Judge orders defendant to decrypt PGP-protected laptop

Marcus Brinkmann marcus.brinkmann at ruhr-uni-bochum.de
Wed Mar 4 05:29:20 EST 2009 

Adam Fields wrote:
> On Tue, Mar 03, 2009 at 12:26:32PM -0500, Perry E. Metzger wrote:
>> Quoting:
>>
>>    A federal judge has ordered a criminal defendant to decrypt his
>>    hard drive by typing in his PGP passphrase so prosecutors can view
>>    the unencrypted files, a ruling that raises serious concerns about
>>    self-incrimination in an electronic age.
>>
>> http://news.cnet.com/8301-13578_3-10172866-38.html
> 
> The privacy issues are troubling, of course, but it would seem trivial
> to bypass this sort of compulsion by having the disk encryption
> software allow multiple passwords, each of which unlocks a different
> version of the encrypted partition.
> 
> When compelled to give out your password, you give out the one that
> unlocks the partition full of kitten and puppy pictures, and who's to
> say that's not all there is on the drive?

In this particular case, the border guard already saw the supposedly
incriminating documents, but they failed to properly secure the evidence (the
picture on the laptop) at that time.   When they shut down the laptop, the
evidence was locked down by the encryption due to the removal of the
encryption key from RAM.  Securing digital evidence is a big problem for law
enforcement.

So, if the defense then discloses a different encryption drive with only
kitten and puppy pictures, they will be in very big trouble, as there is
already testimony that other files exist.

The defense is asked to produce the documents in question.  I don't know much
about the legal bells and whistles that apply to such a case, but here are
some ideas:

* Maybe the defense could ask the prosecution to describe which pictures they
want to have in particular, and the defense can make a case to just produce
those particular pictures.  However, the prosecution can probably just demand
to produce all files within particular folders, which are easier to recall and
more likely to hit something interesting.

* Maybe the defense can argue that they lost the password and thus access to
the document.  They'd better make a convincing argument that they really can
not recover it.  It would be great if that argument is tied to the police
confiscating the equipment.  Maybe the password  was written in invisible ink
on the laptop and needs to be rewritten every day or it washes away...

* I wonder if it may not be a better strategy to reveal the password and then
argue that the pornography is legal or widely available on the internet,
supposing it really is just generic internet porn.  OTOH, some material may be
legal only in some countries.

A couple of consequences:

* The safest thing to do is to do a clean operating system install before
traveling.

* If you use encryption, shut it down before crossing the border.

* Computers have too many documents in a single, easily accessible location.
If the files were more dispersed, the defense might be able to weasel out by
producing fewer documents.  Nobody would bring a meter-high stack of porn
magazines from Amsterdam in their luggage, but with cheap mass storage it's a
different situation.

Also, this information is easily explorable by everyone using the file
manager.  Maybe hierarchical organization is not the best way to store such
documents.  A searchable database that limits the number of results may offer
some protection against "stumbling over something interesting".

* Online storage may be an attractive solution for border crossing without
leaving documents at home.  The internet is a big smuggling ring that easily
avoids border guards.

Marcus

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list