The Fifth Amendment to the United States Constitution protects American citizens from incriminating themselves, but it seems 'forgotten' passwords don't always fall under that. The US Third Circuit Court of Appeals upheld a ruling of contempt from a lower court over a man's claimed inability to remember his drive-decryption password.
A computer, pair of iPhones, and two external drives belonging to the anonymous defendant were seized as part of a child pornography investigation. The court ruling states that the defendant voluntarily provided the password for his iPhones but refused to offer up the passwords for his Apple Mac Pro or external hard drives. Forensic analysts were able to recover the password for the computer, but not the drives. When asked to enter in the passwords for his drives, the defendant entered in a number of incorrect passwords. The judge, however, didn't believe the defendant, and it eventually came out that he did have the passwords and had chosen not to reveal them because of the device's contents.
So are all our passwords up for grabs now?
The court already knew a bit about what it was getting into. In the process of analysis, those forensic analysts had discovered file signatures on the defendant's computer that matched the hash values of known child pornography files. They also had testimony from the defendant's sister that he had shown her said files on the external hard drives. The court ended up ruling that being forced to produce a password did not count as testimony and, as a result, did not fall under the protection of the Fifth Amendment.
In this particular case, the court had compelling evidence to force the issue, and this is the kind of situation where we want to see justice done, but it could potentially set a dangerous precedent. The Electronic Frontier Foundation told The Register that "any time suspects are forced to disclose contents of their mind, that's enough to trigger the Fifth Amendment, end of story."
Meanwhile, other legal experts note that data encryption is now standard within many businesses, and an inability to force decryption makes these companies "effectively immune from discovery and subpoenas."
The balance between personal privacy and pursuit of justice has never been murkier than it is in the current age of everything-encryption. There simply isn't as much physical evidence for investigators to pore over, and much of the digital evidence is locked up in encryption. At the same time, citizens have a right to privacy and to protecting that privacy.
The EFF's senior staff attorney Mark Rumold expects this question to climb its way up the courts and said he wouldn't be surprised to see the issue make its way to the Supreme Court.
Disguise your little one with the help of a themed costume
From avocado halves to hoppy bunnies, costumes speak to every child's unique spirit. And we've collected our favorite options.
Add magic to your living space with these string lights
String lights add personality and soft light to your living space. Here are some of the best.
The Galaxy S20 Ultra's Space Zoom camera is amazing and a bit creepy
The Galaxy S20 Ultra supports up to 100X zoom, which Samsung calls Space Zoom, but is it any good? Can a phone really product usable photos at 100x zoom? We've got our Galaxy S20 Ultra already so join us to find out!
Splash and crash at the beach or pool with these fun one piece designs
Bikinis are great, but one piece swimsuits are better. These singular designs take H2O to the next level with cutouts, playful patterns, and eye-catching necklines.