UK Court Rejects Encryption Key Disclosure Defense 708
truthsearch writes "Defendants can't deny police an encryption key because of fears the data it unlocks will incriminate them, a British appeals court has ruled. The case marked an interesting challenge to the UK's Regulation of Investigatory Powers Act (RIPA), which in part compels someone served under the act to divulge an encryption key used to scramble data on a PC's hard drive. The appeals court heard a case in which two suspects refused to give up encryption keys, arguing that disclosure was incompatible with the privilege against self incrimination. In its ruling, the appeals court said an encryption key is no different than a physical key and exists separately from a person's will."
Disclosing a key is disclosing knowledge (Score:5, Interesting)
Suppose some incriminating evidence exists but it is hidden in a secret location. Can you be forced to disclose that location?
If not, then why not store your encrypted data on a huge partition of random data. To get it you need both the key and the location of the data. The latter you can simply refuse to disclose.
Hide your data (plausible deniability+ physically) (Score:2, Interesting)
Obviously then, the way to prevent the cops from knowing about your encrypted data is to hide it from them. If they don't know about the encrpyted file, they can't ask for the password.
Two ways, plausible deniability (if you haven't heard of TrueCrypt [truecrypt.org] yet, check it out>) is the way that most of you will use.
The other way is physically hiding the disk. Have a garden that you use, and store your data in multiple plastic bags and bury it.
The other thing you could do, have a strong magnetic field that is triggered in certain scenarios that will wipe your box of floppy disks/hard drive. Example scenarios include the cops breaking down the door, or the door being opened without a button being pressed.
Re:Oh Joy (Score:1, Interesting)
Then again, if it goes so far as a steno witch hunt then some of us might very well become terrorists. The US and UK are good at producing their own enemies.
So anyone want to do this.... (Score:3, Interesting)
Same as Service vs Commodity problem (Score:2, Interesting)
It seems the judge did not ask for, nor got sufficient evidence, which points to ($#@$ stupid) lawyers/barristers representing the cases.
My gut feel is, apart from this miscarriage of justice, that the issue can only be resolved by investigating the intentions for encryption: if that intention was to protect the data from perusal by others, then this falls clearly under the gambit of "the privilege against self incrimination".
Technical measures for key destruction (Score:4, Interesting)
I am not a lawyer and this is not advice, but I did consult on the RIPA.
If the encryption key is destroyed by a pre-configured ``technical measure'' then by my reading of the Act one cannot be held in contempt for failure to disclose.
For example, a dead-man's switch that destroys all traces of keys if the owner does not log-in for a pre-arranged number of days.
Note that *all* traces must be destroyed. The Act can compel other parties ( e.g. work colleagues or holders of back-ups ) to disclose even if they are not directly involved in the case.
Re:willpower (Score:3, Interesting)
Yeah. Go fetch the key without my help.
As I've been saying, what we need is better plausible deniability.
https://bugs.launchpad.net/ubuntu/+bug/148440 [launchpad.net]
Then they can't go around asking everyone for their keys - because most really wouldn't have them :).
The Truecrypt proponents don't get it. Hidden container or not, you have to voluntarily install Truecrypt, so that's sufficient cause for them to target and trouble you.
Re:Huh? (Score:3, Interesting)
Its NOT illegal to say i forgot. The government uses it all the time to justify its continuous laptop losses...
So cite that in court. Plus add that the Government thinks the court is stupid. That will rile the judges enough to judge in your favor.
Nothing irritates a judge more than the Government arrogantly claiming they are bigger than the court.
Re:So anyone want to do this.... (Score:5, Interesting)
Is there a system which will allow the use of a 'duress' key? If the duress key is given instead of the real key the encrypted data is erased. This would be easy enough to defeat by a suitably motivated investigator, but they'd have to have figured out what was going to happen first...
Re:I wish the US Supreme Court was that smart. (Score:5, Interesting)
What about when there's no key to hand over [theregister.co.uk]?
Re:I wish the US Supreme Court was that smart. (Score:1, Interesting)
Because you can't be tortured into making up shit that would incriminate you. The key provides the same set of evidence, regardless of your state of mind.
It's that simple.
Re:So what's worse? (Score:5, Interesting)
This is the precise argument that They will be using for lenghtening the prison terms for NOT divulging the key once we've swallowed the fact that not-remembering something can get you in prison.
And then They just need to send a collection of /dev/random with a filename suggesting underage pornography to your email address and keep you imprisoned for decades. Your ex-girlfriend could do and call the police. Your enemies from the cubicle farm could do, too. Your competing business and even blackmailing spammers could.
I smell serious blackmailing business: pay up and we'll send you the key you need to prove yourself innocent.
Re:Disclosing a key is disclosing knowledge (Score:3, Interesting)
Hand out the second one.
The judge also pointed out... (Score:1, Interesting)
...that this isn't self-incrimination, as they are not being forced to reveal information that will incriminate them.
Simplified massively, the principle says that if someone asks "did you kill him?", you are not bound to answer "yes". That disclosure would incriminate yourself. In this case, the police demanded a copy of the decryption key; answering that question - admitting that you possess the encryption key - does not incriminate you. It is not illegal to possess an encryption key. Well, not in most circumstances.
He goes further to state that even in cases where admitting that you possessed the encryption key would incriminate you, a judge could surpress the fact that you provided the key, thereby avoiding incrimination. For example, if you have encrypted child porn on your computer, admitting that you possess the key could imply that you have viewed child porn, thereby incriminating youself. A judge could, however, allow the decrypted images to be used as evidence, while refusing to allow the fact that you provided the key to be used as evidence, thereby avoiding self-incrimination.
In essence, what they're saying is that you don't have to say "I killed him"; but if you write down "I killed him", then you have already disclosed the information. Once you have disclosed the information, they are at liberty to compel you to remove any protection you have placed around that information. There is a difference.
Oh, and to the posters that suggested he use the defence "I forgot it", the police arrested the guy while he was halfway through typing the key in. It's kind of hard to convincingly say you didn't know it at that point...
Re:Why these jokers didn't say i forgot.... (Score:5, Interesting)
It is interesting to note than while section 53 states criminal penalties for non-disclosure on part of defendant, section 55 does NOT state any criminal penalties against misuse/abuse of such information.
The Government has covered its shiny metal a$$ well with this section.
So the courts can sentence you to 6 months imprisonment for NOT revealing the key, but if you reveal the key and some government official loses it in the next train (which happens monthly), the CP or the government official cannot be imprisoned for the loss or any such loss caused to you by that loss.
Brilliant!
All the more reason for me to NOT give out my key.
Until such time i see a CP or a minister sentenced to jail for loss of residents' confidential information, am not comfortable with providing ANY information to this orwellian government.
I WILL claim memory loss for this. let them prove am lying
Re:I wish the US Supreme Court was that smart. (Score:3, Interesting)
So, by YOUR theory, subpoenas would be completely unenforcable.
A subpoena ad testificandum orders a person to testify before the ordering authority or face punishment.
Sorry Judge, I forgot.
A subpoena duces tecum orders a person to bring physical evidence before the ordering authority or face punishment.
Sorry, Judge, I lost it.
Unless you're just stupid and say "No" instead of "I forgot"
Re:I wish the US Supreme Court was that smart. (Score:3, Interesting)
No, that argument doesn't fly.
The physical lock might as well be a combination lock, and thus the combination would consist of "knowledge" just the same as for an encryption key. It is perfectly legal for the police to require you to divulge the combination to your locker.
"Something you know" isn't what counts when it comes to protecting you from self incrimination; it is whether the "something you know" is incriminating you. And unless your combination isn't a crime in itself, you wouldn't directly incriminate yourself by divulging it, which is what the self incrimination protection is about.
What if the actual passphrase was illegal to say? (Score:2, Interesting)
By being forced to say the passphrase, in effect the government is forcing you to break the law, or reveal company secrets. I wonder what would happen....?
Re:I wish the US Supreme Court was that smart. (Score:5, Interesting)
It gets worse. /dev/urandom > file
Theory: with a good encryption program any encrypted data should look random.
That truecrypt volume should be impossible to tell from a file I've created with
cat
So you could type that very command and 5 years later they ask for your encryption key...
Key?
To jail with you!
same goes for any random/semirandom data you have which has so mime type.
Now I'm willing to bet there are programs which can take a photo album and hide an encrypted volume in the least significant bit of the pixels, how would law enforcement deal with that?
"GIVE US THE KEY!"
"but but but... what do you want the key to..."
Long story short, if you live in the UK and own an electronic data storage device you can now be thrown in jail for no reason at all.
Re:Two things to bear in mind... (Score:3, Interesting)
There are certain books that would get you in trouble. If they concern, for instance, highly exothermic chemistry, certain political movements especially in the Middle East and in Ireland, or exotic erotic practices, then you could be arrested for possession of 'material likely to be useful to terrorists' or 'obscenity'.
Re:I wish the US Supreme Court was that smart. (Score:2, Interesting)
1. "New Labour" made it possible for Police to search your house, without a warrant, if you are arrested.
2. They also made every criminal offence, including littering, an arrestable offence.
=> Police can make a warrantless search of your house if you litter.
"New" Labour, Old Communist party.
Re:Huh? (Score:2, Interesting)
Re:I wish the US Supreme Court was that smart. (Score:1, Interesting)
If the british in this thread and in general dont respond to such a claim then is it any differnt than them not having a Bill of Rights in the first place?
What the fuck happened to Britain? (Score:4, Interesting)
Exactly when did they start to go insane?
Once I would have like to go there. Now it sounds like an Orwellian nightmare. Cameras everywhere (that happen to be "malfunctioning" when police hold down an unarmed, ticketed Brazillian subway passenger and shoot him in the head multiple times). Laws passed monitoring all communications. No privacy. Jail sentences if you will not or cannot tell them an encryption key.
This is the kind of shit they would tell us about Russia during the cold war.
Who's getting rich and who's gaining power through this?
Re:I wish the US Supreme Court was that smart. (Score:5, Interesting)
My thoughts exactly. People seem to get all pissy when I say something like "if you don't have the balls to protect your freedoms, you don't deserve them". I'm not a regular protester at any events or anything like that, but I'd rather be shot for defending my freedom than live to see it gone. Not that I believe privacy exists anymore. The whole world was too slow to act in learning about and defending their privacy in a new technological age. Sure, there were a few technologically aware people with a small voice that was easy to push aside. Too late, privacy's gone. Only way to get it back is to lay your own global network in secret and hope the governments of the world never hear about it.
Re:I wish the US Supreme Court was that smart. (Score:1, Interesting)
It's nice having a Bill of Rights, ain't it?
Laugh at all the British who say such a thing is unnecessary.
Laugh at the Americans who are so ignorant of their own history to think the British don't have one. Hint: the eighth amendment is copied verbatim.
Re:So anyone want to do this.... (Score:5, Interesting)
A duress-key that wipes data is no good. Any serious investigation will take a complete copy of the data as the first step, so wiping does you no good at all.
What you can do, and which is done, is to have "plausible deniability". Truecrypt does it like this:
You have a 1GB (for example) file that contains an encrypted filesystem that contains 500MB of files.
The free space (500MB) *may*, or may not, contain a second encrypted filesystem. There is no way to tell without knowing the second "inner"-key.
So, if pressed to give up the key, you give up the outer key, giving access to 500MB of perhaps mildly embarassing, but ultimately harmless stuff. If asked about the "inner"-key you say there isn't one. The default operation of Truecrypt is for there NOT to be one.
So, it's plausible you're telling the truth; could be the volume is larger than the filesystem simply because you wanted space for more files. It's not as if a half-full filesystem as such is suspicious.
It's unlikely they could force you to give up certain information without even showing a likeliness that the information EXISTS.
That's "plausible deniability".
You can say: "There is no second key", and there is no way of figuring out if that answer is truthful or not.
Re:So what's worse? (Score:3, Interesting)
Well, remember the OJ trial?
Good defense lawyers do two things with evidence: they either discredit it, or they interpret it in a benign context.
When the Big Box O' Porn is produced in court, a competent defense lawyer demands the police produce a chain of custody showing how the box allegedly got from the defendant's home to the court. If the police can't show that, it's not evidence any longer. If the police can't prove the DNA sample analyzed actually came from the crime scene, it's not credible any longer. It might not even be admissible.
After the chain of custody is thoroughly tested, the lawyer then works to put the evidence in a favorable context. Sure, they have proof it arrived in the mail for the defendant, but where is the proof it was ordered by him? What about the defendant's neighbor, who is a member of a militant white supremacist church, and hates him because he's black and gay? What about the police detective, who was given to brag about how many n-words he put in prison?
It is the ability to contest evidence that makes admitting the evidence fair. If the police could just produce the Box O' Porn in court, and that's it, you're going to fry, well that would be very bad. If the police can produce any old binary gibberish in court and claim it contains porn, with no supporting evidence at all, that would be worse.
Re:Afghanistan in Perspective (Score:5, Interesting)
AFAICT, President Bush had 4 options with Afghanistan after 9/11.
(1) Ignore it. This was the Clinton strategy, and had resulted in slowly escalating attacks on American and European soil over the previous decade or so. Whether it ultimately succeeded would have depended on whether momentum could be regained on a host of other fronts to make radical Islam irrelevant in the Muslim world - a questionable assumption. Nevertheless, it may have been the second most effective option available IMHO.
(2) Take out the Taliban, disrupt Al Queda, then leave. Depending on your perspective, this would have stirred up the ant's nest (causing a rash of new attacks) or reset the clock by ten years (a cold war-like strategy that worked pretty well against an aggressive Soviet Union). This may have been the best option for the US in retrospect, although it would do nothing to help the Afghan's who were brutally oppressed by the Taliban (and most previous regimes :-/ ).
(3) Take out the Taliban, evict Al Queda, and stick around for nation-building. As you mention, this would almost certainly be disastrous. If you're planning to fight radical Islam, this is the least favorable ground on the planet.
(4) Take out the Taliban, evict Al Queda, then move the field of battle somewhere else. This was the Bush option, with "somewhere else" set to Iraq. This approach successfully set back Al Queda by 10 years (and counting), but cost the US and Britain the good will of most of its allies in the world. I suspect the president was counting on the Iraqi people embracing freedom and democracy, rapidly establishing a stable government, and joining the fight, which would have made this the winning option. If so, he miscalculated.
You advocate waiting them out, and that has worked thus far with a pretty darned significant list of anti-democracy types. Not with Libya, though - they settled down only after a bombing run that killed Khadafi's daughter (among 45 military and 15 civilian casualties) - similar to option 2 above. It also failed most notably in the prelude to WWII, as has been endlessly rehashed over the past 7 years, so there are no guarantees.
In retrospect, though, and with full 20/20 hindsight, and recognizing the high cost to the long-suffering Afghan people, overthrowing the Taliban and scattering the ants before a token nation-building exercise with the Northern Alliance amid steady get-the-heck-out-of-Dodge withdrawal was probably our best option - and a lesson to be learned for the future, if we're smart.
Don't rock the boat (Score:0, Interesting)
You can go 2 different routes. Encrypt all your HDs, speak out against the government on what we know are monitored channels like email, cellphones and IM, do highly visible speeches and get put on even more lists by the authorities... or you can create hidden encryption files, send files over under the radar mediums like IRC or XMPP, use word of mouth to speak directly to people in a way you know is not monitored, and in the end probably be just as successful, but being smart about it.
Re:Fuck the British equivalent of Homeland securit (Score:5, Interesting)
Over here in Sweden TV8 showed "The Anti-American" talking about how various european saw at USA. They talked with people in Poland, France and the UK. Maybe there was some italians or something to.
Very interesting and it somewhat made me feel bad for saying stupid things about USA sometimes. Then french people was the most funny one talking about how everyone in USA except in NY was rasists and also how to keep the american culture and english words and influences out of their country.
Yeah right, because french people are so open minded when it comes to influences themself? And they don't think everyone should learn french? Hillarous.
The polish people really liked you and looked up against you, seeing america as the saviour against everyone invading poland. And the UK as your strongest ally obviously like you to except they want to be the imperial worlds #1 force and not just follow lead as it is now :)
Sure we complain about your wars and playing world police, but in the end us europeans and everyone else always wait to long and do to little so I guess it's good that USA step in and fix up the crap, even if it's not a really democratic decision.
The sad part is that you just step in where you have something to gain from stepping in, so problems in countries where you don't gain anything from interfering nothing will happen. But that's fairly understandable in general to.
Oh, and they talked about how Europe, china (?) and especially japan needed the oil from the middle east region much more than USA but didn't helped to keep it political stable and keep the oil flowing. We just took the benefit without helping. Japan can always blame it on how they are pacifists. And also how you could have got the oil real cheap anyway so they argued that wasn't the factor, at least not egoistic and just for your own sake.
Anyway, interesting program.
Re:I wish the US Supreme Court was that smart. (Score:5, Interesting)
only if you care about civilian casualties.
as for finding terrorists, they're too useful. I don't mean in a conspiracy theory doing the governments bidding way. I mean they can be used to raise political capital.
Lets take a the example of ETA in the basque country of Spain. Every time there's a scandal or some big fuckup by senior government officials there just happens to be a crackdown on ETA members shortly after. Oil tanker disaster = crackdown. Senior official sex scandal = smaller crackdown. with lots of headlines about all the ETA members arrested pushing the sandals off the front page.
It's well known that the authorities in Spain keep tabs on most of the organisation and could probably round up most of them overnight if they really wanted.
The heavy handed way they treat it only serves to increase the number of recruits, the organisation would have faded away to almost nothing if the Spanish government didn't intern people and fuck up their lives as part of this.
Now I wonder if there are any parallels with how the US runs it's own war on terror...
Want to hold on to political power? don't even dream of getting rid of the terrorists, they're a minor threat but you can use them to demand a great deal of power.
Re:Disclosing a key is disclosing knowledge (Score:3, Interesting)
Re:Lords will overrule (Score:1, Interesting)
The Lords haven't had any real power to protect us since 1911. The Parliament Act 1911 was passed after George V threatened to create hundreds of new peers to neutralise the Conservative majority that opposed it. Completely removed the ability to veto bills, restricted delay of any bills dealing with taxation to two months, and delay of any other bills to two years.
Get this - it was intended as a temporary measure, just to help the country through the current crisis.
Then the Parliament Act 1949 was passed, reducing the possible delay to one year. The Lords opposed it, so the government used the 1911 Act to push it through! Thing was, the 1911 Act required a delay of three sessions over two years - so the Commons opened, waited ten minutes, then closed to bring it up to three sessions.
This shit is OLD. The government have been bastards who don't care one shit for oversight. See also the creation of hundreds of life peers by Labour, diluting the power of the Lords even further by stuffing it full of loyal Party votes.
We need a non-elected, hereditary body of randomly selected people with income paid out of taxes and guaranteed constitutionally who have no job but to veto laws that violate the Constitution that we don't have but should.
Re:I wish the US Supreme Court was that smart. (Score:3, Interesting)
Result:If you live in the UK and own any form of electronic storage you can be jailed at at time.
No - it's not quite that bad. Yet.
In order to secure a conviction under S.53, the prosecution has to show several things (beyond reasonable doubt):
1) That the blob of data on the disk really is an encrypted blob, and not just random data. A file called "entropy.rand" is likely to be viewed differently than one called "cipher.enc".
2) That the key to that data is in the possession of the suspect, ie. there's a PGP key in his keyring which corresponds to the one used to encrypt the ciphertext
3) That the suspect could reasonably be said to have access to the key. So, for instance, if the keyring had been accessed in the last two days, "I forgot it" is pretty unlikely to wash. If, on the other hand, it was accessed six months ago, a jury might well be inclined to believe such an excuse.
And the court order for the key is supposed to be based upon the notion that there is sufficient evidence that the ciphertext is likely to be of interest. So, a cleartext file saying "Jihad targets listed in file cipher.enc", then the coppers probably have reason to believe that file cipher.enc is a legit target. However, if the coppers came across a USB key in someone's car with an encrypted "My Pr0n" folder, then that would possibly be deemed irrelevant. In any case, plaintext production would be far more likely ordered than key handover.
It would be interesting to note - was plaintext production ordered first, or was key handover? The code of practice says plaintext comes first unless special circumstance obtain.
I still think RIPA is a foul piece of legislation, but I don't think it's the "Arbitrary Detention Act 2000".
As for popular reaction, why would the Brits react differently to the American reaction to Gitmo? As long as people think "But it'll never happen to me, just to bad people" then such intrusions on liberty will go on.
Mental note (Score:3, Interesting)
Mental note: Use a key that gets distributed among several confederates and that I retain no personal knowledge of, other than a small piece. It will at least distribute the risk. Retain only a small portion of the key for myself, and store it in an obscure place.
Re:Unfortunately ... (Score:2, Interesting)