Whether the Fifth Amendment right against self-incrimination is implicated when a defendant is asked to reveal a password was, until now, a theoretical question. The topic was the subject of heated geek-debates which were akin to the early Christians slugfests about how many angels could dance on the head of a pin. Two recent federal cases have finally brought the matter into the legal limelight. The arguments are academic. The practicalities are marginally meaningful. Let me tell you why.
First, the cases. In USA v Ramona Fricosu, the defendant was ordered to decrypt her encrypted hard drive. Fricosu was accused of bank fraud and the government believed there was evidence on her laptop. She fought the order on the grounds that the government cannot force her to testify against herself, arguing that revealing her password is testimonial. The government responded that a password is not testimonial. Much like ordering a blood test from a suspected drunk driver or swab of the cheek from a suspected sex offender, a password is more like a key to a lock than an admission of guilt or testimony, prosecutors theorized.
The judge in the case issued an early decision, completely weaseling around the Fifth Amendment issue. Instead of dealing with whether or not a password is testimonial and whether or not it invokes the protection of the Fifth Amendment, the court ordered the defendant to provide the government with a non-encrypted version of the computer drive. That’s basically the same thing as providing the password, but the court avoided the big-time constitutional ramifications and the inevitable scrutiny that would ensue.
A 2009 case, U.S. v Boucher, was similar. The U.S. District Court in Vermont ordered the defendant to produce an unencrypted version of the media, avoiding the password issue.
Another recent case held that yes, indeed, a password is testimonial and does implicate the Fifth Amendment protection against self-incrimination. The U.S. Court of Appeals for the 11th Circuit thought more deeply than the common analogies to providing blood or a key to a lock. Here is what the court ruled in In re Grand Jury Duces Tecum, released March 11, 2011.
“We hold that the act of Doe’s decryption and production of the contents of the hard drives would sufficiently implicate the Fifth Amendment privilege. We reach this holding by concluding that (1) Doe’s decryption and production of the contents of the drives would be testimonial, not merely a physical act; and (2) the explicit and implicit factual communications associated with the decryption and production are not foregone conclusions.
First, the decryption and production of the hard drives would require the use of the contents of Doe’s mind and could not be fairly characterized as a physical act that would be nontestimonial in nature. We conclude that the decryption and production would be tantamount to testimony by Doe of his knowledge of the existence and location of potentially incriminating files; of his possession, control, and access to the encrypted portions of the drives; and of his capability to decrypt the files.”
Form Over Substance
The court seemed to recognize that the mind is a more complex device than a lock. In so doing, it recognized that there is more going on with regard to information technology and securing it than securing a locker. While this recognition is important and gratifying to the information technology sector, it is academic, really a matter of form over substance.
The more important question than, “Is a password testimonial, thus implicating the Fifth Amendment protection against self-incrimination?” is, “Does it make any difference whatsoever”? The answer to that second question is twofold and can save the government and defendants lots of money and time. Here’s why.
On a technical note, the government has all sorts of programs that defeat passwords. They don’t really need the defendant to reveal his or her password. If they are demanding the password, it’s the one time in a million that they have run into a situation in which they do not have the software or decryption capability to defeat it.
If encryption is employed, a password is required to decrypt the contents. Just as with your BlackBerry or other smartphone, if you don’t provide the correct password given a certain number of attempts, the contents of the media are “wiped.” By “wiped,” I mean the contents are completely scrubbed. The contents are deleted and overwritten by a neutral character, such as an “x” or “0” or “1.”
Besides (and this may sound cynical), but as a practical matter, who’s going to remember their password after all that litigation? Seriously. I had to reset the password to my blog three times last week because I forgot the password. I have to use GPS to get home from places I’ve been a million times. And the government is going to order people to remember stuff when they’ve been under stress and it’s been a year or two since they’ve even accessed the system?
The probability of the defendants remembering the passwords are slim. So why bother with all the litigation for a moot point? Is it to bankrupt the defendant (because that’s what usually happens)? Is it to make a point? (Really, what is the point?) Is it because the government can do it? (We do it because we can!) What happens, if at the end of the day, the defendant really has forgotten the password and the disk gets wiped of its contents? Does the government prosecute the defendant for destroying evidence? (Well, the defendant didn’t destroy the evidence, the government did, didn’t it?) Does the government prosecute the defendant for obstruction of justice? (Why? Because the defendant can’t remember something?)
Of course, I don’t have any answers. I don’t proclaim to. I just have questions. Lots of them. The philosophical discussions we had in law school about password production and the Fifth Amendment were for fun. The litigation taking place now is for big money. Just walking through the door of a federal courthouse costs a defendant tens of thousands of dollars. Not chump change. Not these days. And the reverberations run deep.•
By the way. . . news is that the defendant in the Fricosu case has forgotten her password. Shocking!
Courtesy of the Connecticut Law Tribune, March 26, 2012
Saturday, March 24, 2012
Wednesday, March 7, 2012
Sabu Snatch- Will it Instill "Terror" in the Hearts of Anonymous?
Ahhhhh. It was just a matter of time, wasn’t it? The FBI announced that LulSec leader, Hector Xavier Monsegur, aka “Sabu,” helped them to take down the organization (organization in the loosest possible use of that term). A coop for the FBI. But, of course, they’ve gone too far. One senior official is quoted by Fox News as saying, “When people in the hacking community realize their God has actually been cooperation with the government, it’ll be sheer terror.” That quote is certain to evoke a response from the hacker community.
But is the message a dare? A taunt? I mean, the whole interception of the telephone conversation a month or so ago between the FBI and Scotland Yard appeared to be so incompetent on the part of the law enforcement agencies as to be phantasmagorical.
They have LulSec’s main guy. He’s a genius. They say he’s a hacker-rockstar. But there are others. LulSec is only a teeny, tiny portion of the conglomeration of hacktivists that make up Anonymous. I worry that the FBI taunts tease those geniuses who sympathize with the group and haven’t taken the plunge into deviant acts into wholesale hacking. The government has thrown down the glove, haven’t they? Seems sort of stupid, given that they’ve been compromised so many times in so many ways so much.
The hype that the FBI released attending the Sabu snatch is intended, no doubt, for us to question whether all of those hacks were “real” or if they were conducted with the supervision and under the auspices of FBI operations. Pisshah. As if. The flounderings of desperation.
I have great respect for the feds and for all of law enforcement. It’s really great that they were able to bring Sabu and others to justice. However, bear in mind that these are a couple of uneducated guys with broken computers. The FBI is using the same tactics they use in every successful venture they’ve ever launched. Find one guy- usually when they pinch his girlfriend or buddy on an unrelated matter, and get him or her to squeal and offer a deal. That’s unquestionably what led them to Sabu, which is what led them to the other members of LulSec and what will lead them to other miscreants. I’d hold off on the ticker tape parades lauding and magnifying the intellectual and investigatory prowess of our federal government agents and their minions. Extortion is their means. It works. It’s been the tool that has worked for about a hundred years and it will be the tool they continue to use.
However, it’s not going to get them very far with 
the real geniuses, who are much more dangerous than the guys like Sabu, who are not formally educated and are missing the left shift key on his computer. Push the MIT Ph.D. too far and you’ve got trouble. Piss off the Rochester Institute of Technology woman who’s had just about enough and see what happens. You are playing freshman ball, my friends. These guys dazzle you, but they are only the people in Spring training.
the real geniuses, who are much more dangerous than the guys like Sabu, who are not formally educated and are missing the left shift key on his computer. Push the MIT Ph.D. too far and you’ve got trouble. Piss off the Rochester Institute of Technology woman who’s had just about enough and see what happens. You are playing freshman ball, my friends. These guys dazzle you, but they are only the people in Spring training. The capabilities- the potential out there- is far more dangerous than anything that Sabu or the Anonymous folks have so far done or contemplated. Two questions for the feds- 1. Why tempt them? 2- Given the obvious- that you are dealing with freshman players and not first string, shouldn’t you start upping your game?
A side note- A search for the definition of “Sabu” yielded some interesting results from the urbandictionary.com. Apparently, there was a wrestler named Sabu circa 2000, it may refer to putting your friend’s mom through a coffee table, and it can also stand for, ‘smack a bitch up.’ Nice.
Tuesday, March 6, 2012
Time to Look at Computer Search Process?
Courtesy of CT Law Tribune
March 5, 2012
Last week, a Manchester Superior Court judge vacated the one remaining charge against former Granby karate instructor Patrick Lenarz, who had served nearly four years in prison on a charge of risk of injury to a minor. The reversal of his 2005 conviction was the groundbreaking remedy fashioned by Connecticut’s Supreme Court. It decided nothing less than exoneration would suffice, because an unconstitutional search of Lenarz’s home computer by the Connecticut State Crime Lab improperly divulged attorney-client trial strategy.
After Lenarz was freed, his defense lawyer, Kevin Ferry, was exultant, but he also said he had hoped the high court would also enunciate a new standard for computer searches. “In my opinion, since electronic data is such an important part of peoples’ lives now, and people keep their private thoughts and papers and lawyer communications on their iPhones and laptops, there’s got to be a fundamental change in the procedures that apply when a search warrant is issued and those things are searched. I was kind of hoping that the Supreme Court would have come up with one in Lenarz, but they didn’t.”
Watertown lawyer and computer forensics expert Monique Mattei Ferraro is thinking the same way. She left the state crime lab in 2004, just before Lenarz’s computer was brought in for examination. She’s concerned that the lab’s internal systems are not designed to focus on a search warrant, or to properly utilize specialized computer-searching software to exclude evidence for which no probable cause has been found. A new opportunity presents itself for the lab and its technicians to start doing so now, as it upgrades its procedures in the wake of last year’s temporary loss of accreditation due to its DNA lab shortcomings. At the crime lab, Major William Podgorski said that new procedures are underway to have an independent prosecutor oversee attorney-client document searches. Ferraro spoke with Senior Writer Thomas B. Scheffey.
LAW TRIBUNE: Remind me what happened to Patrick Lenarz’s computer after police began to investigate him.
MONIQUE MATTEI FERRARO: He was accused of sexual assault by a couple of his karate students, and the police who were investigating made some nexus between the sexual assault charges and child pornography. They did a search warrant for his home computer and submitted it to the computer crimes forensic unit for a digital forensic examination.n to investigate him.
Forensic technology expert Monique Mattei Ferraro said it is up to state crime lab examiners, and not just police detectives or prosecutors, to comply with terms of search warrants.
After the police got a warrant to seize the guy’s computer, within 24 hours, Lenarz’s attorney got an order from the court saying you can’t look at certain documents, because they are privileged documents intended for my lawyer. So what’s the first thing the lab does? They go in and rifle through his documents, print them out and give them to the police, who give them to the prosecution. Therein is the prosecutorial misconduct. Nobody [had previously faulted] the lab or the police. Finally, [last week], Kevin Ferry mentioned that it was the fault of the computer crimes lab. And it is unquestionably their fault. They ran roughshod over this guy’s rights. Once they became aware of these privileged documents, they went right in and looked for them, printed them out, and gave them to the police. The lab, as a government entity, is covered by the Constitution. Their position is, they don’t ask anybody for a copy of the search warrant or consent to search because “the police officers tell us what to look for, and we trust that they’re going to tell us the truth.” That’s not right — the examiner is ultimately responsible.
LAW TRIBUNE: Why is a warrant so important for a computer search?
FERRARO: [A computer] contains an enormous amount of information — more than your house does, more than the Library of Congress, potentially. If the average murder scene is a bedroom, imagine that a computer hard drive is the equivalent of the Town of Wilton or the City of Hartford — filled with all of the owner’s private thoughts and activities that may have accrued over the course of several years. When the police have access to it, they have lots of time and resources at their disposal, to look through it.
LAW TRIBUNE: There were several steps before the improper material reached the prosecutor. What went wrong here?
FERRARO: Within 24 hours of the seizure of the computer, Lenarz and his attorney obtained a court order that prohibited the examiners from looking at documents prepared for trial, that were privileged. This court order was in effect when the computer was submitted to the crime lab. Notwithstanding the order, the lab searched through the computer, they looked at the documents, printed them out and gave them over to the police. The search warrant was quite clear that the computer crimes lab was to look for child pornography. Child pornography is nothing like documents, and digital forensic software is quite able to distinguish between pictures and documents.
LAW TRIBUNE: Even computer novices know they’re completely different types of files.
FERRARO: And digital forensic software quite easily filters out any documents in a search — that’s one of the beauties of it. It’s very, very easy. You look at the search warrant, you go by the search warrant and you gather the data the search warrant tells you to look for.
LAW TRIBUNE: So what should come out of this?
FERRARO: At the very least, the Department of Public Safety and the computer crimes lab should learn some lessons from it. Certainly Mr. Lenarz’s life was damaged — he spent three years, nine months in prison because of this. I think that what happened is an indicator of the poor supervision and the bias that existed at the lab and within the Department of Public Safety at the time. I think right now there’s an excellent opportunity for the department to change their ways. And I sincerely hope they take advantage of this opportunity.
LAW TRIBUNE: What would you like to see?
FERRARO: They are still not requesting consent or search warrants before examining a computer. They don’t use a search warrant as a guide when they do an examination of a computer. They go by the request for service. ...There is nothing at the lab now that would prevent a situation like Lenarz from happening again. Nothing. •
Subscribe to:
Posts (Atom)