backtop


Print 125 comment(s) - last by Iketh.. on Jan 27 at 12:41 AM

Colorado U.S. District Judge Robert Blackburn said the Fifth Amendment does not protect her from the order

A Colorado woman was told to decrypt her laptop in court on Monday in order to aid prosecutors in her bank fraud case.

Ramona Fricosu, the defendant who was accused of bank fraud in 2010, had her laptop seized by authorities during the investigation. However, authorities stumbled upon a big problem while attempting to search her hard drive -- it was encrypted.

Full disk encryption, which prevents unauthorized access to data storage, is an option found in operating systems like Mac OS and Windows. The encryption can take decades to break, and if authorities tried to crack it, it could damage the computer.

That's why Colorado U.S. District Judge Robert Blackburn ordered that Fricosu decrypt her hard drive and return it to the court so prosecutors can use her files against her in the bank fraud case.

Fricosu used the Fifth Amendment to protect herself. She argued that the Fifth Amendment protects her from compelled self-incrimination, and that the judge's order violates this. However, Blackburn didn't agree.

"I conclude that the Fifth Amendment is not implicated by requiring production of unencrypted contents of the Toshiba Satellite M305 laptop computer," said Blackburn.

Assistant U.S. Attorney Patricia Davies backed Blackburn's order, saying that allowing encrypted content to defeat authorities would send the wrong message to other criminals. In her words exactly, it would be a "concession to her [Fricosu] and potential criminals (be it in child exploitation, national security, terrorism, financial crimes or drug trafficking cases) that encrypting all inculpatory digital evidence will serve to defeat the efforts of law enforcement officers to obtain such evidence through judicially authorized search warrants, and thus make their prosecution impossible."

Blackburn has ordered Fricosu to return the unencrypted hard drive by February 21. Civil rights groups are keeping a close eye on the case.

Sources: Wired, Fox News



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Send the wrong message?
By MozeeToby on 1/24/2012 11:09:57 AM , Rating: 2
This isn't providing information, it's providing evidence. It's the same way that if you accused of committing a crime with a gun you can get subpoenaed to turn over a weapon you own for analysis. If I had a physical lock box set to self destruct if someone tried to open it with the wrong key, they could subpoena me for the key and if I failed to provide it I would be held in contempt or charged with obstruction, regardless of how incriminating the contents of the box are.

The only real question mark here, is what happens when the accused legitimately does not know the key. Some people use encryption as a way of wiping a drive, where the key is never displayed, and certainly never recorded by the user. Some people just plain forget passwords. And of course, there's always hidden volumes and other cypto tricks to worry about, but a detailed analysis can often times detect that kind of thing.


RE: Send the wrong message?
By icemansims on 1/24/2012 11:32:41 AM , Rating: 2
No...not at all. They HAVE the laptop. They want the information on the laptop. It's closer to saying, "We know you have a foreign bank account. We want you to get your transaction list from your bank (where we don't have jurisdiction) to prove you were dumping illegal funds into it."
The prosecution can subpoena things (confiscate the laptop), but they can't force the accused to DO something (decrypt the laptop) to incriminate themselves.
It's self incrimination and it's unconstitutional.


RE: Send the wrong message?
By 3DoubleD on 1/24/2012 12:02:49 PM , Rating: 2
That falls into the same "opening the gun locker" argument. The courts can issue a warrant to search your private property if they have probable cause. Requiring that the locker be decrypted by the defendent is no different as requiring the defendent to search their home. Your constitutional rights are protected by probable cause in order to get that warrant(so long as the government stops trying to do away with that one). Therefore they have to prove there is reason to believe you have commited a crime and what they expect to find upon the search. In this case they certainly have both.


RE: Send the wrong message?
By adiposity on 1/24/2012 1:45:18 PM , Rating: 2
I disagree, it is different, because a lock combination is protected under the 5th amendment, as ruled by the Supreme Court. This is quite a bit like a lock combination, as it is information in the mind of the defendant.

Now, since they have a warrant to the laptop, they may feel they are not getting access to what the court ruled they have access to. In which case, they are free to take more brute strength means to access said laptop. If you need a defendant's help to convict them, then in my mind that falls within the 5th amendment.


RE: Send the wrong message?
By Solandri on 1/24/2012 2:23:32 PM , Rating: 2
quote:
I disagree, it is different, because a lock combination is protected under the 5th amendment, as ruled by the Supreme Court.

Do you have a citation for this? This closest I was able to find was:
http://laws.lp.findlaw.com/getcase/US/487/201.html

In it, the opinion that the lock combination is protected by the 5th Amendment is not a majority opinion ruling. It is a dissent by a single Justice (Stevens).


RE: Send the wrong message?
By adiposity on 1/24/2012 4:07:11 PM , Rating: 2
In that decision, they stated that they did not disagree with Steven's dissent on the point of combination safes. They simply disagreed that the combination safe analogy was apt in the case of turning over bank records.

Also see here: http://blogs.denverpost.com/crime/2012/01/05/why-c...

So basically, while not legally binding, the Supreme Court have essentially implied that turning over a lock combination is protected by the 5th amendment.

Another issue is, if someone gives up their encryption key, they are admitting "ownership" of the encrypted (and potentially illegal) contents. The admission then could be used against them. So the very act of showing the ability to decrypt the drive is actually providing evidence against yourself.

This is why you should use an encryption scheme where different passwords decrypt different things, and it is impossible to prove what is encrypted and what is not. Then if you are forced to decrypt your drive, you give the "lame" key, they can't prove there's another key.


RE: Send the wrong message?
By YashBudini on 1/25/2012 4:16:35 PM , Rating: 2
quote:
, if someone gives up their encryption key, they are admitting "ownership" of the encrypted (and potentially illegal) contents. The admission then could be used against them.

That would be the fine line between saying "I don't know the combination" or saying "I won't give it to you."


RE: Send the wrong message?
By JediJeb on 1/25/2012 6:34:32 PM , Rating: 2
quote:
they can't prove there's another key.


That's assuming a good digital forensics expert can not determine what scheme you are using to hide all the data. If they are able to piece together data from a smashed hard drive I imagine they can also determine what kind of encryption you are using even though they may not be able to easily decrypt it.


RE: Send the wrong message?
By MrBlastman on 1/24/2012 11:55:01 AM , Rating: 2
But it is providing information. It is providing information that can incriminate her.

What if say a few hundred years from now, instead of pulling data off of a computer, they instead strap the defendant to a gurney and wheel them off to a room with all sorts of obtuse sensors and electronics--to instead pilfer information from their own brains? Sure, that is right out of science fiction but it is entirely plausible if we are to allow this course to play out.

What I see here is a dangerous precedent with a finely balanced sword hanging over it. On one side, the argument can be made that the laptop is property, like a house and as such is subject to a warrant. In cases of a warrant and a search, if the defendant does not give the police a key, they can instead bust down the door. In this case, if the woman doesn't want to give them the password, they have the same option--to forcibly decrypt the laptop.

Except they can't. It will take decades to do so--far more than the statute of limitations might allow since this is not a capital crime.

If I were her lawyer, I'd simply, plainly and obtusely hint to her to "forget" the password. Whoops. They can't prove that she did or didn't, either.

But back to that fine-edged sword. On one hand, it can be looked at as a home--just another piece of property. On the other though, it can be looked at as words out of their mouth or a form of self-incrimination. But wait... lets think about this for a moment. Logically speaking, no, the laptop is not self incrimination. However, her speaking the password... IS .

So there we have it--the solution. She should not plead the fifth on decrypting her laptop but instead of simply relinquishing the password. If she were to give it up, they'd be able to bust her.

But wait--the sword swings back our way again. The password is simply akin to a key.

This is complicated. It isn't cut and dry and I don't expect this one ruling by the judge to stand forever. She should just "forget" the password. How can you be charged with obstruction if you truly don't know it?

They can't read her mind... yet. When, sometime in the future our minds can be read... this, the thought of it, sends tremors throughout my body just thinking of it. There are some truly fanatical extremists out there that will argue sometime in the future that even our own bodies are not "personal" property but instead the whim of our society.


RE: Send the wrong message?
By drycrust3 on 1/24/2012 7:07:29 PM , Rating: 1
quote:
Except they can't. It will take decades to do so--far more than the statute of limitations might allow since this is not a capital crime.

The Enigma code was cracked on a daily basis by knowing what part of the encrypted message was and where it appears in the message. My guess is the HDD could be decrypted the same way: by knowing what part of the encrypted data relates to some standard file. While I wouldn't say its a piece of cake to decrypt, I think with the right expertise and approach it could be done in less time than "decades".


RE: Send the wrong message?
By Master Kenobi (blog) on 1/24/2012 10:15:06 PM , Rating: 2
Computer Encryption and the Enigma code which was a cypher have really no relation to each other. I would not recommend comparing the two. Still, I'd be curious which encryption software she used because most of the ones on the market can be broken without too much trouble. To add insult to injury, if she encrypted it recently then the residual files will be all over the drive still in an unencrypted state and you merely need to exercise basic forensics to recover plenty of them. This really smacks of the government being lazy.


RE: Send the wrong message?
By YashBudini on 1/25/2012 2:33:59 PM , Rating: 2
quote:
This really smacks of the government being lazy.

More likely it's about showing her who's boss.

It will get more interesting if others are involved, is she hiding a conspiracy?


RE: Send the wrong message?
By JediJeb on 1/25/2012 6:41:00 PM , Rating: 2
Lazy or cheap since the really high end data recovery processes are super expensive. Some of these companies can actually piece together a broken platter and retrieve at least partial data from it, though you pay quite a bit for that service.


"My sex life is pretty good" -- Steve Jobs' random musings during the 2010 D8 conference














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki