Your Encryption Key Is Protected By The Constitution?

from the can't-incriminate-yourself dept

In an interesting case up in Vermont, a federal judge has ruled that someone accused of a crime cannot be forced to reveal his or her encryption key, as it would be a violation of the Constitution's 5th Amendment, saying that an individual cannot be forced to self-incriminate. In an age where encryption is becoming increasingly popular, expect to see other cases of this nature. It seems likely that a case like this one (if not this one itself) will eventually wind up before the Supreme Court to determine whether or not someone can be forced to give up his own encryption key. Where it gets tricky is the question of whether or not the key itself incriminates the person. As the article notes, a person can be forced to give up a key to a safe that contains incriminating evidence, which many say is analogous to this situation. In the meantime, though, we've already seen cases where people are presumed guilty just because their computers have encryption software installed -- so, it may not matter whether or not the key is provided when the presence of PGP alone is viewed as incriminating.

Filed Under: constitution, encryption, encryption key, fifth amendment, pgp


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Infestedtassadar, 28 Sep 2009 @ 2:17am

    Re: Compelled Production of Passwords

    by BTR1701
    "Being a cop myself, I nevertheless tend to side with the judge on this one. People shouldn’t have to help the government make a case against them. Besides, this is just like trying to compel someone to produce a voice sample— what happens if the court orders him to produce the password and he still refuses? Hold him in contempt? Big deal. If he’s facing 10 years on a child porn charge and he knows that if he produces the password, they’ll have the evidence to convict him, a few months in the local jail on a contempt charge is by far the better deal."

    Plus not be labeled as a pedophile, in this case anyhow. Should of used Truecrypt. Wouldn't even get to the point of an arrest, much less contempt, or an actual conviction. This is from truecrypts Documentation:


    It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume.

    The principle is that a TrueCrypt volume is created within another TrueCrypt volume (within the free space on the volume). Even when the outer volume is mounted, it is impossible to prove whether there is a hidden volume within it or not*, because free space on any TrueCrypt volume is always filled with random data when the volume is created** and no part of the (dismounted) hidden volume can be distinguished from random data. Note that TrueCrypt does not modify the file system (information about free space, etc.) within the outer volume in any way.

    http://www.truecrypt.org/docs/
    under
    Plausible Deniability
    Hidden Volume

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.