Feeds

US court test for rights not to hand over crypto keys

EFF pushing for digital Fifth Amendment

Secure remote control for conventional and virtual desktops

Civil liberties activists have lent their support to a case that will test whether a US citizen can refuse to decrypt personal data on the grounds that it might be self-incriminatory.

The case involves allegedly fraudulent real estate transactions. The government wants a Colorado court to compel Ramona Fricosu, who is accused of a mortgage scam, into either turning over the passphrase or providing a plain text version of the data held on an encrypted laptop. However, such an order would be in breach of Fifth Amendment protection against self incrimination, according to papers filed by the Electric Frontier Foundation (EFF) in support of Fricosu.

Lawyers for the digital civil liberties organisation argue that the prosecution's demand that Fricosu turn over the passphrase/plain text version is contrary to the Constitution, because it effectively forces Fricosu to become a witness against herself.

"Decrypting the data on the laptop can be, in and of itself, a testimonial act – revealing control over a computer and the files on it," said EFF Senior Staff Attorney Marcia Hofmann, in a statement. "Ordering the defendant to enter an encryption password puts her in the situation the Fifth Amendment was designed to prevent: having to choose between incriminating herself, lying under oath, or risking contempt of court."

Although prosecutors have made some concessions, they have failed to provide assurances that any data found on the computer won't be used as evidence against Fricosu. Lawyers for the EFF argued in an amicus brief (16-page/146KB PDF) in defence of Fricosu that the request would expose a potential treasure trove of personal data.

"Our computers now hold years of email with family and friends, internet browsing histories, financial and medical information, and the ability to access our online services like Facebook," said EFF Staff Attorney Hanni Fakhoury. "People are right to use passwords and encryption to safeguard this data, and they deserve the law's full protection against the use of it against them.

"This could be a very important case in applying Americans' Fifth Amendment rights in the digital age," she added.

Supreme Court rulings have previously decided that a subject can be compelled to turn over a key in their possession that unlocks a safe containing potentially incriminating evidence, but not the combination to a safe in much the same scenario.

We've asked the EFF whether or not the outcome of the case will have an effect on laptop border searches and the like, and will update this story as and when we hear more.

In the UK, the Regulation of Investigatory Powers Act gives police the powers to force suspects to decrypt files or hand over pass-phrases. Non-compliance is an offence all on its own, punishable on conviction by a two-year jail sentence – or a maximum of five years in cases where national security is involved.

Investigations into suspected possession of child abuse images and related offences is the "main reason" such section 49 notices have been served, but the power has been applied in a range of cases including counter-terrorism, insider dealing, theft and even aggravated burglary. Ministers argued in Parliament that the powers were needed to investigate terrorism and other serious crime.

However, as first reported in The Register back in 2009, the first person jailed for failing to hand over encryption keys to authorities was a schizophrenic software developer initially charged with explosives offences that were later dropped during a police inquiry. ®

Build a business case: developing custom apps

More from The Register

next story
Munich considers dumping Linux for ... GULP ... Windows!
Give a penguinista a hug, the Outlook's not good for open source's poster child
UK fuzz want PINCODES on ALL mobile phones
Met Police calls for mandatory passwords on all new mobes
Yes, but what are your plans if a DRAGON attacks?
Local UK gov outs most ridiculous FoI requests...
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Govt control? Hah! It's IMPOSSIBLE to have a successful command economy
Even Moore's Law can't help the architects of statism now
Detroit losing MILLIONS because it buys CHEAP BATTERIES – report
Man at hardware store was right: name brands DO last longer
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
This'll end well: US govt says car-to-car jibber-jabber will SAVE lives
Department of Transportation starts cogs turning for another wireless comms standard
New voting rules leave innocent Brits at risk of SPAM TSUNAMI
Read the paperwork very carefully - or fall victim to marketing shysters
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.