UK Ruling Says Authorities Can Force You To Hand Over Your Encryption Key

from the self-incrimination-means-different-things-across-the-pond dept

A year ago, there was a legal ruling in the US that said an individual could not be forced to hand over their encryption key to encrypted data on a computer, since it violates the 5th amendment against self-incrimination. Over in the UK, they apparently also have protections against self-incrimination, but apparently it doesn’t cover handing over your encryption key (thanks to JJ for sending over the link). Basically, the ruling is pretty close to the opposite of the US ruling. Basically, it found that an encryption key isn’t speech but an independent “thing” that can be required to be turned over to authorities.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “UK Ruling Says Authorities Can Force You To Hand Over Your Encryption Key”

Subscribe: RSS Leave a comment
32 Comments
Anonymous Coward says:

Easy solution, simply ‘forget’ your key. also fallow proper password procedures; at least 18 characters in length using a combination of letters, numbers, and special characters changed every 90 days. Never write it down, never tell anyone and never reuse old passwords.

If you hold to all of that your defense need not even be a lie.

angelwolf71885 (profile) says:

Re: Re:

or you could image your HD just before you leave upload it to an online storage site

and NEVER put that url in your history but just rember the name of the company..

and like you said use DONT ASK DONT TELL

and then format your comp before your trip
and image it when you git to where you are going or when you git back…

boom issue solved 😀

Scott Gardner (profile) says:

Re: Re: Re:

I can’t imagine uploading an entire hard drive to an online service. Never mind the per-gigabyte transfer and storage costs, there’s the little issue of time. Even with a steady 16 Mbps internet connection, you’re looking at over eight minutes per gigabyte.

I can see doing what you’re talking about with a few sensitive folders/directories, though – send them to the online service, delete them from your hard drive, and use any of the “wipe free space” utilities on your hard drive. Then when you get where you’re going, download the files from the service if you need them.

angelwolf71885 (profile) says:

Re: Re: Re: Re:

yah thats true….

actuly you could have a home NAS converted to use FTP
and just access your backups like ppl should already be doing..

but like you said the cost per gig if you are on a meaterd connection would be the constraint

pluss if you have your own FTP server then you dont have to pay for online storage 😀

the good thing is thair are solushions to the issue 😀

chris (profile) says:

Re: Re: Re:2 Re:

actuly you could have a home NAS converted to use FTP
and just access your backups like ppl should already be doing..

no, no, no, ftp is a plain text protocol. why go to all the trouble of wiping your hard drive just to pass your data thru the internet in the clear?

even if you encrypt the data prior to transmission, the clear text protocol will reveal it as an encrypted file.

use only encrypted protocols like SFTP or SCP. on the wire they look just like ssh sessions, since that it really what they are, FTP tunneled via ssh.

NeoConBushSupporter says:

LOOK OUT (it's commin' this way)

If Hussein Obama gets the oval office, he plans to copy the socialist, “big government” agenda we are seeing forced on the citizens of these “leftist” european countries. Don’t let Hussein Obama and his terrorists cronies turn the United States into France!

VOTE McCain 2008 – He wont steal Joe the plumbers dream.

The Historian says:

Re: LOOK OUT (it's commin' this way)

I’ve lost more civil rights under Bush than any President in history. We have the worst economy since the Great Depression. We should be afraid of Obama? Have you noticed how “big” our gov has gotten under your idiot neocons. Lay of the kool aid. France couldn’t be worse.

angelwolf71885 (profile) says:

Re: Re: LOOK OUT (it's commin' this way)

alls i have to say to you is rev right acorn aires..

Obama has horrable judgement…
and will cost 50 billion more then McCaine

im voteing nader BTW i caint stand McBush or the Retard Obama
ide prefer not to vote but aglest if i vote nader i can say
the resulting mess wasent my fault…

Mccaine isent much bedder with his your own your own and im gunna tax your healthcare attatude…

thay are both jackasses whu are gunna screw us of our rights and our money…

Anonymous Coward says:

Re: Re: Re: LOOK OUT (it's commin' this way)

You’re calling who a retard? I wasn’t even aware of a McCaine running for President. You are one reason Obama wants to better the educational system in the US. Please pick up a book or at the very least use a spell check in the future. They may take your rights and money, but at least you apparently got a top notch ejukation 🙂

Steve the worker says:

Re: Re: LOOK OUT (it's commin' this way)

The economy under Carter was worse then it is now. In 1980 interest rates were 14% to 18%, unemployment was 10% inflation was 10% or so. My number are not 100% correct but they are close. Check for your self. So this is not the worse economy. The great depression still holds the title.

zcat says:

#6 "self destruct" won't work

Normal procedure from anyone with a clue is to remove the drive and image it. They might boot the machine off a live forensic CD for a first-look, but no software on the original hard-drive will ever be run for exactly this reason.

The best option (apart from never having anything on your drive they’d want to look at) is a hidden volume. That and not living in a country that thinks ‘waterboarding’ is an acceptable interrogation technique.

Jess says:

Political Rhetoric==Bullshit

I am getting sick and tired of political rhetoric from both of the leading candidates and their brain-washed flunkies. Obama keeps on promising change, yet, he has not authored a bill in his entire term and has followed the political mass that is the democratic party blindly and chosen a running mate that has very much resisted any change that doesn’t benefit him directly.

McCain has a political “wild” streak that seems very much calculated and has gone against his constituents wishes on several matters, which is not what I want to see in a president of mine.

So basically we are being forced to choose between a man who blindly follows the lead of his fellow party members and a man who has lost touch with the people he represents. A man who only promises a changing of the guard or a man who will be hamstrung by his association with the current president.

If it were just that I wouldn’t vote. But, it seems that the press seems to adore Obama and hates McCain with a passion. That makes my decision easy. They call themselves the voice of the people, yet they try to silence those whose words are contrary to theirs. Screw the press. I guess I’m voting for McCain.

Douglas Gresham (profile) says:

Re: Re:

Quite.

On topic, the question this raises is interesting. The police have the power to enter your home and search it for evidence if you’re suspected of a crime, but they don’t have the power to enter your brain and do the same. The question is, which one does your computer fall under? Is your encryption key like your front door key, or does the fact it’s the only means of getting access (as opposed to breaking down the door) change that? Tough question; I can see it from both points of view.

AJ says:

what are they going to do?

They can’t force you to give up a key, so this law is useless. A simple I forgot and your done. They can’t prove your lying so they lock you up for a few months so what. Thats a hell of alot better than giving away your life savings because they found 100 illegal mp3’s on your hard drive and notified the recording industry to sue you. Or having a copy of your banking data, that was found on your hard drive, end up on some government laptop that got stolen along with 2 million other peoples info….

Joseph Young says:

Re: Flawed logic all around

To all those who have commented that you simply say, “I’ve forgotten it”, it doesn’t work like that. You’ve failed to hand over the encryption key or plaintext equivalent of the encrypted material. That’s prima facie evidence that you have committed a crime. It is a defence to claim that you’ve forgotten the key. But, you must convince the judge and jury that you have forgotten the key. The prosecution doesn’t have to prove you have not forgotten it.

The Appeal Court judgement is like the plot from a bad spy movie. The baddie, upon capturing our hero, demands the secret codeword necessary for world domination. A codeword written down nowhere and known only to our hero. The baddie then tells our hero that, if he doesn’t divulged the codeword, he’ll kill him, thus guaranteeing the failure of his world-domination plans by his own hand.

As killing the defendant isn’t an option, as that would just show that the encryption key is very much dependant on the defendant’s existence, I’m surprised that the Appeal Court didn’t suggest torture. This seems like the perfect use for torture. The problem with the Guantanamo style of torture is that the defendants will say anything, truth or falsehood, to make the torture stop, and you have no way of verifying the truthfulness of what’s been said. As the state already has the ciphertext, if your tortured defendant lies about the encryption algorithm or key, the state will know and can carry on the torture. If the defendant truly doesn’t know the key, the torturing will eventually kill them. Once they are dead, you will know they were innocent.

Anonymous Coward says:

Re: Re: Flawed logic all around

> To all those who have commented that you simply say, “I’ve
> forgotten it”, it doesn’t work like that. You’ve failed to hand
> over the encryption key or plaintext equivalent of the
> encrypted material. That’s prima facie evidence that you
> have committed a crime. The prosecution doesn’t have to
> prove you have not forgotten it.

Perhaps in the UK that’s true but in America, the Constitution sets the burden of proof on the government and no law or court ruling can trump that.

If a similar law passes here, it will still be the government’s burden to prove you’re lying about forgetting the password, not the other way around.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...