For example, in a trial, the prosecutor might subpoena some documents and you cannot refuse to turn over those documents, unless doing so would trigger a 5th amendment assertion. Turning over the documents implicitly testifies to at least two important pieces of information: that the documents exist and that you know about the documents.
So if you're asked for the documents and the prosecution has no evidence that the documents exist or that you know about them, the 5th will cover you.
However if during a police interrogation you admit that the documents exist, when they are subpoenaed, you can't withhold evidence.
I imagine that the 5th will work much the same with passwords. If it is known that you have the ability to unlock the device, refusing to do so will be withholding evidence.
However if revealing the password implicitly reveals the hitherto unknown information that you know the password, 5th will work.
We're starting to get to the edge of the point where this guy might legitimately forget his password. I think we can assume the FBI has been running a common passwords/dictionary attack with common password symbol substitutions for the last 18 months, and apparently they haven't found the answer, so this password is probably a pretty good one that's not based on a word or even a sentence.
If he stays in jail without trial for another two years and then says "I can't remember my password any more", what should we do?
That's not what the "foregone conclusion" stuff is about, at all. They're not saying "it's obvious he's guilty so the 5th amendment does not apply." The 5th amendment doesn't apply to handing over evidence, period. It's about the circumstances under which handing over evidence (which ordinarily does not implicate the 5th amendment) involves implicit statements or assertions by the defendant (which does). Read the subpoena example in the opinion, it clarifies.
The concept of forgone conclusion is very weird. Imagine that I tell someone that I maintain a diary with log of all the events everyday. Then I tell this to my friends, family, (the police), etc.
Let's say the prosecution can prove that I was at a spot where something illegal happened. If they knew I wrote a diary everyday, they can compel me to produce my diary, which will then be used against me (if needed).
If on the other hand, I tell everyone (and the police) that I have photographic memory and remember anything I see and do, that information is protected by fifth amendment. So in this case, I won't provide something that will be used against me.
It is very weird that when the plain words of the amendment read "compelled in any criminal case to be a witness against himself", it is only thought to include literal production of testimony from mind as confession, while on the other hand, the first amendment is not read literally to allow only freedom of (say) owning a press, the press being a physical printing press.
It is also not too hard to essentially forget a complex password by either 'blanking it out', or associating it with multiple similar paswords during recall.
There are no easy solutions to encryption in this context, apart from what it clearly tells us: That society needs to focus on prevention and care, and not rely on policing and punishment to keep society safe as much as now.
Of course, knowing that he actually has forgotten the password is somewhat tricky, so what would actually happen is anyone's guess.
Release him and pay millions in compensation for violating his writ of Habeas corpus.
Surely it's the pre-existing evidence that [potentially] stands against the accused, not their "speech" that enables access to that evidence.
Who does such an interpretation of The Fifth protect?
It amounts to interpreting the existing evidence for law enforcement.
I would like to believe they do... But I don't think they'd bother with that.
I mean 18 months. It's a lot.
The west used to mock and deride the USSR for this kind of thing.
- There must be evidence that I can unlock the device for the two situations to be equivalent, and the request must be for specific documents known to exist. If they don't exist all evidence found must be invalidated because the cause for the search was invalid.
- If evidence of ability to unlock the device does not exists, but the assumption is that since it's mine I can unlock it, I think the analogy is slightly flawed. Since the ask is now not about producing a specific thing I'm known to possess, I'm indirectly being asked to produce a document (password), albeit not in material form but typed on a keyboard. Since it's never been proved that I actually am able to open it, the situation is not equivalent, but more like there being a safe in my house that nobody has seen me open, no key is know to exist, but since I own the house I am assumed to be able to open it, and I'm held in contempt because I say I can't or won't open it. It's not too uncommon for a house to contain a safe the current owner can't open, but it does not lead to the same situation since it can usually be forced open. The only difference with good encryption is that the option to use force has become increasingly impotent.
- Unlocking a computer without proper limits and auditing of the search is also more like being asked to give access to any document storage rooms I own or have access to. Reason being that unlocking a device will in many cases give access to more than the bare contents of the drive, giving access to emails, Dropbox, and other logged on applications and sessions. Since parallel construction appear to be a thing, it's ripe for abuse.
Maybe there needs to be a process where independent auditors can, under surveillance of the defendants lawyer produce named documents from seized evidence, as giving police and/or prosecutors blanket access to devices entire content could create lots of opportunities to create parallel construction stories for any content found not under the current warrant, and as bizarre parallel construction is, it appears to have been used.
Part of the issue seems to be the courts are very proficient in coming up with very interesting interpretations. It feels a lot like a literature or art interpretation class, where everything is BS but a lot of people have a bunch of rules convincing them they aren't. Then again, the founding father's weren't too much different.
Founding fathers: "All men created equally".
Also founding fathers: owns slaves (some at least)
The information in the guy's head is the password. They're not asking him for the password. They're asking him to perform the action of decrypting the drive. They explicitly told him he could keep the password secret.
In related murder news, murder suspect detained indefinitely until he shows hidden body to the police. They don't want him to tell them where is the body, they just want him to drive them there so they can dig it up.
There was an excellent discussion of this case and the principles behind this doctrine in the Washington Post last year:
Orin Kerr does an excellent job explaining why he thinks the doctrine applies to decrypting files. You might enjoy reading it.
The appropriate analogy to this case is not "until he shows hidden body to the police" but "until he opens the door to his garage where they have reason to believe there is a body".
An evil government could coerce someone to falsely say "I did it!"
An evil government cannot coerce someone to falsely type a password into a terminal to decrypt files with incriminating evidence. Because if it's false that evidence simply won't exist.
Thats not the sole purpose of the self-incrimination protection (which is, also, far too focussed in it's protections to meaningfully effect that end, since historically false testimony coerced through torture was very often sought from people other than the person it was used against.)
> An evil government cannot coerce someone to falsely type a password into a terminal to decrypt files with incriminating evidence.
Sure they can, or, rather, if they claim to know already what is on the drive and reject any decryption which does not match their claimed knowledge, they can punish someone for non-compliance until they either tire of punishment or the target somehow manages to produce a result that matches the expectations.
Take a look at the legal system of just about any non-English speaking country, to see how this could possibly work.
(Admittedly, it makes for great film scripts and courtroom scenes, which are valuable and important export-products of the US, but having clearly defined and agreed upon laws and rules is kind of important too)
But again, that doesn't apply in this case.
or the target somehow manages to produce a result that matches the expectations.
This is an impossible end state. You might have a point if the password was a one time pad or something like that but that's not the case for the case in question.
There is a problem with this which is that non-lawyers are required to comply with the law but that's not really the issue here.
If you're trying to argue courts have gone through mental contortions to derive radical insane re-interperetations of the law that completely change its intent and meaning 180 degrees, and that the entire legal orthodoxy has gone through the same contortions in order to be able to practice law in its current state, you can do that and it's reasonable, but you should use better examples like e.g. the commerce clause, not slavery. Slavery was most definitely intentionally allowed, no interesting interpretation necessary.
Legally yes. I was talking referencing how the founding fathers were not consistent in matching the government they created with some of their prior statements which were part of the reason they were in a position to create the government. Largely I said this to preempt the oft response that the founding father's weren't consistent with their own view of rights.
And hence we have lawyers and judges interpreting the law. Because the whole foundation (the people, and their opinions) is unstable over time.
In this case, the court is asking the man to provide evidence which the court is not aware of. And there also might be evidence for other crimes which the court isn't aware of.
This is also a right to privacy issue.
That said, personally I don't buy it. What if there's evidence of other illegal acts on the drive too, ones the police don't know about? Then decrypting the drive would definitely be incriminating because it would tell police about the other illegal stuff, stuff which fails the "foregone conclusion" test.
The immediate thought that comes to my head when they say this is: Then whats the problem? You can prove it, so why do you need more proof? Unless your possibly maybe your case isn't rock solid or you want to find more crimes.
Your reasoning invalidates all searches, all warrants, and it's everywhere in this thread, it's insane.
I'm all for security, privacy, encryption, Tor, but if the police have a strong enough reason to think I'm committing a horrible crime, and have convinced a judge to sign off on it, then yeah absolutely they should be allowed to search my computer. I don't get to say "Joke's on you g-man, we both know I'm a criminal and the evidence is right here and I can get into it, but I won't let you in until you've cracked my secret code!" The alternative is for them to just always assume encryption/Tor == criminal. The point is they can search /when they have a very good, explicit reason given to a judge/, not go on fishing expeditions or passively collect everything. You probably will lose your privacy for a little while if you're a reasonable target in a serious police investigation, that's always been the case, and it always will be.
It'd be akin to the police coming across a written document in rot13 and jailing you indefinitely until you show them how to decrypt it.
What if it turns out to be a grocery list and you used rot13 just as a matter of course? You went to jail over a grocery list?
I don't think you can compare searching a house to forcing the decrypting of the hard drive.
I run my own XMPP server to keep in contact with a few people (1 friend in china, and my gf during the day). I absolutely encrypt all of it, you're telling me it's ok for them to jail me indefinitely because they believe I've said something in the logs that I shouldn't have.
And that's bullshit, there are legitimate reasons why people encrypt things.
And no, none of your examples are appropriate. If the police could prove you had a grocery list had all of the items used in a crime and could tie you to it, went to a judge, got a warrant, and ordered you to turn over that list, you'd have to do it. If it's encrypted in some scheme you have to show them the real data. It's not the cops' job to work their way around every weird little obstacle you put in their way when they have a lawful order requiring you to hand over information.
In your scenario, if they had a warrant for your grocery list or XMPP server data, you wouldn't be "jailed indefinitely", you'd be jailed until you complied with a lawful order to turn over the data you possess. I don't know where you got the idea you'd be jailed indefinitely because of the content of the chats, that one came out of nowhere. If they discuss crimes you've committed you'd be jailed for those crimes, not indefinitely. After you turn over the logs. If you refuse you're breaking the law. If you don't have access, you can go ahead and try to prove that to the judge, or convince the judge you forgot your password. But the police can provide evidence to suggest you DO have access, you are just willfully refusing to give it up. Like, e.g. logs of you accessing it successfully, recently.
Yes there are legitimate reasons people encrypt things. I encrypt everything, all the time, just for the sake of doing it. I use Tor for my fairly mundane browsing all the time because I value my privacy.
But encryption does not mean "I never have to give anything to the authorities, under any circumstances, no matter what, and there can't ever be any consequences for me if I refuse when they go through proper channels and ask". Encryption does not mean you don't have to comply with the law.
When you start using such bullshit, outlandish arguments, you've lost the point.
> In your scenario, if they had a warrant for your grocery list or XMPP server data, you wouldn't be "jailed indefinitely", you'd be jailed until you complied with a lawful order to turn over the data you possess.
They have the data. What they don't have is an ability to interpret the data, but they most definitely have been given the data.
If that's really your measuring stick, then they need to let this guy go because they have the data in their possession.
What next, we're going to jail someone indefinitely (oh I'm sorry, not indefinitely, just "until they comply"...) because they refuse to read off their grocery list, which they wrote down in french because the police can't find someone else to read it for them?
no, fuck that, it's all splitting hairs.
"We don't want him to give us the password, just force him to unlock it for us, so it's totally not the same thing!".
Oh also.... you're wrong about the warrant point.
> Actually, the police might not be able to search anywhere just because they have a search warrant, there is a requirement that a warrant describe specifically the place to be searched and the items to be seized. Although it is possible that a warrant will give police a general license to search anywhere in a home, it is also possible that the search might be limited to specific areas in the home.
Maybe you live in a different country, but in the US it's typically understood that a warrant is meant to be specific to avoid the issue with police getting a warrant to look for a stolen bike and going through your toilet looking for hidden drugs.
> The man will end up in prison anyway
But may actually end up longer in prison for contempt of court.
To me there is a big difference between a guy who found some on the internet and someone who produces or pays for it.
I would be wary of putting in minimum sentencing for such crimes unless it was only targeted towards those producing/paying as you can reach murky area's. Two i can think of off the top of my head would be finding images inside someone's browser cache who browses a site like 4chan where people will post it randomly.
That and art, if someone draws child pornography is that a crime? If blizzard says one of their overwatch characters is 17, are the people who make those animated porno videos making child porn? And are the people watching it consuming child porn?
If you have child pornography the law considers it the same as taking the photo and you can be sued civilly by the victims.
People love it when lawmakers make more laws.
The answers to these questions are obvious: no and no.
If the answers are any different or short of being absolute, then that's a clear hole in the first amendment.
Tell that to Chris Handley . He imported a pornographic comic book from Japan, a postal inspector got his panties in a bunch over it, and a prosecutor pushed for 15 years in prison and life as a sex offender unless he plead guilty.
Knowing he'd probably lose in front of a jury of his peers , and being blackmailed with the threat of 15 years, he took a plea for six months in prison. Wasn't even afforded the right to a fair trial.
Oh, and it's not just pictures, either. Textual, fictional stories can be "obscene" as well. It is possible to write a fake story in a Hacker News comment that can get you 15 years in federal prison in the US.
 it's deemed "obscene", which is a magic "get out of Free Speech free" card, so it falls under the Miller Test. You could get a jury in a very deep red county to find two fully-clothed males kissing as "obscene" if you wanted. "Obscenity" is the thing that needs free speech protections the most.
I'm even of the mind that mere possession of any piece of media cannot be properly regarded as criminal, precisely because it interferes with the far more important right to free speech.
It seems to me that prohibiting the creation or sale of child porn is more appropriate.
But then you have cases like Handley where cartoons are criminalized (which I consider to be a thought crime), and cases like this story where it's used to basically eviscerate the fifth amendment ... and it really makes it clear: you cannot have exceptions to free speech, or it will continue to grow and gut everything else. It's not a "slippery slope" argument ... the slope has already happened -- we're seeing it right now. An appeals court just said you can rot in jail for the rest of your life if you forget your password. And they're going to get away with it because of the horrific spectre of CP ( parodied well here: https://www.youtube.com/watch?v=sdu4wSBZqMM )
As much as I abhor the content, I really believe prosecutors should be going after the producers, the sellers, the people collecting ad revenue off of hosting this stuff, and of course, the actual abusers themselves.
I'd like to see the people with paraphilias they didn't ask for have access to proper counseling, access to anti-androgens, etc.
But we don't live in a country that wants to help people. We live in one that wants to punish people -- even if that results in more victims.
I partially disagree with this. I think it should only be a problem if it's actually real, and can be proven to be, and thus can be proven to have an actual victim. And that victim needs to actually be a child.
In today's age of Photoshop and life-like realistic rendering programs, it's entirely possible to create stuff that looks real, and really isn't. It's also possible for models/actors to look less than 18, while not really being that young. How do you tell for sure that a person in an image is 17 years and 364 days, and not 18 years? Pretty soon, the rendering technology will be so realistic you'll be able to create movies with fake humans that look entirely real. So if someone buys this software and makes some naughty stuff with it, why should they get in horrible trouble and spend decades in prison, when someone else can buy the same software, buy the same digital assets of child models (which aren't really real children, just fake but realistic looking children), and then make movies of these "kids" being slaughtered by dinosaurs or mowed down with machine guns or something, and that's perfectly OK?
The bottom line is: victimizing innocent people should absolutely be illegal and punished. Anything which doesn't victimize an actual person should not.
His argument was that if someone downloaded illegal materials like cp and his network was password protected, they would argue that it had to be him (when we know this isn't even remotely true as software people).
The thing is, I kind of dismissed it and then several years after reading that I came across an article that just floored me. A cop was accused of accessing cp evidence repeatedly (presumably for himself). The article quoted the chief of police as having said "we know it was him because he used his password to log in and it's IMPOSSIBLE for anyone else to have gotten into it".
I've emphasized the word impossible.
I went home that night and opened up my home wifi and I've ran it that way ever since. The idea that a police chief would believe it's impossible for anyone else to get into an account because it's password protected is about some of the scariest shit I can imagine.
And what's scarier in my mind, is how easily people are swayed. Look at how many people are arguing that it's ok to jail this guy indefinitely for refusing to give the police a password. And they BUY the argument that because the police are only asking him to perform an action (enter the password) and not actually give them the password it somehow changes anything instead of it being bullshit hairsplitting by officials.
I'm not really a tin-foil hat sort of person, but the people who can buy that without blinking are a part of the reason why we can't have things like free speech, only acceptable speech.
You may enjoy Chris Morris in this Brass Eye special "Paedogheddon":
(if you enjoy absurdism and black comedy -- I find absurdism to be an especially good fit for satirizing the Kafkaesque)
While I agree in principle with the sentiment, by calling it "piece of media", you presume it to be something inert.
Stepping outside the context of obscenity for a bit, code is data and data is code. It used to be (50-100y ago) a reasonable valid argument that any media is "just words" or images, unable to hurt anyone/thing unless interpreted and acted upon by human volition. However in today's information technology-enabled society, we have automated systems and machines that will consume the data on a piece of media, and automatically perform real-world actions that have large consequences and may hurt people.
Weaponized exploit code (etc) can exist on a piece of media, and you can imagine how a rule that "mere possession of any piece of media cannot be properly regarded as criminal" can somehow always be wrangled into a loophole that abuses this rule. Information is a very weird and fluid beast, just look at the oddities around "illegal primes" or "coloured bits", to see where computational science and law collide.
I believe that our old intuitions about the fundamental nature of "information" are being challenged in a way. I don't have solutions or answers, either. I want the freedom too, but saying it's "just information" on a piece of media is a bit too quick.
Any person who, in a circumstance described in subsection (d), knowingly produces, distributes, receives, or possesses with intent to distribute, a visual depiction of any kind, including a drawing, cartoon, sculpture, or painting, that (1) (A) depicts a minor engaging in sexually explicit conduct; and (B) is obscene (...) or attempts or conspires to do so, shall be subject to the penalties provided in section 2252A(b)(2), including the penalties provided for cases involving a prior conviction. It is not a required element of any offense under this section that the minor depicted actually exist."
Those two words are hiding a lot. For example, it's probably not obscene in Oregon, since part of the Miller test defers to state law and we have a stronger state equivalent of the 1st amendment in our state constitution that would allow it.
And if you wrapped it in a story(like a manga or comic), it would be easier to argue that it has literary or artistic merit. Though, a "states' rights" argument would probably be more likely to succeed.
I was more speaking to the question, "is it a crime?" IE, is it a crime in any sort of common-law sense and the proper purview of a government in a functionally free society.
In that sense, I do not believe that the wholesale fabrication of any form of media is a crime.
Had she not responded when the guys lawyers contacted her, the accused would've gone to jail for child porn.
That's how insane and scary these laws are. I'm all for coming down hard on someone for having cp, but it wasn't cp, just a young looking actress.
Also think of the children.
This makes it sound more like it's a fishing expedition for evidence to use in other investigations, or to find evidence for a more severe punishment, both of which one can morally agree or disagree with, but is it how justice should work? I honestly don't know, but I think probably not.
It's a detestable crime, which is exactly why we must not allow the law to be bent out of shape because of that, as the results will be used in other cases where our moral compass maybe wouldn't sway our judgement as much.
The only justice we can enact, flawed at rational reasoning as we are, is a dispassionate justice. One where we as much as possible defer to the few rational facilities we have. Weak, but nonetheless, logical and rational thinking, is what we must base our arguments upon, as we are so easily swayed by our instinct to protect our children at any cost, often with little regard to what consequence it might have in a distant future.
The less emotive case would be the hard drive contained bank statements for tax avoidance - and I would still think that a court should be able to compel someone to produce that.
If that's the case the files aren't needed, they want to see the drive contents on the off chance of finding some other evidence.
It's a foregone conclusion technically that the illegal content is on the hard drive. His guilt is not a foregone conclusion (not in the US anyway).
If you visit https://www.justice.org/sections/newsletters/articles/fifth-... and search for "foregone conclusion" you will get some good info.
The file hashes basically takeaway any good self-incrimination argument he could make and there might also be evidence of further criminality on the hard drive.
Sorry, but legally, the latter should be the only standard of truth. If he exposes himself to a higher standard of guilt, then he is incriminating himself.
To my mind private spaces (be that my house or my hard drive) should have some protection, but it seems reasonable that that is less than my personal freedom.
I have no issue with a warrant being issued on a balance of probabilities basis in order to find evidence to convict a person based on beyond a reasonable doubt.
And all this ignores the possibility of discovering further crimes and accomplices by investigating the contents of this drive - if there is a balance of probabilities likelihood of find those on the drive I don't see any problems with compelling this to be revealed.
The problem with this is it isn't consistent with how the law works in other cases. For example, A judgment of 'guilty' is considered absolute, not probabilistic.
then prosecute him and be done with it. Anything else is either a fishing expedition or we don't all agree that the files are definitely on the system... in which case it's still a fishing expedition.
hashes can be inaccurate, it isn't a foregone conclusion in reality, just in their opinion.
Not really, no. The chance of multiple hash collisions on a set of arbitrary images is a near impossibility.
I told this story before, but I once read an article about a police officer who said it was impossible for another person to have logged into an account because it was password protected, when we know that's not even close to being true.
impossible and improbable are not the same thing, and I sure as shit don't feel comfortable making the case that it's 100% locked in because of a hash.
The requirement should be for them to look at the actual content, not the hash.
That's not even the same realm as this case:
> The Forensic examination also disclosed that Doe had downloaded thousands of files known by their “hash” values to be child pornography
Thousands of hash collisions would require prior knowledge of the values and a concerted effort to deceive. It would be more realistic to say that human perception is broken when looking at the media than it is to argue with the mathematical reality at play here.
> The requirement should be for them to look at the actual content, not the hash.
Refusing the evidence known to exist and definitely covered by probable cause is why the defendant is still in custody.
So using the law to defend yourself doesn't really apply here.
> Thousands of hash collisions would require prior knowledge of the values and a concerted effort to deceive. It would be more realistic to say that human perception is broken when looking at the media than it is to argue with the mathematical reality at play here.
This confidence is why my anecdote applies. That confidence is flat out scary when you hear people in law use terms like "impossible" or "virtually impossible" when speaking about things that are not.
To me the danger is, what if this person committed other crimes and by unlocking the drive he give the prosecution info about those crimes. In a world where the investigators and/or prosecution have gotten away with parallel construction I wouldn't expect them to play fair. I mean, realistically it sounds like they guy is guilty as sin. That being said, I'd rather he get away with those hypothetical crimes than we start allowing situations like this to happen.
So, to recap, make him unlock to read the known files (by exact path) and nothing else on the drive.
So I am of the opposite opinion. If the hash information isn't enough to try him with, then I'd rather he go free, than set a precedent that it's acceptable for a court to compel someone to decrypt information because someone in law enforcement just "knows" the evidence is there. Because once this order is allowed to stand, the level of certainty required to compel decryption is going to continually be lowered.
I'm sympathetic to why you'd be cautious, but that's not fitting in this case -- this is a highly specific case with a number of circumstances that meaningfully differentiate it from the generic case of providing decrypted media. He's guilty and the checksums are enough to convict him (we're talking many checksums, metadata, partial confessions) and this is about him frustrating the discovery process.
> Because once this order is allowed to stand, the level of certainty required to compel decryption is going to continually be lowered.
This is a slippery slope fallacy. I had some leaning towards this perspective, but then I read the source document, which goes into far more detail. There's a definite nuance to this case.
The FBI gets a warrant, executes a raid, picks up every piece of electronic equipment in the place, but can't find the files the ISP says should be there. Can the defendant, in this case, be compelled to decrypt an encrypted hard drive file or partition at this point, because law enforcement "knows" that those files are somewhere in his (digital) possession? What if it were a guest in his house? What if it were the neighbor, stealing wifi?
Based on this precedent, I think another judge could find reasonable cause to compel in that scenario. Is this a violation of the 5th Amendment? The defense FOR the judge's actions in this case -- based on other reasoning in this thread -- is that only files with those hashes could be used against him, at this point. In this hypothetical case, though, what if LE found OTHER files of child pornography? Would they be admissable? Alternatively, if they found other material (e.g, bomb-making), could it be used against him in a separate case? I'm not sure I trust the government in either one of these situations.
It seems highly likely that we'll get a government employee's opinion on precisely this scenario someday, and I don't think that this employee is going to find in a manner against his employer. As with so many other of the Constitutional protections of the Bill of Rights, they've slowly been chipped away in precisely these kinds of legal "corner cases." Sue me for being paranoid.
Have we not spent the past couple of years confirming that the "slippery slope" of catching "bad guys" has, in fact, completely eliminated the protection of the 4th Amendment for communications? You could argue that it hasn't, because the government hasn't prosecuted a citizen based on the warrantless, wholesale monitoring of any and all electronic communications -- THAT WE KNOW OF -- but it's extraordinarily clear that shouldn't be happening in the first place, according The Constitution.
If you haven't done so, check out the source document for the article as Arstechnica didn't include some important details (and the headline "Man jailed indefinitely for refusing to decrypt hard drives loses appeal" talks past what is actually happening): https://arstechnica.com/wp-content/uploads/2017/03/rawlsopin...
> ...but what if an ISP reports that files with those hashes have been downloaded by a particular IP address? ... but can't find the files the ISP says should be there.
I think this case is particular due to the lack of breaks in the chain. In your hypothetical, law enforcement and the prosecution have _vastly less information_ than in this actual case.
Law enforcement knew the path from a remote source, to (presumably dhcp lease based) ISP records, to the laptop that accessed the content (known to be the defendant's), to checksums in logs matching a physical drive (also known to be the defendant's). Coupled with other evidence, the defendant frustrating the process by pretending to no longer know the decryption phrase, and partial admissions of guilt by the defendant, this is a vast distance than a hypothetical case of "someone from this IP address downloaded Game of Thrones Season 1 from bittorrent, so hand over anything that can store bytes" (to use a far less disgusting crime to help keep emotion away from the discussion).
> Based on this precedent, I think another judge could find reasonable cause to compel in that scenario.
Luckily, the US justice system is built on nuance; this case wouldn't hold up as a generalizable excuse to compel decryption -- which is why they're invoking the foregone conclusion rule to secure the production of evidence based on the enormity of the other factors.
> In this hypothetical case, though, what if LE found OTHER files of child pornography? Would they be admissable?
I honestly don't know. In this case, the defendant is refusing to provide (multiple pieces of) evidence that is known to exist by checksum and direct file path.
> Alternatively, if they found other material (e.g, bomb-making), could it be used against him in a separate case?
Having information on how to construct a bomb is not illegal, any more than getting a degree in chemistry is illegal, but plotting to kill people with a bomb is legally actionable.
> I'm not sure I trust the government in either one of these situations.
I agree with you, but on a different shade of the argument. I'm suspicious that the ecosystem of justice is built on securing convictions as opposed to seeking objective truths. In this case, I support the government/court based on the information I have.
> As with so many other of the Constitutional protections of the Bill of Rights, they've slowly been chipped away in precisely these kinds of legal "corner cases."
I don't know which other cases to which you're referring, but the argument to be made here is that this isn't a corner case. This is having mathematical certainty that the defendant has evidence and is refusing to hand it over.
> Sue me for being paranoid.
No law against being paranoid :)
> but it's extraordinarily clear that shouldn't be happening in the first place, according The Constitution.
Actual question: where in the constitution is this clearly stated?
You're obviously way more legally savvy than I am. Just goes to prove that a _little_ knowledge is a dangerous thing. Totally agree on the "securing convictions" motivation.
I'm referring to the 4th, about needing a warrant to intercept communications. Is that not clearly stated? Maybe my ignorance is showing again. Doesn't the 4th -- on the face of it -- preclude any system of wholesale collection of electronic communications?
Oh no, don't feel that way. The law is a man-made thing at the intersection of logic and opinion, which is why there's so many laws and tests -- if you haven't read the source document that's linked in the Arstechnica article, I would, as it has a lot of important detail.
> I'm referring to the 4th, about needing a warrant to intercept communications...Doesn't the 4th -- on the face of it -- preclude any system of wholesale collection of electronic communications?
Law enforcement were specifically targeting traffic expected to have child pornography and the people trying to exchange it on freenet who join very-special-purposed groups. Peer-to-peer platforms depend on people being free to join, and having special-purpose groups really helps with the "probable cause" condition of the 4th.
On the back of that, the defendant gave them confirmation of his illegal acts, so this case is about recovering evidence known to exist.
If you don't like the process, that's a different conversation.
If the framers had meant to say "provide evidence" instead of "be a witness" they would have said that. They were lawyers and those words were commonly used legal terms that meant the same things they do today.
"To bear arms" doesn't mean to have human arms, after all
If the government can't compel someone to say when, where and how they disposed of the bodies, then they also can't make someone explain how they encrypted some files.
In case they can confirm the existence of files some other way I guess you could make the case that the government can force someone to produce those files. Of course this won't tell them anything they didn't know already (which is kind of the point). Making someone produce files that may or may not exist is the same as making them testify that those files exist and that they have access to them, which I would argue falls under the 5th amendment.
The Fifth Amendment has been consistently interpreted to mean far more than "confession"
If there is a warrant to search my property, I am obligated to assist if required. E.g. open the gun safe. (Hey, speaking of guns...You know what other antedquated amendment from the Founding Fathers would be really convenient to ignore...)
Now, AFAIK, no one has tested whether that still hold true of a combination safe, where the access substaintivly requires information from the accused.
And a combination safe is very similar to an encrypted drive.
Law enforcement students often ask the question “can I search a locked container?” A better question to ask may be “when can I search a locked container?” The fact that a container is locked may not increase the possessor owner’s expectation of privacy but does limit the law enforcement officer’s access to the secured area. The ability to search a locked container will depend on the justification the law enforcement officer has for intruding into the area. The purpose of this article is to examine the different legal avenues a law enforcement officer can use to search locked containers. ..."
Well, my glove compartment is locked
So is the trunk in the back
And I know my rights, so you gon' need a warrant for that
> And I know my rights, so you go’n need a warrant for that . . . If this Essay serves no other purpose, I hope it serves to debunk, for any readers who persist in believing it, the myth that locking your trunk will keep the cops from searching it. Based on the number of my students who arrived at law school believing that if you lock your trunk and glove compartment, the police will need a warrant to search them, I surmise that it’s even more widespread among the lay public. But it’s completely, 100% wrong.
Caleb Mason, "JAY-Z’S 99 PROBLEMS, VERSE 2: A CLOSE READING WITH FOURTH AMENDMENT GUIDANCE FOR COPS AND PERPS", http://web.archive.org/web/20130216120816/http://slu.edu/Doc...
I'm not sure that's true, the police are authorized to break whatever they need to if you don't assist.
As for combo safes, this seems like a good overview: http://blogs.denverpost.com/crime/2012/01/05/why-criminals-s...
Maybe indefinite detention, and a chance at public attention is better than life in prison as a convicted child molester.
Lets suppose that there is someone motivated enough to distroy you. This people has months to mess with your system and substitute your usual decrypt command with a slightly modified version that 1) decrypts a file as usual when entered the right password and 2) runs a last extra line of code that inserts a child porn image or short video in the file. The timestamp of the decrypted file was changed to now. So you will not suspect that the file has been significatively modified also in the same operation. If the decrypt executable is closed and not easily available to examine... what could you do to prove your innocence?
Is possible for the jury (or the lawyer) to re-encrypt the file again exactly as in the first time to detect if the file was changed?
What does that mean though? obligation is given meaning by the penalty for not complying.
No, they can't. The way it's done is by trying many passwords until the right one is found. Once you have the right password, you can use it to decrypt the drive's contents, but then you are "opening it with the password".
(IIRC, there were some bad "hardware encryption" HDDs where the password wasn't actually used to encrypt the drive's contents, just verified against something in the drive's NVRAM; these can be bypassed. But that's not the case here.)
About those: http://www.h-online.com/security/features/Enclosed-but-not-e...
Sadly the images appear to be not working. But they were very clear: what should have been a point cloud had clear lines.
That you acquire the password in the process of opening it is immaterial.
For example if if there are server logs showing I downloaded illegal files, and there are people who testify that I talked about downloading illegal files, and there is non pre-installed software on my computer that is used for encryption then probably that sequence of random bits is an encrypted file.
Maybe you can't prove it mathematically, but you can prove it legally.
A doubt which you cannot reason away is reasonable, by definition. Therefore it is below the threshold of legal proof.
It is could even be possible, even likely, to create encryption schemes where several different encrypted volumes could share the exact same data blocks using something similar to homomorphic encryption. Which raises and obvious question: If the unlocked drive did not contain the data sought, can we hold someone in contempt after they did what we asked from them simply because we didn't find what we were looking for? Because we truly can't know if there is several encrypted volume in the same space without assumptions about information entropy and inaccessible configuration data.
Thankfully homomorphic encryption is not really practically viable today, so that particularly nasty can of worms is not imminent to solve, but we might be well served to let out decisions be informed by it, as it breaks most assumptions of what can be known, and what can't.
More specifically, no one should be compelled to assist the government in one's own prosecution.
America has had atrocious decisions from the supreme court. In Dred Scott, they said black people have no rights because they are black. In Roe v Wade, the abortion laws of 47 states were struck down by 5 oligarchs. No matter what you believe about black people or abortion, it isn't right that 5 unelected people should determine the fate of a nation, able to overrule every state and federal law with no consequences.
The argument in the parent is well-worn, but it fails serious consideration if it ignores the facts that the U.S. courts interpret laws made by the elected officials, that the judges are appointed by elected officials, that their unelected status is established by elected officials and a national referendum (i.e., the votes that established the Constitution), and the reasons for their unelected status.
What I think we should do is revisit what exactly SCOTUS does, and why. Right now they basically have the final say in any question of constitutionality, and the outcomes are either "it's constitutional" or "it's unconstitutional". I think that's wrong - the third possible outcome should be "Constitution is ambiguous on this". Currently this gets folded into one of the other options, depending on the majority of the court, but I think it's a poor model - if Constitution really is ambiguous, I don't want a simple majority of a few unelected people, many of whom are quite partisan, to make that decision.
Instead, I think this option (ambiguity) should be explicit. The way it would work is something like this - if the court decision is unanimous (or maybe with at most one dissenter) one way or the other, then it's assumed that the Constitution is really unambiguous on the subject, and that's the ruling - same as now.
But if you get a bigger split, then the ruling is automatically "ambiguous". At that point all the disagreeing parties on the court should have to sit down and write a short opinion on what changes to the Constitution they would require to make the other side's opinion unambiguously correct (if there are more than two sides - which can be the case if different judges rule the same way for different and unrelated reasons - then such opinions should be written for all parties other than the one in question).
Then, those opinions are automatically submitted as proposed constitutional amendments to the states for ratification, per usual procedure, except that each state can only ratify one at a time, and there's a reasonable time limit. If one of the amendments wins, then (since all judges have already stated under oath that this is what is required to remove any ambiguity) the ruling is in favor of the corresponding opinion.
If none of the amendments get the requisite majority of state ratifications, then court decides based on simple majority, just like today - but the resulting decision is not considered binding precedent, and only applies to that one case. If the same ambiguity arises in future cases, the process has to be repeated.
Ideally, this should be combined with a lower bar for constitutional amendments - 3/4 of states is really quite ridiculous, given the sheer number of them, and population differences. Something like 2/3 would be more sensible. Although ideally it should incorporate direct popular vote in a referendum as well, in a series of cascading vetoes to check each other - e.g. 2/3 of popular vote is enough to amend, but a simple majority of states can veto that, but 3/4 of popular vote can override the veto.
The constitution is the source of where the courts derive their power. Being able to change the level of power you have seems to be against the constitutions purpose of defining, limiting, and binding the Govt.
Article III, Section 2, Clause 1 of the Constitution states:
The judicial Power shall extend to all Cases, in Law and Equity, arising under this Constitution,
.... Not OVER the constition... Under it.
It should also be noted that it was long-standing British common law that courts ruled on the interpretation of law, and that there was ample precedent in the US revolutionary period of state Supreme Courts voiding state laws under state constitutions. Virtually every reference to the notion of questions of constitutionality pre-Marbury v Madison accepts that the judicial courts would play a role in this regard. The only extent to which the decision would have been surprising would have been in arguing whose opinion won it in the case of conflicts. (Note that nullification crises continued up to the Civil War).
Diversity. All systems have failure modes (current fav: utility monsters).
By combining multiple systems, you limit the severity of a failure of any one system. All participating systems must be in a failure mode for the overall systems to be in a failure mode.
If the Supreme Court were elected, it would suffer from basically the same failure modes as other elected offices, and would be able to provide a systemic durability against those failure modes.
... the appeals court, like the police, agreed that the presence of child porn on his drives was a "foregone conclusion." The Fifth Amendment, at its most basic level, protects suspects from being forced to disclose incriminating evidence. In this instance, however, the authorities said they already know there's child porn on the drives, so Rawls' constitutional rights aren't compromised.
The Philadelphia-based appeals court ruled:
Forensic examination also disclosed that Doe [Rawls] had downloaded thousands of files known by their "hash" values to be child pornography. The files, however, were not on the Mac Pro, but instead had been stored on the encrypted external hard drives. Accordingly, the files themselves could not be accessed.
The court also noted that the authorities "found [on the Mac Book Pro] one image depicting a pubescent girl in a sexually suggestive position and logs that suggested the user had visited groups with titles common in child exploitation." They also said the man's sister had "reported" that her brother showed him hundreds of pictures and videos of child pornography. All of this, according to the appeals court, meant that the lower court lawfully ordered Rawls to unlock the drives.
Sometimes, the act of producing evidence in response to a government request involves the defendant making implicit incriminating assertions. If the government says "produce all your cooked accounting books," handing over those documents implicitly communicates the assertions that (1) certain books exist; (2) those books are doctored; and (3) you have ownership/control over them. However, say the government asks you for your bank records. When you hand them over, you're implicitly saying "I have bank records," and "these are my bank records." That's not incriminating -- even if the bank records themselves might contain incriminating evidence.
The "foregone conclusion rule," says that the act of production is non-testimonial when the incriminating facts are already known. If the existence of doctored books is already known by other means, the act of producing them doesn't communicate anything to the authorities. The books themselves are obviously communicated, but the 5th amendment does not protect the underlying evidence. It protects the implied statements by the defendant about the underlying evidence.
Hence the threading the needle in the opinion. They're not asking the guy to make incriminating statements about the existence of incriminating evidence. They're asking him to turn over the incriminating evidence they already know exists.
 Note that the Court is not saying "we already know he's guilty so the 5th amendment doesn't apply."
As a gratuitously distorted example, lets say i had cooked accounting books in a spreadsheet on my computer, and they were encrypted by a random password that /i/ do not know, but have on a memory stick in a safe. It seems that logically that would be equivalent, but i also am very much not a lawyer so am perfectly willing to accept i am missing nuance of the law.
Outside of the law i don't like the forgone conclusion stuff - for example, revolution period you could say hanging out with revolutionaries regularly could reasonably conclude your documents include a calendar for revolutionary meetings so you should be required to provide that information and/or information required to receive that. Obviously that's some contorted logic but i don't think it's that far removed from this.
I would argue that a hash match should be sufficient, and i would be convinced that (absent other information and details) this was evidence that he's a pedo, but i can see how a lawyer could create reasonable doubt where in reality there is none (specifically referring to hashes here, nothing else).
Of course i can't serve on a jury (and apparently knowing what you're talking about may be disqualifying? :-/)
Basically, judges don't agree on which way this scenario comes out.
> Outside of the law i don't like the forgone conclusion stuff - for example, revolution period you could say hanging out with revolutionaries regularly could reasonably conclude your documents include a calendar for revolutionary meetings so you should be required to provide that information and/or information required to receive that.
The "foregone conclusion" stuff is narrower than Ars makes it out to be. The gist of the 5th amendment is that the government can make a defendant do things but not transfer information. Sometimes, an action can implicitly transfer information. The foregone conclusion rule just says that if the government already has the information, then the action does not additionally transfer information.
In your hypothetical, the foregone conclusion rule would not apply because even if the government "could reasonably conclude" that you have a calendar, producing it would still confirm that conjecture (and thus transfer information). But if the government knows you have the calendar, however, because your sister testified that you keep a calendar of revolutionary meetings, then producing it becomes a pure action.
 I'd actually argue that the gist of the 5th amendment is even narrower than that: the government literally can't put you on the stand to testify against yourself, or enter into evidence a coerced confession. That's it.
You opening the safe cannot be used as evidence against you; that would cause your action to be "testimonial", and protected. The contents of the safe are evidence, and not testimonial.
If I'm understanding this correctly; it would be like saying "open the safe with the illegal weapons in it", and pointing at the safe. If you open it, does that mean you're admitting the weapons are illegal?
Kind of, yes. The non-contrived situation where this comes up is with subpoenas. A subpoena will request specific documents or specific kinds of documents. Responding to the subpoena requires making judgments about what documents are responsive to the request, and there is an implicit assertion that documents produced fall within the scope of the subpoena request.
So the government cannot, for example, make you "produce all accounting records containing false numbers." Producing documents in response to that comes with the implicit admission that the accounting records are false. The government can eliminate that problem simply by asking for all accounting records.
What befuddles my non-lawyer mind is that why such evidence is needed in the first place. If it's established firmly that someone has piles of illegal files, then for the sake of their incrimination, why do the files need to be produced at all?
If on the other hand, the files are being requisitioned for purposes unrelated to the the defendant's current outstanding culpability, then what laws does that kind of thing fall under?
So, you might say, ok, then that means asking Rawls to unlock the drives is asking him to incriminate himself, and that's not cool. But still, go back to the "foregone conclusion" bit: this isn't a fishing expedition to see if they can find evidence of wrongdoing. They're not asking him, "Hey, do you have any child porn on your hard drives? If so, give them to us." If that were what they're doing, Rawls would be perfectly in the right to say, "I do not have any files to give you". They know, based on the log files, that the incriminating files are on the drive. They are merely requiring Rawls to produce evidence that they know exists, and his refusal to do so is unlawful. Just as if someone refused to turn over bank records that the authorities knew existed.
I know I'm not explaining this perfectly (IANAL, as I said), but hopefully this helps?
If I have sales receipts and camera footage showing you purchased 100 Led Zeppelin CDs, do I need to see the CDs in person before I know you have good taste in music?
I'm guessing this has something to do with the subtleties of admissible evidence versus 4th amendment stuff.
Maybe the hashes can only tell that some drive contains the images, and the prosecutor believes it is this particular drive, and tries to avoid having to deal with that defense ?
If there is evidence that the particular drive contains those images, why bother with the drive at all ? This is the part that doesn't make sense to me.
Here's what I'm missing: why doesn't, in a similar vein, the government simply ask him to unlock the hard drives without any claimed assumption as to their contents?
What is a confession but a piece of evidence stored in memory made of biological matter?
How is it different to grant a confession where the memory is electronic rather than biological?
"Lay inside this fMRI machine for an accurate brainscan if you are lying, and image retrieval of the time in question. Or you will be put in jail until you do."
And I also seem to remember a certain dead salmon who in an fMRI, showed amazing brain activity(!).
It seems to me that unless we decide that memories stored in digital media is subject to the same sorts of rights against intrusion from the state as memories stored in biological media, the scenario you describe is inevitable precisely because the line between these two types of memory will be increasingly blurred.
* "The fact remains that the government has not brought charges," [his attorney] Donoghue said in a telephone interview. It seems a warrant is at issue, if I understand correctly.
* The contempt-of-court order against Rawls was obtained by authorities citing the 1789 All Writs Act. The All Writs Act was the same law the Justice Department asserted in its legal battle with Apple
* The authorities, however, said no testimony was needed from Rawls. Rather, they said, (PDF) "he can keep his passwords to himself" and "produce his computer and hard drives in an unencrypted state."
* My completely amateur thoughts: If they already can prove he has child porn, then they don't need the additional evidence. If they do need the additional evidence, then he is incriminating himself.
Except that's not how it works, and that's not what the 5th protects against. Let's say you have bank records that incriminate you in some money-laundering scheme. The authorities know that you have these records, because an associate of yours has informed them that you do. The protection against self-incrimination is about transfer of information, not about pure action (even if that pure action implicitly transfers incriminating information). The incriminating information would be "I have bank records that detail illegal activity". The authorities already know that; they do not have to ask you to provide that incriminating information. However, it is absolutely within their rights to say "give me all your bank records dated from X to Y", and yes, you must comply.
Sure, you can try to provide incomplete or doctored records, but if they're able to prove that they're incomplete, you're in contempt of the court order, and they'll likely add obstruction of justice or evidence tampering to the list of charges.
In the narrowest possible view, the 5th protects you from being put up on the stand and to be coerced into a confession. Some/many judges interpret it a bit wider than that, but it seems few would find the request that Rawls turns over the files in question to be problematic.
That's a good point. They either have proof he downloaded child porn or they don't. They're definitely trying to do more than prove it. Probably set a precedent increasing their power as usual.
And so on. I'm pretty sure pedophile is near the top of the "you better make damn sure they don't get off" list.
It's not illegal to be a pedophile. It's illegal to possess child pornography.
You can't answer the question "if they can prove" before court, as it's decided only then. You must finish the evidence gathering before you have a judgement on that.
IIRC, he also stated that he has forgotten his password (and after 18 months, it has become believable).
Edit: whether or not it's true in this instance.
Of course, Free people know that rights are obtained and maintained by individuals themselves - eg the second amendment.
That judge's behavior and (the laws that enables it) is sickening. You either have enough evidence to convict a person, or you don't.
> At the contempt hearing, the Government presented several witnesses to support its prima facie case of contempt. Doe’s sister testified to the fact that, while in her presence, Doe accessed child pornography files on his Mac Pro computer by means of entering passwords from memory. Further, a detective who executed the original search warrant stated that Doe did not provide his password at the time because he wanted to prevent the police from accessing his computer. Doe never asserted an inability to remember the passwords at that time.
If the defendant wanted to argue that he no longer remembered the password (but would be willing to decrypt the drive if he could), then that's something that the judge would consider. But a judge can't (and won't) simply say "Oh, maybe he hasn't complied because he just forgot the password. I'm going to let him off"
Witnesses (in the sense of being called to that stand in a courtroom) are frequently asked to tell the court what they saw/heard/did, or from where/whom they received information. Refusing to answer may get them pulled up on contempt charges, and if they claim not to remember then the judge needs to decide whether they are lying.
Given the impossibility of proving (in an absolute sense) that the witness does in fact remember (at that exact moment), it's a game that witnesses are likely to get away with (hence the standard "I don't recall" answer from politicians and beuracrats), but it's not a universal solution to the "I don't want to tell you" scenario.
However, if that was the case then they wouldn't need to decrypt the drives, so this whole case smells quite a bit.
AFAIK there is a similar situation in the airport immigration; if you are an US citizen and don't want to provide a password for an encrypted device, they'll make you have a bad time, then throw the device and then let you in. Same for foreigners except with a flight back instead of letting them in. The bad time they give you basically depends on the immigration officer.
For SSD's it'd be as simple as an automatic single pass overwrite and a new encryption key. For HDD, the hyper-paranoid could rig their drives with small explosives to fracture the platters.
There are other solutions though, and of course you can make your own if you feel confident about it.
Innocence until proven guilty. I don't want to live in a society where law is determined by emotions and personal bias, even if some criminals end up escaping justice.
Side note: I can't believe I feel the need to state this, but evidently it needs to be stated (from comments in this thread): these two drives where set up as part of a backup solution. They contain my personal data. They do not contain child pornography.
The prosecution was able to convince a judge that there is encrypted child pornography on those drives. The judge can't force a jury to accept that (a ruling of fact), but (s)he can make a ruling of law that the defendant no longer has a fifth amendment defense to producing a decrypted version of those drives.
The gov's argument seems to be that because the defendant doesn't have to give the government the password but rather produce the decrypted hard drives, his actions aren't protected under the fifth. Analogy drawn with unlocking a safe.
EFF counter-argument to the safe analogy is that the encrypted documents do not simultaneously exist in a decrypted form protected by an obstacle, like a safe, but rather are produced as an act of translating the data from decrypted to unencrypted form; the government already has the data on the drives, they just can't understand it without the contents of the defendant's mind.
Justices then press the gov lawyer on whether there are fourth amendment issues in the case, as in whether the government can search all files on the hard drive, if decrypted, for evidence of criminality beyond the specific files they seek. Gov lawyer punts on the issue.
Basically it seems like a steep hill for proponents of encryption. The justices talk about how we're heading for a world where almost everything is encrypted, and encryption proponents are asking the government to give up an enormous amount of power.
1) I use a password manager so I don't know the password. However, I have the means to acquire the password.
2) I use a password manager but somehow lost access to it unintentionally.
3) I use a password manager and lost access to it by design. (eg. Using a dead man's switch of some kind that deletes it if I don't "check in" for some period of time)
4) I used to know the password. However, I suffered a traumatic brain injury and cannot recall it.
I obviously don't have the answers but I think these are interesting to think about as different points in a large legal grey area.
If there is reason to believe that you are telling the truth (say, you're being asked which of two parking spaces you saw a car in 10 years ago) then you're fine.
Same thing goes here. Rational disinterested people (a judge or a jury) will look at the available evidence and make their best judgement about whether you are telling the truth when you say you can't remember.
Sure, in order to encode both sets of data into a single encrypted result would require more storage space, but that is a small price to pay for protection against self incrimination from our ever growing police and surveillance state.
The end of the article captures why this idea would be so effective, viz. "The authorities, however, said no testimony was needed from Rawls. Rather, they said, 'he can keep his passwords to himself' and 'produce his computer and hard drives in an unencrypted state.'"
It is absolutely true and valid that the government has the right to compel people to hand over evidence that they are KNOWN to possess (in the same way that legal discovery is essential to civil cases). The line the government is drawing between self-incrimination and forced cooperation in an investigation is they they don't want him to tell them the password or what is on the drives -- they simply want him to hand over the drives in an intelligible state. Thus, if one could decrypt the drives to an intelligible set of data but not the data they desire, then you would be complying with the court order and could not be held in contempt.
Can someone on HN who knows more about cryptography help poke holes in my idea?
There's also https://en.wikipedia.org/wiki/Rubberhose_(file_system) and others: https://en.wikipedia.org/wiki/Deniable_encryption
Same general principle, you allegedly can't prove the hidden volumes exist unless you have the decryption key.
The idea is if you are compelled somehow by force to unlock your bitcoin wallet, you can use a secondary password that assumingly has less bitcoin than your regular bitcoin wallet.
What would happen if, after your bank records were subpoenaed, you hand over the falsified records?
Well, you'd be committing a crime. Maybe you get away with it, or maybe law enforcement figures it out and you get caught. Depends on how clever of a criminal you are.
Same thing here with your double-plaintext encryption.
You wanted the contents of this drive? Here they are!
The owner of the drive is definitely in a legal and moral grey area, but it would be supremely difficult to prove mens rea in this case.
Interesting thought experiment: What happens when someone fills a hard drive with junk data and then encrypts it, then gets subpoena'd for the unencrypted contents of the drive?
Further, the owner of the drive is not in a legal or moral grey area. They are in a "black" area where it's quite clear that they are being intentionally deceptive in defiance of a court order.
You moved on from this aspect too quick. The "price being paid" isn't the economic cost of more storage space, but the technical fact that your ciphertext is clearly capable of containing more information, and therefore probably does. This is a fundamental constraint of steganography.
The general answer to this is to align the size of the ciphertext with some larger more-fixed volume size that has another plausible reason for existing. With Truecrypt you could say "I created a 1GiB volume as a nice round number for future storage, even though I only ever stored 100MB on there". With a general steganographic filesystem you could say "I bought a 4TB disk even though I didn't put much on there", etc.
But note these arguments are only suggestive and not open-and-shut. If one has a data-hoarder amount of hard drives but only reveals enough data on them to fill up a decade-old single drive, they aren't going to be believed.