First, there isn't enough information to know what it is this person has (or has not) done.
Secondly, the fifth amendment of the US Constitution allows you to refuse to provide testimony which you feel may incriminate you. Generally encryption pass phrases do not count as testimony, the legal system treats them as keys. And that would be covered under the fourth amendment which says the government cannot compel to you to give access to your property for search unless they have probable cause.
If they do have probable cause, they get a warrant which gives them the power to do the search temporarily and only for what they think exists. So if you get a warrant to search your hard drive for something, you are compelled to give them the password just like you are compelled to let them into your house if they have a warrant to search for something like drugs or guns or counterfeit plush toys.
However sometimes the courts do see it as a fifth amendment issue [1] and that has been under debate for a while. (As far as I can tell the legal theory is similar to the police not being able to compel you to tell them where you left the body in a capital crime.)
Disclaimer I am not a lawyer this isn't legal advice, and I've not followed up the cited case to see if it made it to the supreme court or not. Any circuit level decision would not be binding on different circuits.
What if your passphrase to your truecrypt container (let's say it contains, for the purpose of this thought experiment, child pornography) is the true statement: "I am [for this thought experiment] a child pornography collector."
Wouldn't it be a violation of the 5th amendment to be compelled to provide that passphrase, because it is an admission against interest and therefore would be admissible if you disclosed it? Wouldn't it also serve to waive 5th amendment privilege, and possibly put you at risk of being forced to take the stand?
If it were an admission of a different crime, a court could grant you immunity on those unrelated charges, but if it is relevant to the crime the government is investigating by asking you to reveal your passphrase... how can anyone, luddite judge or not, separate "key" from "testimony" in that circumstance?
In the context of testimony, I'd argue (as a philosopher, not a lawyer) that a mention does not count as testimony and cannot be used against you. Obviously, an observation of the mention could lead the police to consider other avenues of investigation however.
That only means you don't have to say anything to the police while you are in custody but have not yet been charged with a crime, and your lawyer is not present. It's not meant as a blanket protection against having to give testimony.
It is blanket protection from testifying during any phase except if you've been given immunity. Then your testimony cannot be used against you and you can be compelled to testify.
"If the government gives an individual immunity, then that individual may be compelled to testify. Immunity may be "transactional immunity" or "use immunity"; in the former, the witness is immune from prosecution for offenses related to the testimony; in the latter, the witness may be prosecuted, but his testimony may not be used against him. In Kastigar v. United States, 406 U.S. 441 (1972), the Supreme Court held that the government need only grant use immunity to compel testimony. The use immunity, however, must extend not only to the testimony made by the witness, but also to all evidence derived therefrom. This scenario most commonly arises in cases related to organized crime."
You also are missing the point of TrueCrypt: Plausible Dependability and multiple passwords for different content. It'd be like "Give us the key to this safe that unlocks the incriminating evidence, even though we have absolutely no way of knowing if you're hiding more or giving us the full truth".
You could have cat pictures encrypted with passphrase A and incriminating evidence (that stands up to the best forensic analysis currently available) encrypted with passphrase B and they wouldn't know which is which, if they unlocked ALL the data, or what.
Truecrypt is AMAZING and anyone holding onto stuff that might get them into trouble (esp. w/ foreign gov'ts) should use it.
Compliance doesn't require that you provide them with the passphrase. It simply requires that you provide access to the material. Typing your password into the computer to let them copy the material would suffice.
You could try. The judge could also demand that you provide your lawyer with the pass phrase and that the lawyer then enter that pass phrase when required to by the digital forensics team in such a way that does not reveal the password to the forensics team. The judge also has the authority to strike things from the record and could simple demand that you provide the pass phrase and that any mention of the actual pass phrase not be used in court and that any such usage will not be a part of the trial records. Either way, the 5th is a weak shield to try to hide behind in this case.
I don't see how providing a passphrase is an admission of anything. You're not stating a fact, you're just providing the passphrase, which could be anything (true or false).
5th amendment is the right against self-incrimination. The response could provide self-incriminating evidence of an illegal act punishable by fines, penalties or forfeiture. Giving a password to your encrypted database could easily be interpreted as testifying against yourself as defined in the 5th amendment.
You're admitting you have a passphrase, and therefore that you have access to the information it protects. This piece of information is non-trivial, as it eliminates one avenue of plausible deniability, and actions that implicitly provide this information are recognized as testimonial in nature.
"If they do have probable cause, they get a warrant which gives them the power to do the search temporarily and only for what they think exists. So if you get a warrant to search your hard drive for something, you are compelled to give them the password just like you are compelled to let them into your house if they have a warrant to search for something like drugs or guns or counterfeit plush toys."
Does US law require me to open the door of my house to the police if they have a warrant?
In lots of countries a warrant allows the police to search your house, but it does not require your cooperation. You may not actively hinder the police from doing their task, but you, e.g., do not need to open the door.
"Does US law require me to open the door of my house to the police if they have a warrant?"
Its a good question, you are required to co-operate with the authorities in the lawful execution of their job. The term 'lawful' is, of course, subject to legal interpretation.
Police have arrested people for filming them arresting others, typically the scenario is "They ask the person filming to stop while they are doing their job, person doesn't, they arrest them for interfering with an officer." (sister-in-law is a public defender, I get to hear all the excuses). So far the California lower courts are still fumbling around this issue. I expect it to make it to the ninth circuit sometime later this year or early next year.
The question of "Can you make a house that the police can't search without your co-operation?" is a good one, and I'll ask my lawyer friends if that approach has been taken yet. Generally a subpoena is the court ordering you to co-operate and generally you must (or be held in contempt of court).
So I expect such cases would go "give us your hard drive" followed by "give us the key", followed by a refusal, followed by a subpoena, followed by another refusal, followed by being in jail for contempt.
If you did shred your key so that you literally cannot decrypt the drive, then I would expect you to spend a few days in jail (so that the prosecutor could prove to themselves you are serious) and then they would return your drive after re-formatting it. How they would justify that I do not know but I know that they would try.
Intentionally making your data inaccessible (by encryption or otherwise) without a means of recovering it to attempt to prevent it being used against you in court could be considered destruction of evidence. If convicted of that, expect far more than a few days in jail, depending on how annoyed the judge is with you.
Typically, you are in trouble when you destroy evidence when you has reasonable cause to believe that it is evidence.
If I delete all of my email today, I'm not committing a crime. But if I find out that my company is being sued for breach of a contract that I was working on, deleting email becomes suspicious.
My attorney has advised me that the best thing in this situation is to have a personal data retention policy: "I delete my email the first monday of every month."
Then, do just that.
If a civil or criminal case is brought against you the law says you must stop any routine houskeeping tasks like that to preserve evidence, but the most you'd have then is 4 weeks worth. Much better than 4 years.
The flip side is I escaped being charged with conspiracy to launder money because I had kept email from several years prior in which I complained at length to my manager about how a particular client was behaving, and then escalated it to his manager. Both managers were implicated, but I could show that I'd reported the behaviour and been reassured by two people who I trusted that nothing illegal was going on.
Actually, I should elaborate: if it were just two people I trusted reassuring me it was fine, I would probably have still been on the hook for contributory negligence. What got me off completely was the fact that the responses I got from the senior manager said that he'd passed all of my information on to the legal team, who'd been over it with a fine-toothed comb and decided it was all above-board. What got HIM in trouble was that he'd never passed it on to legal at all.
The fifth amendment defense was overturned in the Boucher case because: "A District Court judge agreed with the government, holding that, given Boucher's initial cooperation in showing some of the content of his computer to border agents, producing the complete contents would not constitute self-incrimination." [1]. Without Boucher having given up the names and titles of his files, it is entirely reasonable to expect that the fifth amendment would hold when testimony is asked without knowing what is inside the encrypted space.
an EFF lawyer talked about this at toorcon last year and said the exact opposite of what you just said. What she basically said was that you can plead the fifth to not give up the password however the court can give you amnesty for whatever you say (the key) can not be used against you. The content that is found on the hard drive using that key could still be used against you. Once the court gives you amnesty you can no longer plead the fifth and if you still refuse they can hold you for an indefinite amount of time.
I find that problematic in a way. If in a murder case the defendent was given immunity for him to say the statement "the body is buried at xyz" would the corpse being found using that statement be used against him?
bit late on the response but it's a different situation. Pleading the fifth isn't the same as not knowing or forgetting something. Murderers don't bury bodies then when caught say that they know where it's buried but aren't telling. Even if this was the case and they gave the defendant immunity for knowing where the body is, once they found the body they could use the body to try and find evidence to link the defendant to the murder. It's just like saying "ok well just because you know where the body is, it doesn't mean you murdered the person".
Good summary, the only difference between this and the house key example is that you can "forget" the password. When you "forget" there is nothing they can do besides say you are unstable and hold you in contempt of court.
True, and shredding a key would be no different than shredding evidence. You could be charged with destroying evidence but not the crime the evidence supported.
I dot think you'd be charged with destroying evidence, because that would be assuming that there would be evidence. Instead, I suspect you'd be charged with contempt or obstruction of justice, or something along those lines. Otherwise, yes, I think you're right.
Under civil law, a finding that evidence was destroyed implies a finding of the fact that the destroyed evidence would have supported. I'm not sure how this would affect a criminal law proceeding, though I'm reasonably the prosecutor would be allowed to introduce that fact to prove guilt. (Ultimately it would be up to the jury to decide.)
Plaintiff: "There was a dead-body in the toilet, but the defendant has been regularly flushing, thereby destroying the evidence and proving his guilt."
I was referring specifically to civil matters, not criminal ones. A relevant example would be a claim that D defrauded P; a finding that D intentionally destroyed evidence that would prove the fraud could be used to support a finding of fact that the fraud occurred.
Assume a case like TrueCrypt's hidden volumes, where multiple keys decrypt different content. Could you use the key to decrypt the fake content, and then when asked if that key was the "real key", refuse to answer on Fifth Amendment grounds?
AIUI TrueCrypt has one hidden volume for every real volume, so it's reasonable for law enforcement to ask for the hidden volume if there's a real one. But what if there was a hard disk encryption system that allowed a large number of hidden volumes (say 1000), and a suspect provided police with keys for 5 of them -- how would the police know that there was any more? I think that this would give more effective plausible deniability.
That's the whole point of this feature as far as I can tell: It should be impossible (ignoring flaws in the software/system) to know if there's a hidden volume. You give the key to the decoy, smile and ask if you can comply in any other way and move along. The english phrase that I see connected to this all the time seems to be plausible deniability [1]?
Since hidden volumes are an optional feature and - again, in theory - cannot be proven to exist, you can always claim that this is the only password. Even if the judge/attorney knows a thing or two about true crypt.
>"So if you get a warrant to search your hard drive for something, you are compelled to give them the password just like you are compelled to let them into your house if they have a warrant to search for something like drugs or guns or counterfeit plush toys."
You might also be missing something about TrueCrypt: plausible deniability. You can have different passphrases that unlock different things. You could provide them with a passphrase the only unlocks innocent documents when really you have CP stored using a DIFFERENT pass phrase -- any this would stand up to any cryptographical analysis -- they simply cannot PROVE that the CP exists or even that more encrypted data exists.
The analogy to a key isn't quite valid here; it's more like the doors in that hallway in the matrix. If you use key A in the door, you will get content A. However, you can use a different key, open the door, and it'll go somewhere else entirely. Also, if you rip the door off the wall, there is just the wall behind it. Crazy stuff, that.
Secondly, the fifth amendment of the US Constitution allows you to refuse to provide testimony which you feel may incriminate you. Generally encryption pass phrases do not count as testimony, the legal system treats them as keys. And that would be covered under the fourth amendment which says the government cannot compel to you to give access to your property for search unless they have probable cause.
If they do have probable cause, they get a warrant which gives them the power to do the search temporarily and only for what they think exists. So if you get a warrant to search your hard drive for something, you are compelled to give them the password just like you are compelled to let them into your house if they have a warrant to search for something like drugs or guns or counterfeit plush toys.
However sometimes the courts do see it as a fifth amendment issue [1] and that has been under debate for a while. (As far as I can tell the legal theory is similar to the police not being able to compel you to tell them where you left the body in a capital crime.)
Disclaimer I am not a lawyer this isn't legal advice, and I've not followed up the cited case to see if it made it to the supreme court or not. Any circuit level decision would not be binding on different circuits.
[1] http://news.cnet.com/8301-13578_3-9854034-38.html
Follow up on the Boucher case: https://secure.wikimedia.org/wikipedia/en/wiki/United_States...
Where the fifth amendment defense was overturned.