Mediaboss Marketing

I have blogged a few times about a pending 3rd Circuit case on the Fifth Amendment standard for compelling the decryption of a hard drive. As I explained, the case presents an opportunity to weigh in on the 11th Circuits standard in a similar case that I think was erroneous. The 3rd Circuit handed down its decision this morning, United States v. Apple Mac Pro Computer. The court ruled for the government without resolving which standard applies. In a footnote, however, the court hinted that it disagreed with the 11th Circuit and would have adopted the standard that I think is right if it had to choose. Its just dicta, but its pretty strongly worded dicta.

I explained the legal issue in glorious detail in my prior post, but heres a quick overview. If the foregone conclusion doctrine applies, the Fifth Amendment privilege against self-incrimination doesnt bar the act of compelling entering in a password. The question is: What does the government need to show to establish a foregone conclusion? The 11th Circuit had held in its prior case that the government needs to show that the government knows with reasonable particularity what files are on the encrypted device. In my view, thats wrong. The foregone conclusion doctrine applies if the government can show that it knows that the subject knows the passcode.

The 3rd Circuit held that the Fifth Amendment issue was not preserved below, but that even if it should be reached it would not be plain error to say that there was no Fifth Amendment privilege:

Even if we could assess the Fifth Amendment decision of the Magistrate Judge, our review would be limited to plain error. See United States v. Schwartz, 446 F.2d 571, 576 (3d Cir. 1971) (applying plain error review to unpreserved claim of violation of privilege against self-incrimination). Does arguments fail under this deferential standard of review.

The 11th Circuits ruling was distinguishable on its facts:

Unlike [the 11th Circuits case], the Government has provided evidence to show both that files exist on the encrypted portions of the devices and that Doe can access them. . . . Based on these facts, the Magistrate Judge found that, for the purposes of the Fifth Amendment, any testimonial component of the production of decrypted devices added little or nothing to the information already obtained by the Government. The Magistrate Judge determined that any testimonial component would be a foregone conclusion. The Magistrate Judge did not commit a clear or obvious error in his application of the foregone conclusion doctrine.

The 3rd Circuit then dropped this very intriguing footnote, with a paragraph break added by me:

It is important to note that we are not concluding that the Governments knowledge of the content of the devices is necessarily the correct focus of the foregone conclusion inquiry in the context of a compelled decryption order. Instead, a very sound argument can be made that the foregone conclusion doctrine properly focuses on whether the Government already knows the testimony that is implicit in the act of production. In this case, the fact known to the government that is implicit in the act of providing the password for the devices is I, John Doe, know the password for these devices. Based upon the testimony presented at the contempt proceeding, that fact is a foregone conclusion.

However, because our review is limited to plain error, and no plain error was committed by the District Court in finding that the Government established that the contents of the encrypted hard drives are known to it, we need not decide here that the inquiry can be limited to the question of whether Does knowledge of the password itself is sufficient to support application of the foregone conclusion doctrine.

Theres a lot in that footnote that the government can use in future cases. Its dicta, but its very strong dicta. The issue will live for another day without a circuit split. But given that I think the footnote is correct, I hope it will be followed in future cases.

Go here to see the original:
Third Circuit doesn't resolve standard for forced decryption under the Fifth Amendment - Washington Post

Malwarebytes

A US man has lost an appeal over his refusal to decrypt hard drives in a case law enforcement says involves child pornography.

The unnamed man has been held by US police for over 18 months without criminal charges.

The suspect's lawyer has argued that he should not have to hand over his passwords due to the Fifth Amendment, which protects US citizens from incriminating themselves.

However, a US judge disagrees.

According to court documents released this week (.PDF) by the US Third Circuit Court of Appeals, during an investigation relating to child pornography on the Internet, a raid in 2015 on the man's home resulted in the seizure of an Apple iPhone 5S and an Apple Mac Pro together with two attached Western Digital external hard drives.

All of the devices were protected with encryption software, of which law enforcement was originally unable to break.

While the suspect gave police a password for the iPhone, he refused to decrypt the Mac Pro and the hard drives.

Forensic investigators were able to discover the password for the Mac which contained images of a "pubescent girl in a sexually provocative position," -- including sexual content relating to Doe's four and six-year-old nieces.

According to prosecutors, browser logs that revealed John Doe had visited websites related to child pornography were also found.

The forensic team was also able to learn that the man had downloaded thousands of files believed to be child porn. Although the team says these files have been downloaded due to their hash values, the files themselves were not stored on the MacBook Pro -- but rather, the inaccessible hard drives.

The suspect's sister also gave testimony to police, alleging that Doe had shown her "hundreds" of child pornographic images from the hard drives, alongside "videos of children who were nude and engaged in sex acts with other children."

However, law enforcement failed to access the external hard drives. Doe refused to hand over the passwords required to decrypt the drives -- at one point claiming to have forgotten them -- and so the court found him in contempt in 2015 for refusing to comply and "produce several seized devices in a fully unencrypted state."

The man has remained behind bars ever since, which currently stands at over 18 months.

Doe originally filed with the US Magistrate Judge to quash the order, arguing that decrypting the devices would violate his Fifth Amendment rights against self-incrimination. This motion was denied, leading to the fresh appeal.

"The Magistrate Judge acknowledged Doe's Fifth Amendment objection but held that, because the Government possessed Doe's devices and knew that their contents included child pornography, the act of decrypting the devices would not be testimonial for purposes of the Fifth Amendment privilege against self-incrimination," the court documents read.

Doe now argues that he should not be held in contempt as the District Court also lacks the jurisdiction to issue the order to decrypt his devices.

Speaking to the BBC, Keith Donoghue, a federal defender representing John Doe said the rejected appeal is "disappointing."

"[We are] studying the decision to determine what further review it may be appropriate to seek," Donoghue said. "The fact remains that the government has not brought charges and our client has now been in custody for nearly 18 months based on his assertion of his constitutional right against self-incrimination."

The Electronic Frontier Foundation (EFF) has filed an amicus brief in this case, arguing against compelling someone to reveal their passwords. In an interview, EFF senior staff attorney Mark Rumold told The Register that "any time suspects are forced to disclose the contents of their mind, that's enough to trigger the Fifth Amendment, end of story."

Excerpt from:
US man loses appeal in child porn encrypted device legal case ... - ZDNet

Lexington Herald Leader

Kentucky extends Calipari, Stoops contracts two more years Lexington Herald Leader It is the fifth amendment to Calipari's contract in his time at Kentucky, which started in 2009. Aside from the aforementioned extension, there is a mandated compensation review in Calipari's contract for June of 2022. At that time, UK's athletics ... Calipari, Stoops sign two-year extensionsWTVQ Calipari, Stoops contracts extendedThe Courier-Journal all 34 news articles »

Read this article:
Kentucky extends Calipari, Stoops contracts two more years - Lexington Herald Leader

The suspect has refused to comply with a court order to unlock two encrypted hard drives. Photograph: Focke Strangmann/EPA

A former Philadelphia police officer who has spent 17 months in jail will remain there indefinitely unless he agrees to unlock two encrypted hard drives. The suspect, Francis Rawls, has so far refused to comply with the court order, citing the fifth amendment, which protects him from self-incrimination.

The case has become a battleground for civil liberties campaigners, who believe that citizens should have the right to protect their critical information and to be protected from self-incrimination. However, the suspected nature of the encrypted content makes for a challenging ethical quandary: those hard drives are believed to contain images depicting child sexual abuse. In order to stand up for the rights of citizens across the US, organizations such as the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union (ACLU) must defend a suspected pedophile.

According to court documents obtained by Ars Technica, the case started in 2015, when the Delaware County criminal investigations unit got a warrant to search Rawls home after investigating his online activity. Officers seized two iPhones, an Apple Mac Pro and two external hard drives and got a warrant to examine their contents. Rawls refused to give up the passwords required to decrypt the hard drives, which were encrypted with Apples FileVault software.

That didnt stop digital forensics experts from finding incriminating content, including an image of a pubescent girl in a sexually provocative position and logs showing the device had been used to visit sites with titles commonly used in child exploitation. The forensic investigation also revealed that Rawls had downloaded thousands of files known by their hash values to be child abuse images, although the files themselves couldnt be accessed. The suspects sister also told police that she had seen hundreds of images of child sexual abuse on the hard drives.

In August 2015, a court issued a decryption order, compelling the suspect to unlock the encrypted devices. He unlocked one of the iPhones, but said he could not remember the passwords to the encrypted hard drives an assertion the court rejected based on testimony from his sister, who said she had seen him enter his passwords from memory. In September, a district court held the suspect in contempt of court for refusing to comply with the decryption order. On Monday, the third US circuit court of appeals upheld the decision.

Rawls remains imprisoned without charges (for much of the time in solitary confinement) in Philadelphias federal detention center until he complies with the court order.

Theoretically, he could be held in jail for contempt forever ... until hes dead, said Dan Terzian, a lawyer from Duane Morris.

Given the powerful evidence here that the defendant knows the passwords, he holds the key to his own cell. It is his own refusal to provide the evidence covered by the search warrant that is keeping him there, added Adam Klein, a senior fellow at the Center for a New American Security.

In ruling against Rawls, the court of appeals has decided that his constitutional rights against being forced to self-incriminate are not being breached. This is because of an exception to the fifth amendment known as a foregone conclusion, which is when authorities already know something exists in this case, police say they know there are child abuse images on the hard drives because they have a witness who saw the files (Rawls sister). The EFF and ACLU argued in an amicus brief that they did not believe the government could demonstrate with reasonable particularity that it knew the documents existed.

Why dont they go to trial without the files allegedly stored on the encrypted devices? It comes down to reasonable doubt.

The government wants every piece of evidence they can get to show the jurors what a disgusting person the defendant is, said Terzian, who has previously attended a trial where no actual images were presented as evidence in a case addressing child abuse images.

Witnesses said he was searching for it, but he was found not guilty because the defence convincingly argued that if there was child porn, the government would have shown it, he said.

There is also the issue of identifying child victims of sexual abuse and their attackers.

In her essay on the topic, published in January, the Brookings Institution fellow Susan Hennessy explained the immediate and real problem:

Whereas with respect to terrorism cases we often end up hypothesizing how law enforcement and policy makers will respond to the next big attack, in the child exploitation context the next attack is happening literally every day.

Children as young as infants and toddlers are raped or otherwise abused on camera; those images are routinely shared among a community of offenders; and those offenders deploy technologies that make it difficult or impossible to discover the perpetrators, prosecute their crimes, or identify and rescue victims.

Hennessy proposes that instead of forcing technology companies to create backdoors for law enforcement, lawful hacking in which the government exploits vulnerabilities in encrypted systems and regulation should be more broadly applied.

The suspects attorney, Keith Donoghue, a public defender, said he was disappointed in the ruling and was studying the decision to determine the next course of action.

The fact remains that the government has not brought charges. Our client has now been in custody for 18 months based on his assertion of his fifth amendment rights against self-incrimination, he said.

Link:
Man jailed until he unlocks encrypted hard drives in child abuse images case - The Guardian

I have blogged a few times about a pending 3rd Circuit case on the Fifth Amendment standard for compelling the decryption of a hard drive. As I explained, the case presents an opportunity to weigh in on the 11th Circuits standard in a similar case that I think was erroneous. The 3rd Circuit handed down its decision this morning, United States v. Apple Mac Pro Computer. The court ruled for the government without resolving which standard applies. In a footnote, however, the court hinted that it disagreed with the 11th Circuit and would have adopted the standard that I think is right if it had to choose. Its just dicta, but its pretty strongly worded dicta.

I explained the legal issue in glorious detail in my prior post, but heres a quick overview. If the foregone conclusion doctrine applies, the Fifth Amendment privilege against self-incrimination doesnt bar the act of compelling entering in a password. The question is: What does the government need to show to establish a foregone conclusion? The 11th Circuit had held in its prior case that the government needs to show that the government knows with reasonable particularity what files are on the encrypted device. In my view, thats wrong. The foregone conclusion doctrine applies if the government can show that it knows that the subject knows the passcode.

The 3rd Circuit held that the Fifth Amendment issue was not preserved below, but that even if it should be reached it would not be plain error to say that there was no Fifth Amendment privilege:

Even if we could assess the Fifth Amendment decision of the Magistrate Judge, our review would be limited to plain error. See United States v. Schwartz, 446 F.2d 571, 576 (3d Cir. 1971) (applying plain error review to unpreserved claim of violation of privilege against self-incrimination). Does arguments fail under this deferential standard of review.

The 11th Circuits ruling was distinguishable on its facts:

Unlike [the 11th Circuits case], the Government has provided evidence to show both that files exist on the encrypted portions of the devices and that Doe can access them. . . . Based on these facts, the Magistrate Judge found that, for the purposes of the Fifth Amendment, any testimonial component of the production of decrypted devices added little or nothing to the information already obtained by the Government. The Magistrate Judge determined that any testimonial component would be a foregone conclusion. The Magistrate Judge did not commit a clear or obvious error in his application of the foregone conclusion doctrine.

The 3rd Circuit then dropped this very intriguing footnote, with a paragraph break added by me:

It is important to note that we are not concluding that the Governments knowledge of the content of the devices is necessarily the correct focus of the foregone conclusion inquiry in the context of a compelled decryption order. Instead, a very sound argument can be made that the foregone conclusion doctrine properly focuses on whether the Government already knows the testimony that is implicit in the act of production. In this case, the fact known to the government that is implicit in the act of providing the password for the devices is I, John Doe, know the password for these devices. Based upon the testimony presented at the contempt proceeding, that fact is a foregone conclusion.

However, because our review is limited to plain error, and no plain error was committed by the District Court in finding that the Government established that the contents of the encrypted hard drives are known to it, we need not decide here that the inquiry can be limited to the question of whether Does knowledge of the password itself is sufficient to support application of the foregone conclusion doctrine.

Theres a lot in that footnote that the government can use in future cases. Its dicta, but its very strong dicta. The issue will live for another day without a circuit split. But given that I think the footnote is correct, I hope it will be followed in future cases.

More here:
Third Circuit doesn't resolve standard for forced decryption under the ... - Washington Post