Suppose the suspect Alice only has a portion of the key. Someone else (Bob...) has the remaining key bits.
Alice is busted, and 'compelled to give the key', and DOES provide her portion of the key.
Bob is never found.
Then Alice would be indefinitely imprisoned, even if she would have actually complied with the court order.
It seems unethical, to me.
Bonus question: Alice pretends that Bob exists, but actually he does not, but police cannot prove that. What then?
A possible answer to the first question: Alice is not compelled to provide the key. She is compelled to decrypt the drive. Obviously she can't do that without Bob. Alice is screwed and will spend the rest of her life in prison.
> A possible answer to the first question: Alice is not compelled to provide the key. She is compelled to decrypt the drive. Obviously she can't do that without Bob. Alice is screwed and will spend the rest of her life in prison.
Yes, and in this scenario she would not be held in contempt, so your hypothetical does not apply.
You can only be held in contempt for refusing to comply with court orders, not for the failure of a desired outcome.
Let's put it another way: you are totally misunderstanding why this fellow is in jail. It is not because the hard drive remains encrypted - it is because he defied a court order to decrypt it. Granted, if the drive were decrypted by other means he would likely be let out of prison because the point of holding him for contempt would be frustrated - but that does not mean that he was put into jail because the drive was not decrypted. Contempt is solely about defying court orders.
If Alice gave over her half of the key, she would have complied with the order, therefore, there would be no grounds for contempt.
There's no observable difference between inability to produce a result and refusing to produce a result. How do they know he didn't just forget the password? Or that the password was recorded somewhere that he no longer has access to? After sitting in jail for many months, it is very easy to forget a password that you no longer use regularly.
From the article: "Rawls, the government argues, (PDF) "repeatedly asserts that the All Writs Act order requires him to divulge his passcodes, but he is incorrect: the order requires no testimony from [Rawls], and he may keep his passcodes to himself. Instead, the order requires only that [Rawls] produce his computer and hard drives in an unencrypted state.""
How far can court orders go? Let's say he was a crooked accountant and the police couldn't understand his spreadsheet. Is he obligated to show him what he was doing?
To me this is what the disk encryption is like. The cops can't understand how to read the disk. Is he obligated to help them? What if the pictures in there are encoded using a weird format? Should he be forced to produce a program to read them?
I wonder if he had an encryption scheme that deleted the data in the event of n password failures and also something of legal value like bitcoins on the drive. Perhaps, then he could argue that knowingly attempting to log in using potentially incorrect passwords constitutes undue harm.
I co-authored a project that works on Debian that do unattended reboots of encrypted disk drives which allows for scenarios where Alice don't know any part of the key. Every time the machine boots up bob get a request on the network and he can chose to approve or deny. Bob in turn could be in a different country which would make coercion a bit hard.
I think I remember you giving a talk about this at SmashTheStack in Malmo, Sweden.
I believe I asked then about maybe having support for non-debian systems and eventually something like Windows in the distant future.. What kind of support would you need for it to be worthwhile investing in that?
>Alice pretends that Bob exists, but actually he does not, but police cannot prove that. What then?
Well it's pretty obvious what happens then. The police claim Alice is lying and hold her in contempt indefinitely. The man from the article claims that he doesn't remember the passwords anymore and can't possibly comply, he's still being held in contempt even though there's nothing concrete to show that he still knows the password.
What's the current status on §§ 1021-1022 from the 2012 NDAA bill? [1] Did that become law as it was written, and is it still active? It made provisions for the US military to indefinitely detain US citizens without due process. I've found these things difficult to keep track of frankly, with so many egregious laws from just the last ten years.
Doesn't this boil down to the "I am willing but unable" situation? The man in this case was the "unwilling but able" situation. My question is wouldn't the man be shifted into the former situation if he just claimed to be now willing but to have forgotten his keys.
IANAL, but it would fail to meet the basic criteria, as the communication was not for the purpose of securing legal advice and, the prosecution would argue, the communication was made for the purpose of committing a crime.
Alice has created a file containing random data. Authorities think it is an encrypted volume and wants Alice to give up the key. Alice has no way to prove it is just a file with random data and is imprisoned indefinitely for essentially having a file with random data =]
Alice is able to switch the tracks on a trolley hurtling towards the encrypted only copy of the rest of her key towards a track where Clive, the only person who knows the key to that secondary encryption, is tied...
Interesting thought experiment, but ultimately flawed. For this to make any sense, you first need to answer a question: Why are the authorities looking at Alice's computer in the first place?
Also, it's extrapolating a lot from a case that's actually a fair bit less sinister than what you're suggestion. Facts of this particular case here are that:
1. The guy was a suspect to begin with, and they had
enough evidence of him doing something wrong (from
the Usenet side of the operation) that they got a
warrant to search his computer.
2. The disks are encrypted with off-the-shelf OS-provided
full-disk encryption, which is relatively easy to verify,
rather than some "purely random data that might or might
not be encrypted".
3. At no point has he denied having access to the keys (at
which point it would essentially stop being a 5th amendment
case).
Now, I'm actually of the opinion that he should _not_ have to decrypt those disks, but that's strictly a fifth amendment thing, rather than the more convoluted scenario you're suggesting.
Not sure what the man's crime is here. Does he even remember his keys after sixteen months in the slammer? I don't even remember my Gmail password after 16 days of vacation. Basically, like the article says, it like not opening a safe for an inquisitor: you are damned if you do, you are damned if you don't. Encryption is nothing new people, you are just putting your data in a safe.
We have a tendency to misconstrue, willfully misinterpret, or altogether ignore the law when it comes to prosecuting individuals who we believe to be standing on much lower moral ground. We do so because we want so badly to punish the accused that we are willing to reduce or eliminate greater good that some privacy laws are aiming to provide (i.e. Trumps silly travel ban which is based on his hatred of Muslims built upon imaginary news stories and personal exaggerations of particular recent events -- all laws out the window)
> Encryption is nothing new people, you are just putting your data in a safe.
Well, you could also be held indefinitely for refusing to provide the combination for a safe. If there were safes that could keep them out indefinitely, anyway.
I suspect that they nailed him using ICAC's Black Ice app. It's a hacked version of the Freenet client that logs peer IPs, and tracks hashes that they handle. So his mistake was assuming that deniability was adequate, and failing to hit Freenet via Tor.
His crime is disobeying a court order, which is a crime that you can go to jail for. Just like if you had the key to a safe, and the court orders you to open the safe, you would go to jail if you refuse to do so. If he forgot the keys he could have told the court that and the court would evaluate his credibility.
*edited changed from key to combination because combination locks are protected by the 5th amendment and keys are not.
The courts can compel you to turn over something that you have. Something that you know is protected by the fifth amendment, in particular for combination locks.
A defendant can be compelled to produce material evidence that is incriminating. Fingerprints, blood samples, voice exemplars, handwriting specimens, or other items of physical evidence may be extracted from a defendant against his will. But can he be compelled to use his mind to assist the prosecution in convicting him of a crime? I think not. He may in some cases be forced to surrender a key to a strongbox containing incriminating documents, but I do not believe he can be compelled to reveal the combination to his wall safe -- by word or deed.
> His crime is disobeying a court order, which is a crime that you can go to jail for.
Sure, but isn't the question whether he should go to jail indefinitely? If defying a court order is a crime, then perhaps it should have a well defined jail term.
What about the 5th amendment? I think we can agree without too much of a stretch that our storage data is just an extension of our mind (verily, suppose someone had illegal data stored on their drive and an idedic memory? Destroying the data on the hard drive wouldn't destroy the data in their mind), and thus just as protected by our right not to testify against ourself?
His crime is disobeying a court order, which is a crime that you can go to jail for.
That's not his crime, or as the subtitle below the story's headline states: "He's not charged with a crime." He's held in custody, not serving a sentence for a crime of which he has been convicted. He has never been convicted of any crime by any jury. That's a huge difference, both legally and morally.
> Encryption is nothing new people, you are just putting your data in a safe.
I know this is an old argument, but what if I put the contents in a paper shredder, in the safe? It's still the data, it's just that it went through the shredder. Why is ok for the government to compel you to change the state of the data from encrypted to unencrypted? They couldn't compel Apple write software to decrypt a phone. Why can they compel me to write an encryption key to decrypt data.
Discloser all of my data is encrypted, and if the government asked I would really be torn about giving them keys.
Or, what if you had a paper in a safe that was written in an invented language? They may be able to compel you to open the safe (i.e., provide a BIOS password), but can they compel you to teach them how to read that invented language?
He didn't commit a crime. He is being held in jail for contempt of court. This is how the system works. This is no different than if a judge demanded that you turn over any other form of evidence - it should not be so shocking that you can be held in contempt for refusing to obey a court order.
It is bad, however, that he is being let to rot indefinitely. That is the problem here - not that he was jailed for contempt in the first place.
I would dare say that the really bad part is that there's no way to know for sure if he can even comply with that order. As I understand, he claims that he has forgotten the password. Obviously, it's a convenient excuse, but it's not something utterly improbable. What if he actually did forget the password? Why is the word of the judge alone sufficient to assume otherwise? There seems to be an obvious lack of checks here.
> He didn't commit a crime. He is being held in jail for contempt of court.
The problem is that contempt isn't classified as a crime and so it doesn't have a fixed term. There are moral hazards with having fixed terms like this, but the moral hazards of not having them, like this case, seem worse.
The difference is that the authorities can crack open a safe without the suspect cooperating. But it's virtually impossible to decrypt something without the receiving the key.
I thought the U.S had better key disclosure law[1] than other countries? Personally I would rather not self-incriminate myself by revealing a key, no matter how draconian and lengthy the sentencing was. Why, you ask? Well I consider all my own personal data likened to an extension of my own mind, and revealing a key is like slicing a thin part of my brain and attempting to pick its contents. Never a gentlemanly thing to do in any circumstance.
In terms of being stopped and searched when traveling, I just carry a TailsOS bootable live USB. My laptop doesn't have a hard-drive and boots entirely from my TailsOS USB stick. I did not enable any persistent storage and any bookmarks I need to remember, I simply remember them by rote, like in that movie The Book of Eli[2]. My threat model is such that I don't want anybody knowing my business when traveling. The intrusiveness should only go so far as one question, like "Business or Pleasure?" and that's all.
If you need to cross a border, you will find that the border agents think they have the right to compel you to boot your laptop, including entering any secret or attaching any device required to do so. I doubt that they could ultimately stop you returning to your own country if you held out, but they could stop you leaving, and they could certainly make your life pretty miserable.
In my opinion you'd be much better with a laptop that booted to windows and looked like it had some simple things installed under a password you don't mind giving them. Then they'll probably never get around to asking you about the usb stick your tailsOS is installed on.
You can now get extremely large usb sticks in very small form factors. I have been toying with the idea of creating something that looks exactly (and nonsuspiciously) like a usb 'charging cable' but with built in memory. Ideally if it's plugged into power or a laptop, it just appears as a normal usb cable, but if the microusb end is not plugged in, it shows as a large memory stick you could also boot from.
There's nothing about TailsOS that could arouse suspicion if there's nothing persistent on it that could arouse suspicion, or draw more attention to you. TailsOS is strictly a utility like a wrench or a screwdriver. Providing you exit TailsOS properly and watch the screen as it's wiping the memory to ensure it has infact wiped. TailsOS can prove to be an innocuous O.S after you unload it from memory. They might ask questions, but they have nothing on you.
Bringing a Windows OS is stupid as Windows doesn't clean up properly after shutting down and leaves a forensic footprint which is difficult to cleanup unless you use something like Bleachbit[1] or CCleaner after using Windows. You typically want to offload cleaning up to the O.S level and avoid using such tools such as CCLeaner in the first place (Keep in mind, since this is Windows, there are issues with free space on the drive that leave deleted files remaining on the hard-disk, even after explicitly stating they should be deleted).
With TailsOS, In other words, you can browse freely and with peace of mind that you won't leave a forensic footprint behind, giving you an upper-hand over other passengers who have to self-censor their browsing for fear of scrutiny at a later date from border officers.
Or just make GRUB invisibly boot to a default Windows install unless a key is pressed. They'll never see the other OS. A Tails install on a USB stick might raise questions if they bother to look at it.
Very interesting. You don't have any need for persistent storage that exceeds the amount of information that can be remembered? (E.g. work artifacts, photos, passwords)
I don't want to assume on spaceboy's behalf, but I think all you need is to remember a master password to some sort of (online) password manager. From there you could use cloud services (eg. Dropbox) to access such documents.
Securing cloud hosted documents is obviously another discussion.
From what I understand our legal system was designed to fail "open". Or rather that we are willing to let a guilty person go free rather than an innocent person go to jail.
I know everyone wants to have a perfect justice system but we have to ALSO decide which direction we would like it to fail until that time comes (never). In essence cases like this are more about this question. When the system fails, which direction do we want it to fail in?
As a starting point, see the Wikipedia article on Blackstone's formulation [1]: "It is better that ten guilty persons escape than that one innocent suffer". It refers to an interesting article, "n Guilty Men" [2].
I've always been confused by this proposition; If there is an innocent person convicted of a crime, then there also has to be a guilty person that has gone free.. so it seems the ultimatum has to be
"are we are willing to let a guilty person go free rather than let a guilty person go free and an innocent person go to jail."
That's assuming a hypothetical crime actually happened in the first place. In many cases it's possible that no crime ever happened. (For example, if the man in the article never actually had child porn that doesn't mean someone else did.)
Let's say you have 200,000 suspected criminals, some % of which are criminals. How many of them are you willing to put in prison? If it's looking that most likely around 30% are guilty, do you put 60,000 in prison and say "oh well, some false negatives, some false positives, whatever"
or do you just put 30,000 in prison to prevent most innocent persons from going to jail? Then you are letting half of the guilty people go free
It's a question of how many innocent people you are willing to jail to catch more real criminals
You have an interesting point. I think the struggle that I see as a layperson, is that the system fails hard when it fails.
Let me ask a question, is jail the appropriate sentence for a contempt of court charge? This is not the first time, reporters have been jailed for many months bc of contempt of court charges. Is this the appropriate sentence for the crime of not complying with a court order?
I don't know what the alternative would be... also, on the question of guilt vs. innocence. I can see myself agreeing with you that since the state has such a high burden of proof to meet, that the defense has a an implicit advantage, the issue is that the statistics are showing a far greater issue of a imbalance of justice being applied at different levels of society. There is no good reason that I can see where an innocent poor person goes to jail because of a bad defense, vs a guilty rich person who gets off because of a great defense.
Well I would consider myself a layperson and welcome anyone with actual experience to help educate me on the subject matter. I'm saying this because I'm just offering my own opinions.
In reference to your question I'll pose another question: "Should this be counted as being in contempt of court?"
As to the innocent people going to jail because of bad defense, I think this is why we need to fail in the direction of the innocent. I'd personally rather guilty men go free than innocent men be imprisoned. I think if we're going to figure out the limitations of the 5th Amendment in the digital age we need to decide which direction the system is going to fail. I think many on HN will agree with me, but I'd be interested to know what the country as a whole believes (if anyone has that info).
I think that's most of it, but I also think there's been some weird shift in the way police and prosecutors behave over the last decade. Much has been written how we now effectively have debtor's prisons. People are fined and imprisoned because they can't pay the fines.
The crazy part for me is that this has all happened while the crime rate has been steadily going down, so there's not even a justification for it (from a crime standpoint).
Professor Orin Kerr has wrote about this exact case extensively, and provides a good insight into all legal aspects. I think it is well worth a read, especially the part about the 'forgone conclusion'.
Right. Well that changes things.
There is some evidence of the contents.
I wonder if there are hash values for those 20,000 CEM files and if they are still on freenet. If so LE could aquire, via the hashes, from the network, and prove, without opening the drives, what the contents are. At least it becomes a strong circumstantial case. If you were relying on a single file you could claim the odds of hash collision etc, but after a few hundred I think you are well past that.
There is a pattern of behaviour here.
Speaking from experience of 1 month vacation I'm not sure I'd be able to decrypt after 16 months of not touching a keyboard.
My most important passwords (passphrases for gpg used by password managers and luks) are in my head and muscle memory.
When I update passwords I tend to have them written down until I've typed them enough times.
So after a months vacation I often struggle to remember my work password for example. While using phrases makes all this easier these days, 16 months is a long time to presumably spend without your keyboard.
I like that metaphor. Encrypting data isn't so much like locking it in a safe as it is hiding it somewhere in the key space. The safe metaphor breaks down because you can drill a hole in the safe to see if there is anything inside. But you can't prove that some encrypted data exists any more than you can prove that a particular item is sitting around somewhere on Earth.
Seems to me the 5th should protect him. Question is, is that a good thing?
Should law enforcement have a right to search through court orders? In a world of unbreakable locks it seems very hard to get justice unless the law can do proper searches. If we end up in a world of unbreakable encryption everywhere, seems to me, criminal activity will have huge benefits. If we can't control crime, we can't have a just society. We can't protect a individuals rights if they are undermined by criminals. Of course, it's also hard if the state has too much power to protect and individuals rights. But somewhere we need pragmatic compromises.
If the only trace a criminal activity leaves is on a single encrypted drive, is it important if it gets prosecuted or not?
The police does parallel construction to avoid admitting access to illegally collected evidence, civil forfeiture to punish people for things police doesn't like without having to prove anything, etc — incentives for police to step over the rules are a larger problem than unbreakable encryption right now.
Readit News
Suppose the suspect Alice only has a portion of the key. Someone else (Bob...) has the remaining key bits.
Alice is busted, and 'compelled to give the key', and DOES provide her portion of the key.
Bob is never found.
Then Alice would be indefinitely imprisoned, even if she would have actually complied with the court order.
It seems unethical, to me.
Bonus question: Alice pretends that Bob exists, but actually he does not, but police cannot prove that. What then?
A possible answer to the first question: Alice is not compelled to provide the key. She is compelled to decrypt the drive. Obviously she can't do that without Bob. Alice is screwed and will spend the rest of her life in prison.
Seems harsh.
Yes, and in this scenario she would not be held in contempt, so your hypothetical does not apply.
You can only be held in contempt for refusing to comply with court orders, not for the failure of a desired outcome.
Let's put it another way: you are totally misunderstanding why this fellow is in jail. It is not because the hard drive remains encrypted - it is because he defied a court order to decrypt it. Granted, if the drive were decrypted by other means he would likely be let out of prison because the point of holding him for contempt would be frustrated - but that does not mean that he was put into jail because the drive was not decrypted. Contempt is solely about defying court orders.
If Alice gave over her half of the key, she would have complied with the order, therefore, there would be no grounds for contempt.
To me this is what the disk encryption is like. The cops can't understand how to read the disk. Is he obligated to help them? What if the pictures in there are encoded using a weird format? Should he be forced to produce a program to read them?
IIRC, the I don't recall defense has worked wonders for others in the past.
(Project called Mandos)
I believe I asked then about maybe having support for non-debian systems and eventually something like Windows in the distant future.. What kind of support would you need for it to be worthwhile investing in that?
Well it's pretty obvious what happens then. The police claim Alice is lying and hold her in contempt indefinitely. The man from the article claims that he doesn't remember the passwords anymore and can't possibly comply, he's still being held in contempt even though there's nothing concrete to show that he still knows the password.
[1] https://www.aclu.org/news/president-obama-signs-indefinite-d...
https://en.wikipedia.org/wiki/Attorney–client_privilege
Deleted Comment
Also, it's extrapolating a lot from a case that's actually a fair bit less sinister than what you're suggestion. Facts of this particular case here are that:
Now, I'm actually of the opinion that he should _not_ have to decrypt those disks, but that's strictly a fifth amendment thing, rather than the more convoluted scenario you're suggesting.We have a tendency to misconstrue, willfully misinterpret, or altogether ignore the law when it comes to prosecuting individuals who we believe to be standing on much lower moral ground. We do so because we want so badly to punish the accused that we are willing to reduce or eliminate greater good that some privacy laws are aiming to provide (i.e. Trumps silly travel ban which is based on his hatred of Muslims built upon imaginary news stories and personal exaggerations of particular recent events -- all laws out the window)
> Encryption is nothing new people, you are just putting your data in a safe.
Well, you could also be held indefinitely for refusing to provide the combination for a safe. If there were safes that could keep them out indefinitely, anyway.
I suspect that they nailed him using ICAC's Black Ice app. It's a hacked version of the Freenet client that logs peer IPs, and tracks hashes that they handle. So his mistake was assuming that deniability was adequate, and failing to hit Freenet via Tor.
Edit: 2016-05-26 - Police department's tracking efforts based on false statistics: https://freenetproject.org/news.html#20160526-htl18attack
Is there case law supporting that? Traditionally I think the combination would be considered forced testimony.
*edited changed from key to combination because combination locks are protected by the 5th amendment and keys are not.
https://supreme.justia.com/cases/federal/us/487/201/case.htm...
"""
JUSTICE STEVENS, dissenting.
A defendant can be compelled to produce material evidence that is incriminating. Fingerprints, blood samples, voice exemplars, handwriting specimens, or other items of physical evidence may be extracted from a defendant against his will. But can he be compelled to use his mind to assist the prosecution in convicting him of a crime? I think not. He may in some cases be forced to surrender a key to a strongbox containing incriminating documents, but I do not believe he can be compelled to reveal the combination to his wall safe -- by word or deed.
"""
Sure, but isn't the question whether he should go to jail indefinitely? If defying a court order is a crime, then perhaps it should have a well defined jail term.
That's not his crime, or as the subtitle below the story's headline states: "He's not charged with a crime." He's held in custody, not serving a sentence for a crime of which he has been convicted. He has never been convicted of any crime by any jury. That's a huge difference, both legally and morally.
I know this is an old argument, but what if I put the contents in a paper shredder, in the safe? It's still the data, it's just that it went through the shredder. Why is ok for the government to compel you to change the state of the data from encrypted to unencrypted? They couldn't compel Apple write software to decrypt a phone. Why can they compel me to write an encryption key to decrypt data.
Discloser all of my data is encrypted, and if the government asked I would really be torn about giving them keys.
no, they didn't compel apple
He didn't commit a crime. He is being held in jail for contempt of court. This is how the system works. This is no different than if a judge demanded that you turn over any other form of evidence - it should not be so shocking that you can be held in contempt for refusing to obey a court order.
It is bad, however, that he is being let to rot indefinitely. That is the problem here - not that he was jailed for contempt in the first place.
The problem is that contempt isn't classified as a crime and so it doesn't have a fixed term. There are moral hazards with having fixed terms like this, but the moral hazards of not having them, like this case, seem worse.
In terms of being stopped and searched when traveling, I just carry a TailsOS bootable live USB. My laptop doesn't have a hard-drive and boots entirely from my TailsOS USB stick. I did not enable any persistent storage and any bookmarks I need to remember, I simply remember them by rote, like in that movie The Book of Eli[2]. My threat model is such that I don't want anybody knowing my business when traveling. The intrusiveness should only go so far as one question, like "Business or Pleasure?" and that's all.
[1] https://en.wikipedia.org/wiki/Key_disclosure_law#United_Stat...
[2] https://en.wikipedia.org/wiki/The_Book_of_Eli
In my opinion you'd be much better with a laptop that booted to windows and looked like it had some simple things installed under a password you don't mind giving them. Then they'll probably never get around to asking you about the usb stick your tailsOS is installed on.
You can now get extremely large usb sticks in very small form factors. I have been toying with the idea of creating something that looks exactly (and nonsuspiciously) like a usb 'charging cable' but with built in memory. Ideally if it's plugged into power or a laptop, it just appears as a normal usb cable, but if the microusb end is not plugged in, it shows as a large memory stick you could also boot from.
Bringing a Windows OS is stupid as Windows doesn't clean up properly after shutting down and leaves a forensic footprint which is difficult to cleanup unless you use something like Bleachbit[1] or CCleaner after using Windows. You typically want to offload cleaning up to the O.S level and avoid using such tools such as CCLeaner in the first place (Keep in mind, since this is Windows, there are issues with free space on the drive that leave deleted files remaining on the hard-disk, even after explicitly stating they should be deleted).
With TailsOS, In other words, you can browse freely and with peace of mind that you won't leave a forensic footprint behind, giving you an upper-hand over other passengers who have to self-censor their browsing for fear of scrutiny at a later date from border officers.
[1] https://www.bleachbit.org
[2] https://www.piriform.com/CCLEANER
Securing cloud hosted documents is obviously another discussion.
I know everyone wants to have a perfect justice system but we have to ALSO decide which direction we would like it to fail until that time comes (never). In essence cases like this are more about this question. When the system fails, which direction do we want it to fail in?
[1]: https://en.wikipedia.org/wiki/Blackstone%27s_formulation
[2]: http://www2.law.ucla.edu/volokh/guilty.htm
"are we are willing to let a guilty person go free rather than let a guilty person go free and an innocent person go to jail."
Which has a much more obvious answer..
or do you just put 30,000 in prison to prevent most innocent persons from going to jail? Then you are letting half of the guilty people go free
It's a question of how many innocent people you are willing to jail to catch more real criminals
Let me ask a question, is jail the appropriate sentence for a contempt of court charge? This is not the first time, reporters have been jailed for many months bc of contempt of court charges. Is this the appropriate sentence for the crime of not complying with a court order?
I don't know what the alternative would be... also, on the question of guilt vs. innocence. I can see myself agreeing with you that since the state has such a high burden of proof to meet, that the defense has a an implicit advantage, the issue is that the statistics are showing a far greater issue of a imbalance of justice being applied at different levels of society. There is no good reason that I can see where an innocent poor person goes to jail because of a bad defense, vs a guilty rich person who gets off because of a great defense.
Justice is supposed to be blind.
In reference to your question I'll pose another question: "Should this be counted as being in contempt of court?"
As to the innocent people going to jail because of bad defense, I think this is why we need to fail in the direction of the innocent. I'd personally rather guilty men go free than innocent men be imprisoned. I think if we're going to figure out the limitations of the 5th Amendment in the digital age we need to decide which direction the system is going to fail. I think many on HN will agree with me, but I'd be interested to know what the country as a whole believes (if anyone has that info).
The crazy part for me is that this has all happened while the crime rate has been steadily going down, so there's not even a justification for it (from a crime standpoint).
https://www.washingtonpost.com/news/volokh-conspiracy/wp/201...
*edit - aquire not require..
Except those files may have been deleted already. You can't prove that you will find anything incriminating on that drive.
My most important passwords (passphrases for gpg used by password managers and luks) are in my head and muscle memory.
When I update passwords I tend to have them written down until I've typed them enough times.
So after a months vacation I often struggle to remember my work password for example. While using phrases makes all this easier these days, 16 months is a long time to presumably spend without your keyboard.
But being forced to divulge the virtual coordinates of his hidden data is somehow different...
Should law enforcement have a right to search through court orders? In a world of unbreakable locks it seems very hard to get justice unless the law can do proper searches. If we end up in a world of unbreakable encryption everywhere, seems to me, criminal activity will have huge benefits. If we can't control crime, we can't have a just society. We can't protect a individuals rights if they are undermined by criminals. Of course, it's also hard if the state has too much power to protect and individuals rights. But somewhere we need pragmatic compromises.
The police does parallel construction to avoid admitting access to illegally collected evidence, civil forfeiture to punish people for things police doesn't like without having to prove anything, etc — incentives for police to step over the rules are a larger problem than unbreakable encryption right now.