
Judge won’t release man jailed 2 years for refusing to decrypt drives - sus_007
https://arstechnica.com/tech-policy/2017/09/judge-wont-release-man-jailed-2-years-for-refusing-to-decrypt-drives/
======
alethiophile
This is interesting, because the case is clearly being structured
(intentionally by the government, one presumes) to force the test case of "is
compelled decryption legal" onto the most unsympathetic possible defendant.

If the government "knows beyond doubt" that the encrypted drives have CP on
them, then they have everything necessary to move forward with a trial without
decrypting the drives at all. That satisfies society's legitimate interest in
suppressing child porn, while also not trampling all over the legal right to
use encryption. Choosing to structure the case in this way, with an appeal to
the Supreme Court over a matter that's a technicality in the original case,
clearly shows that the goal is to get a precedent for forced decryption, not
merely to jail one child porn possessor.

~~~
jo909
They don't "know beyond doubt" in an absolute sense. They know sure enough to
make the encrypted drives content part of the trial in the first place, which
is a determination the judge made himself and that wasn't challenged by the
defense so far.

At some point the main trial will continue, very probably without the
decrypted drives. Then the defense will very very likely argue why the hashes
aren't enough proof for possession of illegal files, and they will hear
experts statements on the matter on both sides, other evidence for the
possession etc. And then a _jury_ will make the judgement, with much more
factors and on a very different standard of "beyond doubt".

~~~
eridius
They "know beyond doubt" that the drives at least _used_ to contain CP, and
most likely do now. It's possible that the CP was deleted at some point, and
the only way to determine that would be to decrypt the drives.

~~~
dragonwriter
> They "know beyond doubt" that the drives at least used to contain CP

If they even merely had sufficient evidence to know beyond a _reasonable_
doubt, then they would have sufficient evidence for a trial conviction and the
decryption would be a sideshow.

Either they are lying about their knowledge (unnecessarily from a legal
perspective, so probably for PR), or lying about needing the decryption for
evidence, or telling the truth about both but the source of their knowledge is
itself illegal evidence (and any evidence they collect based on that knowledge
is fruit of the poisonous tree.)

~~~
eridius
Or they're telling the truth but they're worried that a jury won't understand
the explanation of how they know and would really like to have the actual CP
in-hand to use as evidence instead.

~~~
alethiophile
If they've linked specific hashes to known CP content, then presumably they
have those files available. They can still present that as evidence, then have
the experts testify that those specific files are known to have been on the
drive.

Going to the Supreme Court specifically on the forced-decryption issue sends a
pretty strong signal that that's what they actually care about.

~~~
jo909
Technically, the defendant is the one going to the Supreme Court. Of course
they somewhat forced his hand by putting him in jail. IANAL, but probably he
could have abandoned his fifth amendment defense strategy much earlier, which
is the only thing currently before the Supreme Court, go back to the original
judge and raise the "I forgot the password" defense there. Under the
assumption that he could have done that, and again IANAL so I'm sorry if that
is wrong, he is the one forcing the issue at the Supreme Court.

Of course the prosecution has nothing to loose here, so why would they do
anything (if they could, I don't believe they play any role in this part), and
the judge that made the contempt of court ruling that is the basis of all of
this is unlikely to just give in and admit he was wrong, and also probably
pretty interested to get a final judgment on what he believes is his legal
right to do.

And you make it sound like getting the highest courts opinion is a bad thing.
Either way, then we know, and I'm glad I'm not the one that has to wait it out
in jail.

~~~
alethiophile
I am also not a lawyer, but if the government really just wanted their
conviction of this one guy, the obvious path seems to be to abandon the court
order to decrypt the drive, and just move forward with trial based on the
forensic evidence from the system root. Slapping him with contempt on this,
and continuing to sweat him out in jail while he files higher and higher
appeals, is the government's decision.

Getting the Supremes' opinion on this is kind of a superposition of states: if
they decide in favor of right-to-encrypt, that's great, as suddenly the
government will (presumably) stop using these kinds of court orders; but if
they find against, then it's worse than the current uncertain situation, as
orders to decrypt will then become an accepted tool. If the Supremes would
find in favor of compelled decryption, then I'd prefer it never go to them,
and remain in the current legal limbo.

~~~
jo909
"The government" as such is not involved here. I'm not going to pretend the
separation of powers is as clean cut as what one learns in school, but first
and foremost this is a ruling of a single and independent judge that the
defendant is challenging.

I fail to see any motivation for the judge to back down on his contempt of
court order. I fail to see any motivation for the prosecution to try to
continue the trial faster without the drives (which would be a much weaker
case). Just because they are good people and have any problem with somebody
they believe to be very guilty sitting in jail? They send people to jail all
day long.

And I for myself, owner of many encrypted drives, prefer to know and not
having to fight that fight myself while sitting in jail.

------
vonzeppelin
If you can be jailed indefinitely for not decrypting a drive then can't you be
jailed indefinitely for not remembering your password? That sounds fair.

~~~
drostie
At the contempt hearing, you are allowed to testify that you do not remember
your password, and it puts the burden of proof on the government to prove that
you secretly remember your password and are lying to the court when you say
that you don't. Of course if you _do_ testify this and you _are_ lying, then
that's a perjury charge -- which means that for example if you have told your
lawyer that you _do_ remember your password, your lawyer cannot knowingly
allow you to lie on the stand and could be disbarred etc. if you do. But
assuming that you're _not_ lying and so forth, you can just say "I can't
comply with this court order because I don't remember the password" and that
will suffice for your defense at your contempt hearing unless the government
can meet a strong burden of proof that you secretly do know your password and
are lying about it, which you are of course entitled to counterexamine and
poke holes in.

Rawls did not testify, at his contempt hearing, that he did not remember his
password. He did not testify at all at that hearing. He said prior that he
doesn't remember his password to the police, and he has said it afterwards to
the media, and he might have even said it to a different judge in these weird
follow-up hearings--but he didn't say it at the contempt hearing and as I
understand it he didn't appeal this hearing directly to say "well shoot I
didn't realize I was getting jailed on a _technicality_ , let's re-do this
hearing so that I can testify that I forgot it properly."

There are many reasons that Rawls might not have testified; possibly he has a
very good lawyer who is concerned about some bigger issues that Rawls might
have to address if he testifies at all; possibly he has a very bad lawyer who
did not know that this is how forgot-my-password law works and did not read
the Supplemental Order the judge wrote explaining why Rawls is being held in
contempt of court. I do not know why he did not testify this. However,
testifying this is sufficient to be not held in contempt of court, unless the
government can meet a stiff burden of proof that you are lying.

~~~
humanrebar
> At the contempt hearing, you are allowed to testify that you do not remember
> your password

Isn't it the government's job to prove you remember it? Shouldn't the right to
remain silent apply in contempt hearings as well?

~~~
drostie
It _is_ the government's job to prove you remember it. They have the burden of
persuading the court that you don't remember it. This is spelled out
explicitly in the Supplemental Order issued by the judge, PDF freely available
at:

[https://ia601303.us.archive.org/0/items/gov.uscourts.paed.50...](https://ia601303.us.archive.org/0/items/gov.uscourts.paed.507511/gov.uscourts.paed.507511.21.0.pdf)

What is at stake is a burden of _evidence production_. The difference between
production and persuasion, in a court room, is a distinction both of quantity
and quality. You "produce" single pieces of evidence, whether weak or strong
-- then the totality of all of the pieces of evidence, evaluated together
according to their strengths, "persuades" the court. "Produce" is quality-
agnostic and refers to single pieces of evidence; "persuade" or "prove" refers
to all of the evidence on both sides and weighs them by their quality.

And what's really at stake is that your lawyer, at a contempt hearing, cannot
_merely_ claim, "Well, your honor, the prosecution has not proven that my
client is definitely able to fulfill the order, because they have not
disproven every possible reason why my client could not fulfill the order."
The reason that this is not enough is that it is asking the government to
prove a negative, "you cannot possibly have any excuse."

Instead the procedures that courts use to decide these cases require the
defense to identify specific reasons why the defendant cannot fulfill the
earlier order, and then the burden falls on the prosecution to prove that
those specific reasons are BS. And for this purpose they need to produce
_some_ evidence -- it doesn't need to be strong, persuasive evidence -- that
the defendant cannot fulfill the order for that reason. Because it does not
have to be strong or persuasive, a statement of testimony is taken at face-
value as sufficient.

The only attack the government can make at the _evidence-production_ level is
"even if this evidence were 100% persuasive the defendant would still be able
to decrypt the drives", so the evidence has to have some clear logical
relation to the excuse. But obviously if your sworn testimony that you cannot
decrypt the hard drives were 100% persuasive, you would not be able to.

It's still the government's job to prove you remember it, but you need to
produce some sort of pertinent evidence (no matter how flimsy) that you don't,
so that the court even evaluates this defense in the first place.

~~~
humanrebar
It's not inconceivable that the courts could prove that the defendant could
access data. The data could be on an encrypted cloud drive that the defendant
decrypts when he accessed his email this morning.

Or he already stated to Witness that he keeps his bitcoin keys there and he
has been trading bitcoins lately according to Exhibit J.

~~~
drostie
Look, it's _not inconceivable_ that competent prosecution could prove that
every murderer wasn't acting in self-defense, either. What's _conceivable_ has
little bearing on courtroom procedure.

What matters for procedure is, what's reasonable. It's reasonable that someone
who claims they killed in self-defense would have to present evidence that
they felt they were in serious danger. It's reasonable that someone who claims
they were not sane at the time they committed a robbery, should have to
explain with evidence the causes and circumstances of their insanity that
distinguish their mental state from other mental states that we'd treat
normally, like that of simply being greedy. These are routine situations where
the burden of proof is on the defendant to mount the corresponding
"affirmative defense." They arise because of a more fundamental principle that
if you did fail to obey the law, but you want to argue that it's OK that you
failed to do so, then you should be able to tell the court _why_ you failed to
do so, so that we can indeed evaluate whether it's OK.

The only difference here is that insanity, self-defense, entrapment and the
like -- traditional affirmative defenses -- are self-evidently very
exceptional circumstances. Forgetting is, by comparison, quite routine.
Therefore the courts are actually incredibly lenient, putting only a weak
burden of production on you so that the question of "why can't you?" is
answered up-front, and then this reason will be evaluated under the assumption
that you're innocent until proven guilty.

------
Johnny555
_Prosecutors said Rawls has a lot of "chutzpah" to even ask to get out of jail
while he appeals the contempt-of-court order to the Supreme Court, which has
never decided whether forcing somebody to decrypt hardware amounted to a Fifth
Amendment violation._

He's being held in jail on a basis that may violate his constitutional rights,
yet _he_ is the one with chutzpah?

------
kazinator
What sort of lousy hard drive encryption reveals hash values of plaintext?

~~~
jandrese
What I've been able to piece together from the fragments of this case that
have been reported by non-technical journalists is that he used some sort of
P2P software like BitTorrent to download the files. This P2P software kept the
checksums of every downloaded file on his unencrypted drive (basically it
stored the torrent files somewhere). The FBI compared the checksums in those
file to ones of known CP images and found some number of matches (how many has
not been reported from what I've seen).

So it really looks like they've got plenty to convict this guy on the evidence
they have, but are refusing to bring the case to trial until he unlocks his
external hard drive for some reason.

~~~
yggda
It's one of two ways. It's either the hash algorithm hashes are strong enough
to prevent manufactured hash collisions (not just accidental ones) and the gov
could convict on the hashes alone, meaning the files aren't needed and the All
Writs Act is not appropriate, so he's not in contempt. OR the hashes wouldn't
stand the trial by themselves, and leaves a much weaker argument for the need
to decrypt because you're less certain that it would contain the files you
think it does.

I think the specifics in this case, Like the sister's testimony, go against
the second possibly weakening their argument.

------
rufusroflpunch
I feel like anyone with a functional brain can see this is a fifth amendment
violation.

~~~
seanhunter
Although I'm sympathetic with the side I think you're on, the legal issue at
stake here is much more complex than you are giving credit for, and reasonable
people can disagree about this. Courts have apparently found in the past that
disclosing a physical key is not a 5th amendment violation whereas disclosing
a code (eg the combination to a safe) is. The EFF is apparently of the mind
that this is a violation. There's a decent writeup of a different case that
raises the same issue here [http://www.outsidethebeltway.com/the-fifth-
amendment-privacy...](http://www.outsidethebeltway.com/the-fifth-amendment-
privacy-and-computer-passwords/)

------
crb002
Confess regardless of guilt there was child abuse obscenity and forgot
password. Then file lawsuit claiming confession was coerced.

~~~
imglorp
Does being jailed for refusing to cooperate count as coercion?

~~~
crb002
The fatal flaw here is that this guy lost over 90 days (I think that's the
lower bound) of liberty without a jury trial. Under this scheme a judge could
jail you until you produce the body in a suspected murder, or until you tell
the cops where the money is in a suspected bank robbery.

Contempt is a quasi-criminal remedy with severe limitations. SCOTUS will rule
from this that contempt confinement for longer than 90 days requires jury fact
finding.

~~~
seanhunter
Hmm. It's not true to say under this scheme a judge could jail you for not
producing a body. This is more like a situation where the judge could jail you
for not allowing people to search the spot where they suspect the body _is_
(eg if you won't let police search your freezer). That's something they can in
fact already do. That is to say, they have the right (assuming a warrant) to
search where they want to search, and if there is a physical protection (eg a
key) it isn't covered by 5th amendment and you have to cough it up.

The 5th amendment doesn't bestow a right to prevent the collection of evidence
in general. You could argue that this particular person wanted a jury trial
they could easily have got that by disclosing the password and allowing
decryption.

That said, forcing disclosure of a password is particularly troubling. On its
face it seems obvious that he is deliberately not doing that so as not to
reveal the incriminating evidence (ie incriminate himself), which is why he is
pleading the 5th amendment right not to be forced to do that.

