Thursday, January 17, 2008

guilty until proven innocent and encryption in the digital age

"A federal judge in Vermont has ruled that prosecutors can't force a criminal defendant accused of having illegal images on his hard drive to divulge his PGP (Pretty Good Privacy) passphrase."
The Washington Post just revived this article and there is also a good article on cnet.In Child Porn Case, a Digital Dilemma; U.S. Seeks to Force Suspect to Reveal Password to Computer Files
Judge: Man can't be forced to divulge encryption passphrase

you may have to register for the post one, but the cnet one you can view

if you are unfamiliar with the case, like i was, basically Sebastien Boucher was stopped coming into America at the Vermont border. The border agents looked at his laptop which appeared to have been on, and saw what appeared to be preteen child porn. Of course the arrested him. At some point the laptop was turned off and now they cant answer some "Z" drive that supposedly holds the evidence. They now want Boucher to give up his PGP passphrase, which his lawyers argue will be violating his 5th amendment rights (right not to incriminate yourself).

I'll try to keep this on the technical level even though i have some strong other opinions on it.

We are forced to conclude that he has some sort of have to decrypt to boot or log into the laptop option even though they dont specifically say that. If they could log into the regular windows drive but not the "Z" drive, if this guy really has been engaging in that kind of activity it should be visible in IE history, saved passwords, temp files, irc logs, p2p client logs. there should be PLENTY of evidence. They could also subpoena ISP logs and search his home for backups. One of the articles says he is out on bail, a perfect opportunity to monitor now (another argument --but they should have no problem getting a warrant given the circumstances) if he truly is a pedophile hell get right back into it and they can catch the guy with real evidence.

Its a shame that the importance of this case will be overshadowed because of KP. The protect the kids crowd who, by reading alot of the comments on the Washington Post, have already convicted the guy and are fine with giving up liberties for people who are terrorists, pedophiles, or have something to hide --unless it was them. If the guy was accused of some white collar crime, i think most people would be like "hell no he doesnt have to give up his pass phrase" but because of KP, they want to hang him out to dry.

I for one dont blame the guy for at this point not wanting to give up his passphrase, even though its been over a year and i would have been trying really really hard to forget that thing the last year if it was me (it usually takes me a few tries anyway). The are obviously on a witch hunt at this point, and like he sort of says you never have no idea what is in your temp files, especially if you visit porno sites. It wont matter to the prosecution if the is questionable stuff in his temp files (and i'm sure that will be glossed over in any trial), it will be there even if everyone knows you can be redirected to questionable sites even when trying to access "clean" sites let alone "adult" sites.

This is an intersting bit from the cnet article:
"Boucher was read his Miranda rights, waived them, and allegedly told the customs agents that he may have downloaded child pornography. But then--and this is key--the laptop was shut down after Boucher was arrested. It wasn't until December 26 that a Vermont Department of Corrections officer tried to access the laptop--prosecutors obtained a subpoena on December 19--and found that the Z: drive was encrypted with PGP, or Pretty Good Privacy."

This link says it was a forensic copy:

Hopefully the Constitution and real justice will prevail if the people in Vermont cant gather up some real evidence in the case but i will agree the guy screwed himself for the most part by letting people look at the laptop and admitting to having things on the laptop he shouldnt.

Here are some great quotes to help you get to sleep tonight:

"Criminals and terrorists are using "relatively inexpensive, off-the-shelf encryption products," said , the FBI's assistant director of public affairs. "When the intent . . . is purely to hide evidence of a crime . . . there needs to be a logical and constitutionally sound way for the courts" to allow law enforcement access to the evidence, he said."

"Mark D. Rasch, a privacy and technology expert with FTI Consulting and a former federal prosecutor, said the ruling was "dangerous" for law enforcement. "If it stands, it means that if you encrypt your documents, the government cannot force you to decrypt them," he said. "So you're going to see drug dealers and pedophiles encrypting their documents, secure in the knowledge that the police can't get at them.""

Lee Tien, senior staff attorney at the EFF, a civil liberties group, said encryption is one of the few ways people can protect what they write, read and watch online. "The last line of defense really is you holding your own password," he said. "That's what's at stake here."

and my favorite from one of the comments:

"Maybe it would be simpler just to declare the ever-dwindling number of people who happen to live outside prison walls criminals. Then we could dispense with this inconvenient notion of civil liberties altogether."


No comments: