suffragette
(12,232 posts)From what I've been reading, Sotomayor in particular specifically brought up issues about privacy in a digital age.
Though those don't extend to this situation, she seems to be looking more specifically at how some past law needs to be rethought due to modern systems, which seems to bode a step in the right direction.
http://arstechnica.com/tech-policy/news/2012/01/supreme-court-holds-warrantless-gps-tracking-unconstitutional.ars
http://boston.com/community/blogs/on_liberty/2012/01/victory_government_must_get_a.html
zipplewrath
(16,646 posts)That's a "property" issue. The problem with this situation is the interaction with the right to remain silent. It's dicey I'll agree, but since some folks only have passwords "in their heads", it runs up against the right to self incrimination, not to mention the lawyer/client privledge (which is the only truly sacrosanct rule the courts consistently recognize). They can ultimately force their way into/onto your property, even to the point of destruction/seziure. The problem here is that they can "force" you to communicate. But I'll admit, with the current SC, ya never know.
Kablooie
(18,634 posts)There is a reasonable expectation that you would know the combination to a safe you control and you don't have the right to withhold it if there is a warrant.
cstanleytech
(26,297 posts)themselves it just takes time the same with encryption really in the end it would just take them time to crack it.
caseymoz
(5,763 posts)People have to keep in mind, when thinking about these, that there's a huge difference between material things and these ideas we now have dancing around in electrons. Sometimes these "real world" analogies have to be examined pretty closely, and what looks self-apparent isn't.
A tangent: This is also true in regards to intellectual property. "Stealing" them, whatever the morality of it is, is quite different from "stealing" something in the material world. If you "steal" a car in the material world, you simply take it. If you did it in the way you "stole" a movie, you would make a copy of it, drive it away, while the owner would still have the original. If stealing, historically, were like that, there would be nothing wrong with it. A key component of stealing is that you deprive the owner of its use.
caseymoz
(5,763 posts)It's not like you keep something tangible in a computer. What you have their are ideas that have to be communicated to people or other computers to have any direct effect on the tangible, macroscopic, material world. Even if it were documents in the safe, those are tangible. Those would be similar to the actual computer you have something on. If the papers were encrypted, what would be on those sheets are random letters and numbers. The computer is like the piece of paper, not like the safe.
You could then put your computer in a safe, and they can require you to open the safe. Decrypting your computer, though, would be like telling them what you said, or what you thought that day. In fact, if they're going to demand your password, why don't you just save the trouble and tell them what's in there? See how this would be like violating the 5th?
No, this is a free speech issue, the Bush appointed judge is smoking crack. What a surprise from the president who saddled us with Clarence Thomas.
AtheistCrusader
(33,982 posts)Pab Sungenis
(9,612 posts)It's a question of cryptography, not locksmithing. If I write something in a language only I understand but is gibberish to everyone else, can I be forced to translate it into English?
And can you even trust my translation if I made up the cipher? There are encryption techniques that will allow you to have a dummy partition opened by a different password. If the dummy password is entered, then none of the real encrypted files are accessible, only a relatively empty or innocuous partition. How can they be sure that they're getting the right password.
It's a minefield, both in Constitutional and real-world scope.
hobbit709
(41,694 posts)Inside my skull.
Kablooie
(18,634 posts)hobbit709
(41,694 posts)Kablooie
(18,634 posts)caseymoz
(5,763 posts)They'll soon be able to "crack" your thoughts. And once they crack the code the human brain uses, thoughts can't be personally encrypted, unlike what's in your computer. It will circumvent your 5th, 4th and 1st amendment rights.
Sorry if I ruined your day. But we don't want the government looking for loopholes. They will find them.
bakpakr
(168 posts)Have a program that utilizes two passwords. One to access the data as usual. The second if entered wipes the drive. When they force you to give up your password you give them the second.
ProgressiveProfessor
(22,144 posts)The drive is backed up ahead of time.
Trying that approach will get you ruled in contempt of court and off to jail you go.
caseymoz
(5,763 posts)The sad truth is, like Citizens United, there's no substitute to getting this ruling knocked out. That would take a judge who has respect for rights.
AtheistCrusader
(33,982 posts)One password decrypts to some plain jane nonsense you don't care about, another password decrypts the stuff you actually care about. They are encrypted, hidden partitions.
Not easy to set up, but worth it, in case you are forced to divulge a password.
Xithras
(16,191 posts)I've never used Truecrypt for this type of encryption, but I know it supports it (others do too if you don't like TC for some reason). In essence, you create an encrypted drive with some random contents that need to be protected but aren't terribly sensitive. The program then creates a second encrypted volume within the empty space of the first encrypted volume. Because both volumes are encrypted, the second volume is undetectable. Any analysis of the drive simply shows one continuous encrypted drive.
If someone forces you to hand over a password, you simply give them the first one. That displays the less important contents on the first encrypted volume. To access the more secure items, you enter the second password.
Personally, I like TrueCrypt. I don't use the double encryption thing (I'm pretty boring and don't have anything interesting to hide), but I do use it to encrypt scans of my important documents like mortgage papers, scans of birth certs and social security numbers, life insurance policies, etc. I keep a heavily encrypted copy of these documents on the USB drive on my keychain, so I have access to them if I ever need them. They're encrypted so that I don't have to worry about losing the thing. I also have a small area on my main computer set aside for "personal" photos and videos that I don't want my kids to stumble into, and use TrueCrypt to protect it from their prying eyes
It's a great tool. Of course, there are conspiracy theories claiming that it was written by the CIA with backdoor access for law enforcement, so it's actual security is dependent on whether or not you believe the theories to be true
greymattermom
(5,754 posts)My computer is encrypted because I work in a HIPAA protected environment. Not that I personally have any patient information, but it is a requirement at work. The encryption prevents HIPAA protected information from being released if the computer is stolen. I wonder how the courts would view that.
Sgent
(5,857 posts)HIPAA doesn't apply in the case of a warrant or subpoena -- although in the later case you / your company could try to quash it.
TreasonousBastard
(43,049 posts)they mention both sides of the story.
Courts have ruled both ways, but the edge seems to go to the side that says a password is akin to the key or combination to a safe, and there's little question that if they have a warrant for the contents of the safe, you have to open it.
(I would be extremely upset if they required you to give the password at the airport or any warrantless fishing expedition they might be on.)
Javaman
(62,530 posts)greiner3
(5,214 posts)There's several great encryption software products out there. In fact, TrueCrypt, an open source one, allows for about 50 character passwords. It may sound crazy but I HAVE forgotten my 35 character password. There is no known way to retrieve the password and I had to reformat the HDD and start over.
There are 2 options this software lets you do; one is the straight forward partition or entire HDD encryption and the other is to create a SECRET partition within the existing HDD. This hidden partition is invisible to any known way to see the partition much less what is inside the partition.
http://www.truecrypt.org/
Creates a virtual encrypted disk within a file and mounts it as a real disk.
Encrypts an entire partition or storage device such as USB flash drive or hard drive.
Encrypts a partition or drive where Windows is installed (pre-boot authentication).
Encryption is automatic, real-time (on-the-fly) and transparent.
Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted.
Encryption can be hardware-accelerated on modern processors.
Provides plausible deniability, in case an adversary forces you to reveal the password:
Hidden volume (steganography) and hidden operating system.
More information about the features of TrueCrypt may be found in the documentation.
Note that TrueCrypt never saves any decrypted data to a disk it only stores them temporarily in RAM (memory). Even when the volume is mounted, data stored in the volume is still encrypted. When you restart Windows or turn off your computer, the volume will be dismounted and files stored in it will be inaccessible (and encrypted). Even when power supply is suddenly interrupted (without proper system shut down), files stored in the volume are inaccessible (and encrypted). To make them accessible again, you have to mount the volume (and provide the correct password and/or keyfile).
Plausible deniability!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
ProgressiveProfessor
(22,144 posts)and fall under the keys to the safe theory.
phantom power
(25,966 posts)RC
(25,592 posts)Use an USB flash drive. They make them up to 256GB now.
If travailing out of the country, use a server for the files. Delete them off the computer when you are going to cross the border. Don't forget to clean the browser when travailing.
FarCenter
(19,429 posts)They are pretty small and can be hidden.
RC
(25,592 posts)FarCenter
(19,429 posts)Brookstone, the up-market US gifts-you-know-you-absolutely-can't-resist retailer, has come up with another winner: Wi-Fi routing silver cufflinks with an on-board USB stick.
How on earth did we ever do without them... and they only cost $249.99.
http://www.channelregister.co.uk/2012/01/24/brookstone_wifi_cuff_links/
RC
(25,592 posts)Let alone cuff links?
FarCenter
(19,429 posts)Apparently they are making some sort of a come back. Fashions change. The prices were very reasonable too.
If you can afford these cuff links, you can afford the shirt.
Kablooie
(18,634 posts)If you forget storing data on the hard drive, you're done.
No way they can get it now, you've forgotten it.
bemildred
(90,061 posts)TygrBright
(20,762 posts)BadtotheboneBob
(413 posts)... or, as said more or less above, "Gee... I forgot it... gettin' old and forgetful, ya know"...
a2liberal
(1,524 posts)that 1+1=3. Doesn't make it true. About equally absurd
leenick1
(11 posts)What is next? Before we all know it there will be cameras from state or federal organizations in our bedrooms,bathrooms,cars and anywhere else you can imagine. This is not just invasive, this is borderline third reich type behavior. I pray this does not go to legislation and if it does we all need to vote this abominable ruling down...also don't give me the old "if you have nothing to hide" B.S. the state and feds have no right to pry into the private holdings of it's citizenship...not unless we are becoming some other than the land of the free....
ThoughtCriminal
(14,047 posts)Working in IT - I have people calling every day because they forgot their password.
Anyone in the field will testify to how common that is.
How do does the government plan to prove that you remember your password?
Athena66
(61 posts)water-board her. (Yes, that was snark.) Although they can find her in contempt of court and let her rot in jail until she agrees. Presumably that could include keeping her in solitary using some invented excuse such as "for her own safety." If she really has forgotten her password, too bad for her. They'll have gotten at least part of what they wanted with her incarceration.
localroger
(3,629 posts)It's going to be hard to make forgetfulness fly if they find the computer still hooked up to all its peripherals in an area clear for its use, keytops free of dust, etc. On the other hand it's a very plausible story for a thumb drive found in a drawer. "I didn't even know I still had that thing." Just make sure they don't find it plugged into the obviously recently used PC. A judge might still toss you in jail for awhile to apply pressure but they won't be so sure you are lying.
Fearless
(18,421 posts)Ie... this ruling is bull shit.