Hacker Newsnew | comments | show | ask | jobs | submit login

Realize that this is a fairly narrow opinion, and, in my opinion, not a particularly well-reasoned one.

The issue here is child pornography: the would-be defendant was suspected of having child pornography on various hard drives which were encrypted. The court states that the actual contents of the hard drive are themselves not testimonial—that is, they are not covered by the Fifth Amendment and, if the government had access to the hard drives, they could present whatever was incriminating on them into evidence. So the issue is whether the act of producing the documents is a testimonial act and therefore covered by the Fifth Amendment

The court concludes that the act of production is a testimonial act because, one, the testimony was not a "foregone conclusion." This holding is based on a case called Fisher v. United States, in which the Supreme Court stated that it was not testimonial to hand over certain papers that might have incriminating evidence because conceding that documents existed, that you had control over the documents, or that they were in your possession was not incriminatory given the circumstances of that case. Under the "foregone conclusion" doctrine, the government knew of the existence and location of these papers so the production of the papers added nothing or little to the government's information. If the government did NOT know that documents existed, they could not compel a would-be defendant to reveal the documents.

Second, and most importantly, the court concluded that decrypting the documents would "use the contents of [the would-be defendant]'s mind" because "the decryption and production would be tantamount to testimony by Doe of his knowledge of the existence and location of potentially incriminating files; of his possession, control, and access to the encrypted portions of the drives; and of his capability to decrypt the files." It's again important to note that this is a child pornography case: possession of child pornography is a crime, so if the would-be defendant here provided a decryption key, this would be tantamount to him admitting that he possessed the hard drive and had access to the files within it—that alone would constitute a crime if the files were found to be child pornography. This is therefore what the court later refers to as an "implied factual statement" and the Fifth Amendment protects this. Although the court also suggests that providing a decryption key might be like providing a combination (and therefore be admissible for Fifth Amendment protection on other grounds), it unfortunately devotes very little space to this discussion—and this seems to be the really big issue here.

The case therefore leaves several unanswered questions: this is a child pornography cases where mere possession alone is a crime: what if that wasn't the case? What if this was a murder case and the defendant had stored notes about his murder on the computer? What if the foregone conclusion doctrine wasn't applicable—would the conclusion here be the same (most of the opinion is actually devoted to this discussion, which is less broadly applicable because, if the police know of the existence of specific files on hard drive, this doctrine is inapplicable)?

Anyhow: it still is possible to get access to these documents if the government gives him sufficient immunity, as the court notes. This would be pretty important because if no one could ever access these documents (which presumably would be possible if the would-be defendant doesn't decrypt them) that would be an enormous problem for our justice system.

In conclusion: the applicability of this case to future cases is unclear, so, for those that want this result, I don't really think this is a "slam dunk." There will likely be many future cases further developing this doctrine. As such, right now, it's very difficult to discuss the merits of the court's holding on the "decryption is testimony" argument (which, in my mind, is the most important) in a general sense, since the reasoning here seems very specific to the facts of case.




Anyhow: it still is possible to get access to these documents if the government gives him sufficient immunity, as the court notes. This would be pretty important because if no one could ever access these documents (which presumably would be possible if the would-be defendant doesn't decrypt them) that would be an enormous problem for our justice system.

Here's the sticking point for me: it's perhaps overly pedantic, but I want to view the world honestly, and there are some great points of absurdity here. (I always like the absurd, and the ways our world is otherworldly.)

The problem is that much of our approach to information is creative, and we need to start thinking in those terms.

If you have a JPEG of a murder on your unencrypted hard drive, that's not actually a photograph; it's a set of magnetic pointings which can with certain hardware be used to produce a photograph. If you think about it, that also applies to writing on paper, or colored splotches encoding an image into a physical photograph. Those require a creative attempt to produce meaning. The meaning can be off if the creative attempt is not followed through correctly. The easy way to see this is to imagine someone systematically using a common word in an uncommon way -- Feynman for example was once, on the Challenger commission, chasing down memos which sounded like NASA had been actively irresponsible, but instead it turned out to be a figure of speech they'd adopted for a certain phase of their construction. Or imagine that our demented individual really does have a very detailed, lifelike photograph which appears to document his murder of another, but in fact the "murdered" girl is a still-alive actress who was paid to appear in these photographs; the "blood" and such is very convincing but is ultimately a prop.

So the meaning can be off, if the creative act goes awry. I'm using this to underscore that you have to think, at some level, about that recreation of semantics from the physical fact.

Let me be clear: I don't think this is a barrier to investigation usually. I think it's clear that we expect a sort of 'normal hardware' that allows us to recreate semantics. The photographs in this safe, when viewed by a normal person in normal lighting, would show an image of the defendant committing a murder -- and if they want to say that this was all theatrically staged, they may produce the actress or others involved in the production. By that account, photographs inside of a safe are also governed by this principle: even if their physical location happens to be remote and inaccessible, reproducing the image from the photograph is as simple as just looking at it. The photograph really contains the image, up to a 'trivial' semantics.

Now bring this back to your other example of an encrypted disk storing child pornography. That is a nontrivial semantic inflation: you are literally asking the defendant to create child pornography for the purposes of the case. In some sense perhaps you're just saying "create whatever this drive's contents are," with the understanding that the police is going to look through it for child pornography -- in that phrasing, it's more clear that this pornography might not actually exist, etc. -- so there is perhaps a way to comply without generating child pornography at the judge's request.

But still, that's a little mad and absurd in the wonderful way that our world can be otherworldly. It opens up all sorts of questions which I have no clue how to answer. Decryption, like most computation, is a creative act. To demand decryption is to demand creation.

I quoted the above in particular because I really don't care about the "enormous problem for our justice system." Like, the fact that we don't have embedded realtime GPS trackers installed in our spines is an "enormous problem for our justice system" because it makes it so tremendously hard to figure out whether our alibis are true or false. Screw that sort of thinking. Whatever caused the investigators to think this individual was manufacturing or downloading kiddie porn should have been enough to convict. This shouldn't be a gray-matter area. "We just cracked down on this peer-to-peer kiddie porn program, we saw that you were using it to share many images, here are the filenames that the defendant's computer was sharing at the time we busted into his house with a warrant." (Are the police allowed to download such things? Probably. "Here are just a couple of the images we downloaded from him," too, then.) So, if they don't have a case and are fishing through the hard drive to try to make one, that's more or less explicitly what the Fifth Amendment is supposed to guard against: "we don't know your exact sins but we know you're a sinner so damn it, confess!"

But still, the sticking point is the glorious absurdity: "Mr. Doe, we have reason to believe that if you say the magic word, your computer will manufacture child pornography. We demand that you say the magic word, so that we know whether this is true." How will we decide that issue in the face of its pure and present absurdity?

-----


I have another pedantic concern, along different lines. Strictly speaking, decryption function y = f(x) produces deterministic output y based on the application of an algorithm to key x.

Most encryption software, including TrueCrypt, will complain if you provide the wrong key. I object to this behaviour strenuously. What if it stopped doing that? What if it just gave you whatever output would arise from feeding key x into the algorithm? It would be upon the court to show that the resulting incoherent mass of bytes does not contain "satisfactory" output, which requires them to show what the satisfactory output ought to be, which means they must have some idea of what they're looking for to begin with and the ability to show that it exists on the encrypted medium to begin with. This would be problematic in most cases.

-----


Well, it's not actually too problematic. Usually there are forms of metadata which persist and can store this sort of information. So let's assume that you didn't go for whole-drive encryption, and your text editor shows in its recent history "/media/truecrypt1/where-I-buried-him.txt", written on the evening of the murder: so the police believe that somewhere on your computer is a text document revealing where the victim was buried. And since it's my story, we'll suppose that you're completely innocent and that this is a fictional story you've been writing for the last three months, but you're worried that your bizarre murder fiction sounds eerily similar to the circumstances that the other guy died, and might tend to sound incriminating or character-assassinating to a jury.

Even if TrueCrypt didn't protect their encryption with a message-authentication code, the police would still notice that you had given them a decrypted file without a filesystem on it -- much less a filesystem containing /media/truecrypt1/where-I-buried-him.txt . If they have already convinced a judge to force you to decrypt the file, they could just tell the judge "this person is being uncooperative!" and your hijinks will get you nowhere.

Now suppose that they do not have this, but convince the judge that since you have TrueCrypt, and this is the only random-looking file on your computer, that this is probably your TrueCrypt archive. They convince the judge to threaten you with contempt if you don't decrypt it, through whatever means they have available to them. Well, TrueCrypt containers are always meant to be directories -- i.e. they always hold file systems -- and so you'd best decrypt this container into a file system! But that severely restricts your defense.

TrueCrypt will let you do something different: to provide a 'wrong key' which indeed decrypts the device to a valid file system. This is their 'hidden volume' system.

I'm kind of mixed in my reaction to TrueCrypt's hidden partitions, for other reasons. But they address the problem that you've identified, and I haven't figured out a better solution.

-----


Well, TrueCrypt containers are always meant to be directories -- i.e. they always hold file systems -- and so you'd best decrypt this container into a file system! But that severely restricts your defense.

TrueCrypt is not meant to hold file systems any more than a hard drive is. There is nothing stopping you from not creating a file system on your truecrypt volume and just storing garbage in it - or use another encryption software on top of it.

TrueCrypts hidden-volume feature is quite meaningless in most cases (my opinion) due to the way it is likely used. If you present a decryption key that gives access to a filesystem that does not match what was expected then you are in trouble.

Especially the hidden OS feature... So you have been using this laptop on multiple occasions the last week (of which we have proof) but according to the filesystem you presented to us this system haven't been used for over a month.

The same goes for a hidden volume. Unless you actively use it as often as you use your device (which is really cumbersome to do right) you might just be better of without it since exposing it will tell them way more than you want to tell them (for starters it will tell them that you are actively lying and having made precautions in order to try and get away with lying).

-----


Your last paragraph is actually the "mixed reactions" that I was having. It seems like for hidden volumes to work right, you need to constantly be using the outer volume. That's fine, there are plenty of applications you might want to encrypt but might not need to hide from the police -- passwords and emails, perhaps, or legally-downloaded-and-possessed pornography, or a journal, or something like those.

The problem is, due to what I guess is something of a flaw in the central idea, you ultimately have to provide the password for your inner volume when you do all of these things which don't involve it. So now your private data is split up over two drives, which is at least somewhat questionable, and also the "mundane" drive requires the "important" password.

This may be acceptable if you're collecting a small cache of text documents which you believe could harm a corporation -- then you say "no, I don't have those articles, see, this really is just my porn stash, please don't hurt me. But a criminal or a government -- no, they're willing to be patient and they're perhaps willing to peek at your password input prompts with webcams or audio-recordings. They would know that there's an extra password being entered every time you decrypt that file.

-----


Truecrypt do not allow this (yet).

There is another cool utility - encfs. It have magic option "--anykey". Basically, it stops verification of key hash and always tries to decrypt with key you provided. Thing is - it will show you only correctly decrypted files. So, by using different passwords you essentially create layers of encrypted files, where each layer is decrypted by different password..

Truth is - if something did not decrypt, LEO will see it, but I do not see how they could prove you provided wrong password intentionally, and not at some point changed password to new one, and old been forgot. This essentially will happen when you use different password - you will receive no error and empty container where you can start add personal files..

-----


> which means they must have some idea of what they're looking for to begin with and the ability to show that it exists on the encrypted medium to begin with

this is not a pedantic side concern, but is in fact, the key component of the government's ability to compel evidence production. if they cannot show that they know what's on your hard drive, that you control it, and that what's on your hard drive is incriminating, they cannot compel you to decrypt it.

so yeah, if you gave them a bad key and your decryption algo returned garbage, they'd certainly lock you up for contempt (given the aforementioned conditions were true).

-----


That'll be a problem when people really do forget their passphrases. Given that they've been through a lot of excietment, what with getting arrested and maybe jailed for a while, and they're often asked for the passphrase a significant amount of time after the computer is confiscated, that could well happen.

-----


You might be interested in

http://en.wikipedia.org/wiki/Deniable_encryption

-----


And then you'd have to hope that the 1 in 1e100 chance doesn't come along where your passkey changes your hard drive into a Windows 95 computer filled with US nuclear secrets.

-----


dm-crypt does this. I don't know the internals of the algorithms used, so I don't know whether that is just a feature of the userspace software or it is impossible to verify the decryption was succesful. I presume it depends on whether a hash or a header are stored somewhere.

-----


From a theoretical perspective, applying encryption/decryption is more like applying an isomorphism, that is, turning one mathematical structure into an equivalent mathematical structure (with no information loss). I cannot see how this is a "creating" action, let alone a "creative" one.

Now, such isomorphisms turning one information into another could in theory be found for any two pieces of information, but here we are talking about a very limited family of isomorphisms between spaces of all finite binary sequences, so there is little to no creativity involved in selecting and using such an encryption function.

-----


I feel like I followed your reasoning but did not end up at your conclusion. Where do you draw the line to say passing over that line is creation? You seem to start out making the point that the decrypted drive is many steps away from child pornography, power needs to be supplied, the hard drive needs to spin, an operating system, CPU, motherboard etc needs to interact with the drive to read the bits and copy them to many different memory systems, an algorithm needs to be applied to them to decode their compression, the result of which needs to be fed to a display or printer and viewed by a person with functioning eyes...

But then you seem to be fine ignoring all that and calling the decrypted contents "child pornography". Why aren't the encrypted contents also child pornography? Why is decrypting them the point of creation, rather than, say, opening them in an image viewer?

-----


I think you didn't follow my reasoning then. The point is that the creative act is everywhere, and we prefer to abstract it away in general. So it's not that "passing over some line" is creation, there are dozens of creation lines that we must follow to go from "this block of metal" to "contains an image of the murder." That block of metal contains spins which we interpret as 1s and 0s comprising a pattern which we'd recognize as a compressed JPEG file which, if you render it onto a screen and then look at it, and interpret this blob of color as being blood and that blob of color as being the victim, shows an image of the victim apparently recently deceased. All of those are essentially creative steps.

Now, I'm also trying to form a line of demarcation for why we feel we can abstract those away, and I think that at least an acceptable first approximation, a first abstraction layer, is something like "a normal person with normal tools can look at X and, through this, view a pornographic image."

If it's encrypted then the point is that this becomes one of Joel on Software's "leaky abstractions." The problem is that no, we can no longer ignore the massive number of creations, because you need to say a Magic Phrase to interpret this thing as an image. If you pronounce a different phrase, it just looks like random data. What we're telling the defendant is something like, "say the phrase that makes this look incriminating" -- or perhaps just "say the phrase that makes this not look random."

I guess to answer your last question: Neither the encrypted nor the decrypted contents are, in the absolute strictest sense, images. They have to be rendered onto a screen and then viewed by a conscious person of sound mind to be images. (Maybe a better word is "viewings.")

So decrypting them is a point of creation, as is opening them in an image viewer, as is looking at that image viewer. The absurd thing to me is, if you really focus on the technical details, you'd have to conclude that they don't become "child pornography" until we view them and say "that looks like it was intended to arouse someone, and it looks like it contains an underage person."

So part of why I'm proposing the above "normal people with normal tools" idea is to give some ground to say that the decrypted stuff "can be thought of as child pornography" -- because a normal person will come to that judgment when using the data in a normal way. So in that sense, the decrypted contents "are" child pornography.

You may wish to ignore me on that; I may be becoming too philosophical and solving problems that don't need solving. Perhaps the big problem that's sitting at the back of my mind is this: for any large random-looking block of bits you give me, there is in principle a stream of bits which can be XORed with it to convert it into a JPEG file. In practice there are some limits based on block sizes and ciphers, but in principle there exists some mathematical transform which converts any normal hard drive into this sort of thing.

So I'm interested in the philosophical problem of excluding all of the transforms which we don't want to admit.

-----


this is a child pornography cases where mere possession alone is a crime: what if that wasn't the case? What if this was a murder case and the defendant had stored notes about his murder on the computer?

If someone is asked to decrypt their drive for a murder case, could they then invoke the Fifth Amendment on the basis that they might have child pornography? Can the Fifth Amendment protect you on an unrelated crime that you mention without either admitting to it?

-----


This is covered by 18 USC 6002: http://www.law.cornell.edu/uscode/text/18/6002

In short, a judge will grant a person legal immunity from prosecution. This removes the fifth amendment argument, as you cannot be prosecuted for the child porn, and you can be compelled to testify.

For example, an accomplice to a crime might be offered immunity -- after which the accomplice cannot refuse to testify under the fifth amendment. Remember, the fifth only guarantees that you will not be compelled to serve as a witness against yourself -- it does NOT grant you the right to remain silent at all times, contrary to popular belief.

-----


What if the decryption key is "I am guilty of the murder", would it then be protected since the act of revealing it would be self incriminating?

-----


How would that work? If I write "I just killed a child" here it doesn't mean I actually did that. Similarly. if I used a decryption key "I am guilty of the murder" then it still does not mean I'm guilty of any murder, just that I have a poor sense of humour and used an odd encryption key.

-----


That encryption key wouldn't provide proof, but there are many that would. Trivially a sufficiently long key could embed a video of the murder.

-----


And it would be trivially impossible to memorize.

-----


> since the reasoning here seems very specific to the facts of case.

as it should be! i think that neither "all decryption is testimonial" or that "no decryptions are testimonial" are good policies. imho, decryptions should be treated in the same manner as other paper based evidence production requests: most of the time, the government cannot compel you to produce evidence testifying against you, but there are certain exceptions ("foregone conclusions" included).

> What if this was a murder case and the defendant had stored notes about his murder on the computer?

i don't think you're interpreting the "foregone conclusion" doctrine correctly. what it means is that keys, passwords, decryptions, etc cannot be used for the police to go on fishing expeditions for evidence. if they know you have incriminating evidence and can show that, then they can compel the production of that evidence. this is something that happened in US v Fricosu, in which Fricosu actually was compelled to decrypt. note that this ruling, which does not compel decryption, is entirely consistent with US v Fricosu

-----


My reading is that the court implied, and what likely could be argued/people would like to argue, is that, even if police were aware of the existence of specific documents, you might still be able to use the Fifth Amendment to prevent decryption. If that was the clear holding of this case, that would be significant. My point about the murder case was to replicate a factual scenario in which the government knew of specific files, and the possession of those files alone would not constitute a crime: could the would-be defendant still use the protections of the Fifth Amendment to prevent decryption? That factual scenario is comparable to Fricosu: the government knew of the existence of specific files and compelled decryption. Given the dicta in this case, however, it is arguable that, even in such a scenario, a defendant would be able to prevent decryption, thus creating an inconsistency with Fricosu. As far as I am aware, only the Fricosu court has discussed this issue--and that was cursory, and from a district court in Colorado.

-----


I'm sorry, I don't understand how the fact that possession itself is criminal is relevant. If the government actually knew of the existence and location of illegal files on the case, the foregone conclusion doctrine would allow them to compel decryption (as in U.S. v. Boucher). The same would be true of your hypothetical murder evidence.

-----


If you cannot decrypt the files, can you be said to be in possession of the child pornography? In other words, even if the files are child pornography, if he cannot decrypt them himself, it isn't clear if he is guilty of the crime. OTOH if he can, it is clear he is.

-----


> even if police were aware of the existence of specific documents, you might still be able to use the Fifth Amendment to prevent decryption

not if it knew that these documents were under your control and were incriminating. what exactly suggests your reading? the opinion was pretty specific about how the government could not prove the existence of any specific incriminating files on the defendant's drive, and thus, it was not a foregone conclusion

> the murder case ... possession of those files alone would not constitute a crime

whether the possession of the files is in and of itself a crime is irrelevant to the fifth amendment. the only thing that matters is whether your testimony can be used to incriminate yourself.

> Given the dicta in this case, however, it is arguable that, even in such a scenario, a defendant would be able to prevent decryption, thus creating an inconsistency with Fricosu

Author of the article disagrees. From the article:

> Also note that the court’s analysis isn’t inconsistent with Boucher and Fricosu, the two district court cases on 5th Amendment limits on decryption. In both of those prior cases, the district courts merely held on the facts of the case that the testimony was a foregone conclusion.

-----


I understand that this case was decided on grounds consistent with Fricosu, and that the court held that the testimony was not a foregone conclusion and therefore the court could not compel decryption. I am not disputing that that is the holding of this case.

However, in addition to that, the court notes that there are two reasons why the Fifth Amendment prevents compelled description. Besides the foregone conclusion doctrine, there is discussion such at 22: "the decryption and production of the hard drives would require the use of the contents of Doe’s mind and could not be fairly characterized as a physical act that would be nontestimonial in nature. We conclude that the decryption and production would be tantamount to testimony by Doe of his knowledge of the existence and location of potentially incriminating files; of his possession, control, and access to the encrypted portions of the drives; and of his capability to decrypt the files." This to me implies the court's belief that the act of production would be testimonial because it would imply that Doe possesed and had access to incriminating files. Since possessing and having access to child pronography is a crime, that alone--that act of him affirming that he had access to such files by providing a decryption key--would incriminate him. By implication, this would not be the case if possession of certain docuemnts was not itself a crime, yet these documents could be incriminating.

The court spends 2 paragraphs discussing this, but I think it is not inconceivable that this sort of argument could be applied to other cases where the foregone conclusion doctrine might otherwise be succesfully applied to compel decryption, since ostensibly any 1 of the court's two points could be used to prevent compelled decryption. I wonder if this conclusion is based solely on the nature of the crime alleged here, or would be applicable to other crimes where merely showing that you have possession to access to incriminating documents is not itself a crime, as in child pornography.

-----


Those would be very fringe cases where they can't possibly catch a child pornographer without the data from his hard drive. You have to balance things out. The potential for abuse otherwise is a lot greater I think.

-----




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: