> Congress should not weaken this vital technology [encryption] because doing so works against the national interest.
The bad:
> Metadata may not completely replace the loss of encrypted content, but metadata analysis could play a role in filling in the gap. The technology community leverages this information every day to improve services and target advertisements. There appears to be an opportunity for law enforcement to better leverage this information in criminal investigations.
The ugly:
> Although much of the debate has focused on requiring third party companies to decrypt information for the government, an alternative approach might involve compelling decryption by the individual consumers of these products. On a case-by-case basis, with proper court process, requiring an individual to provide a passcode or thumbprint to unlock a device could assist law enforcement in obtaining critical evidence without undermining the security or privacy of the
broader population.
> With respect to the Fifth Amendment, is there a substantive or legal difference between unlocking a device with a passcode and unlocking the device with a biometric identifier? Is entering a passcode a “testimonial act,” as some courts have held? Is a fingerprint different in any way?
> Are there other circumstances that would enable the government to compel production of a passcode without undermining the Fifth Amendment?
- Case by case basis (i.e. not a giant dragnet).
- Proper court process (i.e. warrants).
- Likely not done in complete secret and with normal regularity oversight.
That's the gold standard to me, not the ugly. I WANT courts to issue warrants against individuals based on a real concrete criminal case.
The issue with the Snowden revelations and similiar programs is that there is no warrant or court process.
They can gain physical access to the phone, just like they can gain physical access to a safe; they can also compel the production of physical keys or security tokens, if any. They can't compel you to provide information from your mind, such as the passphrase to a phone.
Being compelled to produce any information from your mind to incriminate yourself is not acceptable.
IMO, that's clearly a 1st amendment violation.
There is no requirement that they be able to access the content (building the safe is not illegal), but there is a procedure that lets them try under appropriate conditions. What the parent posters have been talking about is a permission structure like that where law enforcement can try their best. Doesn't force anyone to write software in a particular way.
> On a case-by-case basis, with proper court process, requiring an individual to provide a passcode or thumbprint to unlock a device could assist law enforcement in obtaining critical evidence without undermining the security or privacy of the broader population.
I can write a piece of messaging software which writes one of the following two in a log, without exception: (1) hash of /dev/urandom (2) message history with passphrase encryption
If the government comes to me and asks for my passphrase and I say "I don't have one", how can they prove that I have a passphrase and am in contempt of any lawful order? The only actual way to enforce this is to make it illegal to write software which does (1).
My point is: the reason the quoted parts in the top-level post are ugly is because search warrants should already be sufficient, unless you want to crack down on the ability of citizens to do the above.
If you can be forced to divulge something that you know in order to convict yourself, where exactly do you draw the line? Yes, revealing a password that you know isn't exactly forced confession, but there are a lot of stops along that path that are short of being forced to confess and yet probably prejudicial against yourself. So what is the right being defended and are the current boundaries appropriate?
Revealing a password reveals that you knew the password. It's admitting to having access to the device.
There is also the obvious problem when you don't know the password. It's manifestly unreasonable to punish someone for not doing something they can't actually do.
But if not knowing is unconditionally a valid excuse then this is all a just hair splitting exercise to determine how defendants will phrase the refusal. And if it's only conditionally a valid excuse then you're back to forcing someone to testify as to why they don't know the password (e.g. admitting "that's not my phone").
Can they compel you to tell them how to decode your diary, or force you to produce a decoded copy of your diary?
> why not your phone as well
They can do whatever they want to my phone with a warrant. What they can't do is force me against my will to testify as to the contents of the phone. Be very careful not to conflate those two activities.
- The judicial branch is wading through this question now (sometimes allowing compulsion, often not); it's not a question for Congress to answer, as appealing as it might be to them to help us redefine our Constitutional rights.
- We're in the analogy danger zone, but would you say that your phone is more like a safe or more like an extension of your mind? What do you think your answer will be 10 years from now? 20 years from now?
- Dragnet vs. compelled disclosure is a false dichotomy. The NSA and friends will continue their collection of data + metadata at scale, regardless of the outcome here.
The beef in the metadata analysis comes with mass surveillance.
Getting warrant to see where suspect sends emails is not in question. There is little analysis needed there.
None of this needs a constant omnipresent dragnet ir secret courts interpreting secret laws in secret ways.
I'd go so far as to say it is dangerous to spread the idea that this is necessary.
There's a very obvious difference between saying "We're allowed to look inside your documents and records" and "We're allowed to force you to give up any fact we claim you know on pain of contempt charges". Even worse is the fact that people might not actually remember encryption keys (it's happened to me several times), which would mean you could be kept in jail indefinitely for forgetting the password to some trivial volume. I know I've used Truecrypt to keep copies of business receipts and subsequently forgotten the password years later; imagine if the government had erroneously accused me of having illegal materials in that encrypted volume.
One of the most surprising and encouraging statements to come out of Congress in a while.
You could also be talking about a civil liberty to be able to run what software you want. However, the hypothetical laws that are covered by this report include ones that only restrict what major companies do; and we already accept limitations on what companies can do. (For example, no one's civil liberties were violated when Microsoft was forbidden from preferentially bundling IE with Windows).
You could also be talking about the civil liberties associated with dragnet surveillance. However, those violations are not a result of the use technology; but rather the surveillance program. They should be regarded in the same fashion as an old fashioned surveillance program.
The only civil liberty that I can make a convincing argument for being directly relevant is the right to bear arms. [0] Interestingly, in my experience, support for encryption is anti-correlated with support for gun rights (myself included).
[0] Is cryptography still classified as a munition?
IMO this shouldn't necessarily be so. I'm not American but still pretty sure NRA would welcome crypto enthusiasts;-)
At least on my local shooting range there is a lot of different people and possibly the most common trait except liking to shoot is that they aren't convicted of any serious crime :-)
The issue is the broadening of those "certain conditions" to eventually become all-inclusive.
This would put us back to the pre-dark world where the government had access to all digital records that were not maintained by people with super-human op-sec practices.
Further, even if you do have amazing op-sec, they could still attempt to prove beyond a reasonable doubt that the data is an encrypted message through non technical means. For example, if they can show that you accessed the alleged data the week before.
Even if there are some cases where, through technical means, one prevents the government access to the data, the number of such cases is still smaller than the number of cases that would be prevented by default encryption.
You haven't addressed the civil liberties angle though: should the government be able to make this software illegal? If not, crypto people can design such a system.
Existing warrant processes already get you to the system that you describe, so I don't know why the House would talk about it as some future innovation and change needed, if their goal wasn't to make the system I describe less permitted.
Existing warrant processes do not get you to the system I describe, because it is not settled law yet whether or not the government can legally compel you to surrender your key, even in cases where there is no dispute that there is a key.
The fact that there exists hypothetical software that would allow someone to plausibly dispute the existence of the key is not relevant to the above question.
(I don't believe anyone could creditably say that any level of over-ride key wouldn't be impossible to leak from /somewhere/.)
That is probably astronomically unlikely, but you don't even really need a 'god' to produce such an outcome. Imagine if an alien race wanted to run a simulation of some sort that was only possible in reality. So they go to the trouble of setting up an entire solar system and planet as their staging ground. It isn't conceptually beyond any possibility, but the effort required is likely beyond my capacity to accurately imagine.
It's so highly unlikely that I don't believe it actually happened, but I cannot say for absolute certain that it didn't.
Given the history of everything, even war-time level efforts to keep secrets, I don't believe anyone could creditably say that any level of over-ride key wouldn't be impossible to leak from /somewhere/.
