Perhaps, but in this case, no trial has commenced. The issue is compliance with a search warrant and subpoena.
Plus, they don’t need to crack your encryption to image your hard drive, so you wouldn’t be destroying much.
Another issue with technology marching on is that products such as TrueCrypt let you set up multiple encrypted partitions and only make some visible depending on the password entered. It’s trivial to set up a basic partition and a hidden partition, and never have the two touch each other, so that you can decrypt a totally innocuous image of your hard drive.
Perhaps the creators of TrueCrypt had this in mind when they implemented a hidden encrypted volume within the outer encrypted volume. If compelled to reveal the password of the encrypted volume, all an investigator would find may be some innocuous information important to the owner, but not critically important to the owner nor the investigator.
So what happens to you? If you’ve complied with a court order to reveal the password to an encrypted volume, does the order’s authority now stop because the actual data is contained within a hidden encrypted volume whose existence is known only to the owner, but could be suspected by a knowledgeable investigator, only because they found nothing in the outer encrypted volume?
Nope. Just WL and Lexis.
OK, then, Boucher I is: 2007 WL 4246473
Boucher II is: 2009 WL 424718
To find you guilty of contempt, the court must weigh the evidence. While it’s entitled to assign its own determinations of your credibility to your testimony, it has to rely on something in the record.
So let’s imagine the two cases we’ve discussed (Boucher and Fricosu) int he context of a TrueCrypt hidden volume.
In Boucher’s case, the border agent had already seen images of child porn on the drive. If Boucher purported to comply with the court’s order, but revealed a drive with no such images, the court could credit the border agent’s testimony and conclude that Boucher was deliberately failing to comply with the order. In other words, the court could point to support in the record for its belief that there was a second, unrevealed storage area.
In Fricosu’s case, the government has no concrete knowledge of what is on the drive they seek. If Fricosu gave up the password, and revealed only innocent material, the court could not rely on any other testimony to contradict that finding.
So I would say the answer to your question depends on the facts in the case.
To be clear: There is precedent for the defendant being required to produce a key for a safe. Is there precedent for the defendant being required to produce a combination for a safe? A combination for a safe and a password for an encrypted drive seem fairly closely analogous, to me.
I would be interested in what precedent there is with safe combinations as well.
Ostensibly I can imagine law enforcement demanding you to open a locked safe, but I also imagine that if you refused they would just call in a specialist who could either crack the safe or (more likely) use force to drill the safe out safely without destroying whatever is inside.
Even the mightiest safe is not invulnerable. However, certain types of encryption, if their implementation does not contain any holes or means of getting to the data “around” the encryption, are essentially entirely unbreakable using existing technology.
How about this analogy: Defendant Raza is being investigated for running a gambling operation. A search warrant turned up a book, but the contents are coded, and government attempts to break the code have been unsuccessful.
Can the government/court require that the defendant reveal the code or otherwise provide a decrypted version?
I would think this circumstance has arisen before.
That is a perfect analogy.
Sure. Sean Connery resorted to the dense legalistic reasoning of sticking a gun in the mouth of one of “Raza’s” accomplices (the guy was dead already, but “Raza” didn’t know that) and pulled the trigger.
Got him a favourable judgement and an Academy Award.
Interestingly enough, there’s a case in my back yard, the Fourth Circuit, decided last week, that touches on a tangential issue. What happens if you learn you’re being investigated, and decide to destroy your hard drive before the FBI can seize it?
Turns out you can be convicted of destroying evidence with intent to impede, obstruct, or influence a federal investigation, as prohibited by 18 USC § 1519.
A child porn investigation pointed federal agents to one Brian Hicks of North Carolina, whose computer had apparently been linked to downloads of child porn. Hicks was not at home when they visited, and after learning of their visit he destroyed his hard drive. He admitted as much to the agents when they returned.
He was prosecuted under the Sarbanes-Oxley Act, which he complains was intended to apply to financial investigations only. But the court points out that the language is unambiguous, and prohibits:
So the government had no evidence to convict him of child porn, but sent him up for destroying his hard drive, which contained child porn before he destroyed it.
Not trying to defend people with child porn, but I don’t think you can conclude that the hard drive actually contained child porn - beyond the two thumbnails they were able to recover I suppose.
The real downfall of Hicks was that he admitted he destroyed the hard drive. I think that ruling was incredibly stupid. What if you’re contacted by police who think you may have some hidden, unknown to you criminal activity going on in your storage shed and they ask to look inside. You thoughtfully refuse because they do not have a warrant and after the police leave you decide to look in your shed. In looking in your shed, you remove old debris and generally give the place a good cleaning being careful to investigate any possible criminal activity. You find none and consider yourself in the clear. Now you’re guilty of destroying evidence. That’s stupid.
I think a reasonable defense to the password issue is “I don’t recall”. That seems to work for congressional testimony. Could you be held in contempt for that response?
He admitted it.
I was under the impression that Hicks denied the possession and since he was not charged with possession I missed the fact that he admitted possession in his testimony. Chalk another strike against him for talking to the police.
Your example of contempt was based on claiming a key was thrown in a river - a tangible object not a facet of memory. I think it would be bad policy to hold out a judge to be a mind reader and give them authority to penalize a person based on that fictional power. What defense would a person have who in fact forgot their password?
I expect that the prosecution would respond to an argument of “I forgot my password” by arguing that the defendant had repeatedly and recently accessed the encrypted information, thus showing that he knew the password then, and casting doubt on the claim that it was forgotten.
I’m still curious about the combination safe question.
It depends on the record. The judge would have to be able to point to something that allowed him to conclude the claim was a sham.
But someone who truly has forgotten the password under circumstances that look like he;s lying… not much defense.
That sounds very open to abuse.
And yet there have been very few cases in which abuse has been seriously alleged.
The biggest controversy that I recall surrounding a judge’s use of his contempt power to force a reluctant person to provide information was the case of Elizabeth Morgan, whose bitter divorce from Eric Forteich raised the issue. The courts ordered unsupervised visitation for the couple’s daughter Hilary Forteich. In defiance of that order, Elizabeth hid the child and refused to tell the court where she was, saying that her ex-husband had sexually abused the child and she was acting to prevent repeats of that act.
The judge ordered Morgan to reveal the location of Hilary, and when she refused, the judge jailed her for contempt. She stayed in jail over two years, and was released by (literally) an act of Congress.
Note that this is not entirely on point to what we’re discussing here – there was no question that Morgan knew where her daughter was. But the underlying question is at least similar: the power of the court to punish contumacious conduct is obvious, and equally so the power to confine someone until he complies with the court’s order and purges himself of the contempt.
But when a person either cannot (as in the genuinely forgotten password) or will not (as in Morgan’s case) how long may the court continue its confinement? It is, after all, not a sentence of punishment with a defined end, but an on-going confinement with the idea that the confinement will compel compliance.
How does the law know that he intended specifically to destroy child porn? For all the court knows, he could have learned of the investigation, realized that while he did not actually possess child porn, he had other things on the hard drive that were socially embarrassing and, though the law could do nothing about them, didn’t want them out in public?