This is interesting, because the case is clearly being structured (intentionally by the government, one presumes) to force the test case of "is compelled decryption legal" onto the most unsympathetic possible defendant.
If the government "knows beyond doubt" that the encrypted drives have CP on them, then they have everything necessary to move forward with a trial without decrypting the drives at all. That satisfies society's legitimate interest in suppressing child porn, while also not trampling all over the legal right to use encryption. Choosing to structure the case in this way, with an appeal to the Supreme Court over a matter that's a technicality in the original case, clearly shows that the goal is to get a precedent for forced decryption, not merely to jail one child porn possessor.
They don't "know beyond doubt" in an absolute sense. They know sure enough to make the encrypted drives content part of the trial in the first place, which is a determination the judge made himself and that wasn't challenged by the defense so far.
At some point the main trial will continue, very probably without the decrypted drives. Then the defense will very very likely argue why the hashes aren't enough proof for possession of illegal files, and they will hear experts statements on the matter on both sides, other evidence for the possession etc. And then a _jury_ will make the judgement, with much more factors and on a very different standard of "beyond doubt".
They "know beyond doubt" that the drives at least used to contain CP, and most likely do now. It's possible that the CP was deleted at some point, and the only way to determine that would be to decrypt the drives.
> They "know beyond doubt" that the drives at least used to contain CP
If they even merely had sufficient evidence to know beyond a reasonable doubt, then they would have sufficient evidence for a trial conviction and the decryption would be a sideshow.
Either they are lying about their knowledge (unnecessarily from a legal perspective, so probably for PR), or lying about needing the decryption for evidence, or telling the truth about both but the source of their knowledge is itself illegal evidence (and any evidence they collect based on that knowledge is fruit of the poisonous tree.)
Or they're telling the truth but they're worried that a jury won't understand the explanation of how they know and would really like to have the actual CP in-hand to use as evidence instead.
If they've linked specific hashes to known CP content, then presumably they have those files available. They can still present that as evidence, then have the experts testify that those specific files are known to have been on the drive.
Going to the Supreme Court specifically on the forced-decryption issue sends a pretty strong signal that that's what they actually care about.
Technically, the defendant is the one going to the Supreme Court. Of course they somewhat forced his hand by putting him in jail. IANAL, but probably he could have abandoned his fifth amendment defense strategy much earlier, which is the only thing currently before the Supreme Court, go back to the original judge and raise the "I forgot the password" defense there. Under the assumption that he could have done that, and again IANAL so I'm sorry if that is wrong, he is the one forcing the issue at the Supreme Court.
Of course the prosecution has nothing to loose here, so why would they do anything (if they could, I don't believe they play any role in this part), and the judge that made the contempt of court ruling that is the basis of all of this is unlikely to just give in and admit he was wrong, and also probably pretty interested to get a final judgment on what he believes is his legal right to do.
And you make it sound like getting the highest courts opinion is a bad thing. Either way, then we know, and I'm glad I'm not the one that has to wait it out in jail.
I am also not a lawyer, but if the government really just wanted their conviction of this one guy, the obvious path seems to be to abandon the court order to decrypt the drive, and just move forward with trial based on the forensic evidence from the system root. Slapping him with contempt on this, and continuing to sweat him out in jail while he files higher and higher appeals, is the government's decision.
Getting the Supremes' opinion on this is kind of a superposition of states: if they decide in favor of right-to-encrypt, that's great, as suddenly the government will (presumably) stop using these kinds of court orders; but if they find against, then it's worse than the current uncertain situation, as orders to decrypt will then become an accepted tool. If the Supremes would find in favor of compelled decryption, then I'd prefer it never go to them, and remain in the current legal limbo.
"The government" as such is not involved here. I'm not going to pretend the separation of powers is as clean cut as what one learns in school, but first and foremost this is a ruling of a single and independent judge that the defendant is challenging.
I fail to see any motivation for the judge to back down on his contempt of court order. I fail to see any motivation for the prosecution to try to continue the trial faster without the drives (which would be a much weaker case). Just because they are good people and have any problem with somebody they believe to be very guilty sitting in jail? They send people to jail all day long.
And I for myself, owner of many encrypted drives, prefer to know and not having to fight that fight myself while sitting in jail.
If it's a hash without known collision vulnerabilities, then it's 2^80 proof at least. This is definitely "beyond a reasonable doubt".
Even if there were, what's the threat model? "Government creates colliding images one CP and one not, seeds the non-CP versions widely in torrents or something, then uses the hash collision to accuse anyone who downloaded of CP"? That's way more roundabout than governments will bother with; a dirty prosecutor will just fabricate evidence entirely, or have witnesses lie. (Plus, just producing the innocuous colliding image and demonstrating the collision would be an easy and ironclad defense.)
The threat model is "antagonist creates colliding image which is CP, claims original unviewable file was CP."
So you, the protagonist, have an encrypted volume full of the names and addresses of people helping evacuate Jews from Nazi-controlled Europe / blockade the construction of a new mine which was approved through bribery and corruption. The antagonist claims you are a CPer and produces a list of known hashes on files on your disk, and a sample of really awful images that conveniently have the same hashes.
So the end game is either bust your information out to assist prosecution of the anti-government activists, or land you in the slammer as a CPer thus dragging your cause into the mud.
If the original files weren't under the control of the adversary, that's a preimage attack, not a collision attack. No hash that's ever used for file authentication, even MD5, is vulnerable to second preimage.
If they were, then first off you should have been more careful about putting untrusted data on the same drive as anything actually important, but secondly it's usually obvious when a file is constructed as part of a collision attack, and there would be no good reason for the government's exhibits to show those markers.
Really, this whole discourse is silly anyway. In accordance with the usual XKCD, if the government really wants to railroad you, they won't bother with cryptographic vulnerabilities; they'll just lie and/or plant evidence. Creating and exploiting a hash collision isn't something you do by accident; it's conscious, outright evidence manipulation, and if they're willing to do that they can do it much easier ways.
> the case is clearly being structured (intentionally by the government, one presumes) to force the test case of "is compelled decryption legal" onto the most unsympathetic possible defendant.
This is called strategic litigation for a rule change and is quite common amongst 'repeat-player litigants'. Prosecutors, insurance companies, and even the plaintiffs' bar routinely take unnecessary cases to trial if they think it would set a favorable precedent and also settle cases where they think a trial might set an unfavorable precedent.
If you can be jailed indefinitely for not decrypting a drive then can't you be jailed indefinitely for not remembering your password? That sounds fair.
At the contempt hearing, you are allowed to testify that you do not remember your password, and it puts the burden of proof on the government to prove that you secretly remember your password and are lying to the court when you say that you don't. Of course if you do testify this and you are lying, then that's a perjury charge -- which means that for example if you have told your lawyer that you do remember your password, your lawyer cannot knowingly allow you to lie on the stand and could be disbarred etc. if you do. But assuming that you're not lying and so forth, you can just say "I can't comply with this court order because I don't remember the password" and that will suffice for your defense at your contempt hearing unless the government can meet a strong burden of proof that you secretly do know your password and are lying about it, which you are of course entitled to counterexamine and poke holes in.
Rawls did not testify, at his contempt hearing, that he did not remember his password. He did not testify at all at that hearing. He said prior that he doesn't remember his password to the police, and he has said it afterwards to the media, and he might have even said it to a different judge in these weird follow-up hearings--but he didn't say it at the contempt hearing and as I understand it he didn't appeal this hearing directly to say "well shoot I didn't realize I was getting jailed on a technicality, let's re-do this hearing so that I can testify that I forgot it properly."
There are many reasons that Rawls might not have testified; possibly he has a very good lawyer who is concerned about some bigger issues that Rawls might have to address if he testifies at all; possibly he has a very bad lawyer who did not know that this is how forgot-my-password law works and did not read the Supplemental Order the judge wrote explaining why Rawls is being held in contempt of court. I do not know why he did not testify this. However, testifying this is sufficient to be not held in contempt of court, unless the government can meet a stiff burden of proof that you are lying.
> However, testifying this is sufficient to be not held in contempt of court, unless the government can meet a stiff burden of proof that you are lying.
Which in essence is impossible in most cases, unless you are stupid enough to actually tell people that you refuse to decrypt the drive and those can then testify against you.
It's all a matter of perception. It just shows how much a few words can matter a lot in a legal context, and how by saying you don't remember the password, you will walk, whereas by saying you won't give it up, you'll be held in contempt for 2+ years rotting away in a cell.
Perhaps he could say he doesn't remember the password in a few years? "It's been years, it was a complex password containing a lot of characters, and I no longer know what the password is" -- that doesn't seem unreasonable.
You never have to make a statement to the police, and this is why it's part of the Miranda warning. There is no per se right to remain silent before a judge.
The fifth amendment allows one to not be whitness against oneself, but that doesn't allow you to ignore the judge.
And if you raise the fifth as a response and the court does not believe it applies, you get to argue why it does before another judge, which is where this man is now.
A forgotten password is not part of the current debate.
It is the government's job to prove you remember it. They have the burden of persuading the court that you don't remember it. This is spelled out explicitly in the Supplemental Order issued by the judge, PDF freely available at:
What is at stake is a burden of evidence production. The difference between production and persuasion, in a court room, is a distinction both of quantity and quality. You "produce" single pieces of evidence, whether weak or strong -- then the totality of all of the pieces of evidence, evaluated together according to their strengths, "persuades" the court. "Produce" is quality-agnostic and refers to single pieces of evidence; "persuade" or "prove" refers to all of the evidence on both sides and weighs them by their quality.
And what's really at stake is that your lawyer, at a contempt hearing, cannot merely claim, "Well, your honor, the prosecution has not proven that my client is definitely able to fulfill the order, because they have not disproven every possible reason why my client could not fulfill the order." The reason that this is not enough is that it is asking the government to prove a negative, "you cannot possibly have any excuse."
Instead the procedures that courts use to decide these cases require the defense to identify specific reasons why the defendant cannot fulfill the earlier order, and then the burden falls on the prosecution to prove that those specific reasons are BS. And for this purpose they need to produce some evidence -- it doesn't need to be strong, persuasive evidence -- that the defendant cannot fulfill the order for that reason. Because it does not have to be strong or persuasive, a statement of testimony is taken at face-value as sufficient.
The only attack the government can make at the evidence-production level is "even if this evidence were 100% persuasive the defendant would still be able to decrypt the drives", so the evidence has to have some clear logical relation to the excuse. But obviously if your sworn testimony that you cannot decrypt the hard drives were 100% persuasive, you would not be able to.
It's still the government's job to prove you remember it, but you need to produce some sort of pertinent evidence (no matter how flimsy) that you don't, so that the court even evaluates this defense in the first place.
It's not inconceivable that the courts could prove that the defendant could access data. The data could be on an encrypted cloud drive that the defendant decrypts when he accessed his email this morning.
Or he already stated to Witness that he keeps his bitcoin keys there and he has been trading bitcoins lately according to Exhibit J.
Look, it's not inconceivable that competent prosecution could prove that every murderer wasn't acting in self-defense, either. What's conceivable has little bearing on courtroom procedure.
What matters for procedure is, what's reasonable. It's reasonable that someone who claims they killed in self-defense would have to present evidence that they felt they were in serious danger. It's reasonable that someone who claims they were not sane at the time they committed a robbery, should have to explain with evidence the causes and circumstances of their insanity that distinguish their mental state from other mental states that we'd treat normally, like that of simply being greedy. These are routine situations where the burden of proof is on the defendant to mount the corresponding "affirmative defense." They arise because of a more fundamental principle that if you did fail to obey the law, but you want to argue that it's OK that you failed to do so, then you should be able to tell the court why you failed to do so, so that we can indeed evaluate whether it's OK.
The only difference here is that insanity, self-defense, entrapment and the like -- traditional affirmative defenses -- are self-evidently very exceptional circumstances. Forgetting is, by comparison, quite routine. Therefore the courts are actually incredibly lenient, putting only a weak burden of production on you so that the question of "why can't you?" is answered up-front, and then this reason will be evaluated under the assumption that you're innocent until proven guilty.
Thanks for sharing that link, something I knew about but not by name :-) Also thumbs up for Rocket Jump
In a related tangent when I setup the WiFi for the Perth Artifactory Hackerspace, I told everyone (via email) the password was on the back of the door. Which had a sign that said "KEEP DOOR CLOSED" :-) Fortunately the first person to try it, did figure it out.
Prosecutors said Rawls has a lot of "chutzpah" to even ask to get out of jail while he appeals the contempt-of-court order to the Supreme Court, which has never decided whether forcing somebody to decrypt hardware amounted to a Fifth Amendment violation.
He's being held in jail on a basis that may violate his constitutional rights, yet he is the one with chutzpah?
Despite Doe’s refusal, f orensic analysts discovered the password to decrypt the Mac Pro Computer , but could not de crypt the external hard drives. [...] The Forensic examination also disclosed that Doe had downloaded thousands of files known by their “hash ” values to be child pornography. 3 The files, however, were not on the Mac Pro, but i nstead had been stored on the encrypted external hard drives. Accordingly, the files themselves could not be accessed.
I don't think it's unlikely at all, however, it is unlikely they would disclose having it for such a meaningless case.
The value of this case to them isn't decrypting the data -- it's in setting a precedent on forced data decryption, which they can then use for other cases.
Someone quoted this in a post below: "Prosecutors said Rawls has a lot of "chutzpah" to even ask to get out of jail while he appeals the contempt-of-court order to the Supreme Court, which has never decided whether forcing somebody to decrypt hardware amounted to a Fifth Amendment violation.", proving the point.
What I've been able to piece together from the fragments of this case that have been reported by non-technical journalists is that he used some sort of P2P software like BitTorrent to download the files. This P2P software kept the checksums of every downloaded file on his unencrypted drive (basically it stored the torrent files somewhere). The FBI compared the checksums in those file to ones of known CP images and found some number of matches (how many has not been reported from what I've seen).
So it really looks like they've got plenty to convict this guy on the evidence they have, but are refusing to bring the case to trial until he unlocks his external hard drive for some reason.
It's one of two ways. It's either the hash algorithm hashes are strong enough to prevent manufactured hash collisions (not just accidental ones) and the gov could convict on the hashes alone, meaning the files aren't needed and the All Writs Act is not appropriate, so he's not in contempt. OR the hashes wouldn't stand the trial by themselves, and leaves a much weaker argument for the need to decrypt because you're less certain that it would contain the files you think it does.
I think the specifics in this case, Like the sister's testimony, go against the second possibly weakening their argument.
Things like OS search indices, recently used items databases or thumbnail caches can store hashes of files to identify whether they are up to date and referring to the correct file.
Although I'm sympathetic with the side I think you're on, the legal issue at stake here is much more complex than you are giving credit for, and reasonable people can disagree about this. Courts have apparently found in the past that disclosing a physical key is not a 5th amendment violation whereas disclosing a code (eg the combination to a safe) is. The EFF is apparently of the mind that this is a violation. There's a decent writeup of a different case that raises the same issue here http://www.outsidethebeltway.com/the-fifth-amendment-privacy...
The fatal flaw here is that this guy lost over 90 days (I think that's the lower bound) of liberty without a jury trial. Under this scheme a judge could jail you until you produce the body in a suspected murder, or until you tell the cops where the money is in a suspected bank robbery.
Contempt is a quasi-criminal remedy with severe limitations. SCOTUS will rule from this that contempt confinement for longer than 90 days requires jury fact finding.
Hmm. It's not true to say under this scheme a judge could jail you for not producing a body. This is more like a situation where the judge could jail you for not allowing people to search the spot where they suspect the body is (eg if you won't let police search your freezer). That's something they can in fact already do. That is to say, they have the right (assuming a warrant) to search where they want to search, and if there is a physical protection (eg a key) it isn't covered by 5th amendment and you have to cough it up.
The 5th amendment doesn't bestow a right to prevent the collection of evidence in general. You could argue that this particular person wanted a jury trial they could easily have got that by disclosing the password and allowing decryption.
That said, forcing disclosure of a password is particularly troubling. On its face it seems obvious that he is deliberately not doing that so as not to reveal the incriminating evidence (ie incriminate himself), which is why he is pleading the 5th amendment right not to be forced to do that.
If the government "knows beyond doubt" that the encrypted drives have CP on them, then they have everything necessary to move forward with a trial without decrypting the drives at all. That satisfies society's legitimate interest in suppressing child porn, while also not trampling all over the legal right to use encryption. Choosing to structure the case in this way, with an appeal to the Supreme Court over a matter that's a technicality in the original case, clearly shows that the goal is to get a precedent for forced decryption, not merely to jail one child porn possessor.