Hacker News new | comments | show | ask | jobs | submit login

The analogy to a combination for a safe seems very apt, I've forgotten: what is the precedent in such situations? Have people been forced to give up the combination for a safe in court before?


> With a safe, however, the government does have the recourse of breaking out a blowtorch and cutting the safe open (which has been done in order to circumvent the 5th Amendment issues of compelling a suspect or defendant to open the combination lock).

It's also worth adding that a safe can be forced open physically within a reasonable amount of time. A drive, encrypted properly, may not be able to be decrypted our lifetime, and this is what leads law enforcement to attempt to 'force' the suspect to provide the key themselves.

How long does my safe have to be uncrackable in order for me to have to open it to incriminate myself?

I personally have no ability to crack a safe, and that makes all safes out of reach to someone at my skill level. If I'm all the police have to crack your safe, do you have to incriminate yourself? If not, then what level of competence do the police have to demonstrate?

Full-disk encryption is theoretically strong, but actual implementations are not likely to be as secure. If you tasked the world's best cryptographers with getting data off an encrypted computer and gave them five years, I bet you'd get the data. And I'm pretty sure that the Constitution doesn't say: "No person shall be compelled in any criminal case to be a witness against himself, unless the government is to cheap to do a proper investigation."

See shingen's comment

Also, if the police blow-torch open your safe the prosecutors still have to prove you had knowledge and access to what was in the safe. If you are forced to give access you are most certainly self-incriminating yourself.

Imagine if you stored a murder weapon in a safe. A search warrant will almost always open a safe (either by voluntary capitulation or by force).

There has been a lot of debate over whether a court should have to issue a specific search warrant just for a safe, or whether a search warrant for your property is enough to allow them to open such. The authorities always attempt to apply a search warrant for your house to mean your safe as well. You'd need some kind of pre-emptive action to try to stop that, and even then, good luck.

Sorry, that's a bit different than what I'm asking. One of the ways the "safe" analogy breaks down when talking about crypto is that safes can generally be broken open by force but well encrypted data cannot be. I'm asking if there have been instances in the past where police could not break open a safe by force and so instead compelled (or tried to compel) the defendant to reveal the combination in court.

I just asked a lawyer friend this that does trials; he says: in cases where there is a sealed safe (the police / govt didn't breach it for whatever reason) a court will usually ask you to open it if the prosecution can provide enough evidence to suggest that the contents are a critical element to the case. That requires some kind of trail that leads to the safe. A court won't just automatically force you to open your safe and potentially incriminate yourself; but they also will not allow you to use a safe to hide your murder weapon if all evidence points to you having stored it there.

In the case of cryptography, if the contents are bad enough to put you in prison for a zillion years, obviously you have to make a judgment call as to the punishment if you refuse a court order to decrypt the contents. Since this is still such a relatively new gray area, I'd say a court would still blaze its own path (not depend primarily on prior precedent) in deciding if you're to be compelled. Perhaps you aren't likely to be convicted of the worst charges if you don't decrypt, and it might prevent the prosecution from building up other charges, but you will be punished by the court for refusing its order.

Would refusal to decrypt be contempt of court? If so, the penalties seem to be far more lenient than any of the crimes I can think of that one would want evidence of hidden. It may well be that savvy criminals would adopt strong encryption as a matter of course.

Yes, it'd be contempt of court if you disobeyed a court order to decrypt a drive. The contempt would very likely be preferable. It's not a felony after all.

It'd have to be better than what is on the drive - assuming you've got anything on the drive to begin with (some kind of incriminating evidence or something else they can build charges with). The difference might very well be that you prevent the prosecution from building a strong enough case, and at the least maybe you buy yourself some time to build a better defense.

I'd predict that as major crime continues to shift to the digital realm, criminals will adopt ever stronger encryption for that very reason, and the government will use that practice to argue in favor of violating more civil rights. Seems to be the trend these days.

IANAL, but isn't there something about the rules of evidence?

Like, the prosecution can't just say "we think he hid it on an encrypted HDD, but we aren't sure". The judge won't allow that. But if you claim to have forgotten the password, then the prosecution can speculate.

What if the evidence is exculpatory, but you still refuse to decrypt it? Then you'd be in contempt of court for failing to defend yourself adequately.

Way to answer a question without answering the question, or even knowing the answer. :)


BTW, this came off as snarky and I didn't mean it to sound that way. Apologies in advance.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact