Suspect who won’t decrypt hard drives jailed indefinitely

library
crime | hacking | security

A 17-year veteran and former sergeant of the Philadelphia Police Department who’s suspected of – but not formally charged with – possession of child abuse images has been found in contempt of an order to decrypt two hard drives.

The “John Doe” has already been imprisoned for 7 months in Philadelphia’s Federal Detention Center.

He’ll stay locked up indefinitely until he decrypts the drive, the court has ordered (PDF), saying that he “[carries] the keys to his prison in his own pocket.”

His lawyer has argued (PDF) that producing the passcode, stored as it is in his client’s brain, would violate his Constitutional rights regarding self-incrimination:

… the order transgresses the Fifth Amendment guarantee that no person shall be compelled to be a witness against himself.

The attorney, Federal Public Defender Keith Donoghue, urged a federal appeals court on Tuesday to release his client immediately, pending the outcome of appeals:

Not only is he presently being held without charges, but he has never in his life been charged with a crime.

This is yet another case in which prosecutors are focused on getting past Apple’s encryption: the suspect’s drives are encrypted with Apple’s FileVault software.

The government is taking the same legal tactic here as it did in cases involving iPhones of the San Bernardino terrorist and a Brooklyn drug dealer: it’s citing the All Writs Act to compel decryption.

The All Writs Act, a statute that’s been around since 1789, allows courts to issue writs (orders) “necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.”

In the first case, the government was trying to get at data on the phone of a shooter in an attack that left 14 dead in San Bernardino, California, in December. It used the All Writs Act as it tried to compel Apple to write a backdoor to get around a security feature that wipes a device after 10 failed password attempts.

The government withdrew the case after reportedly paying a mysterious third party to do the backdooring that Apple refused to do.

In the case of the Philadelphia child porn suspect, Donoghue argues that the Supreme Court has already said – in cases from 2000 and 1988 – that suspects can’t be forced to disclose the sequence of numbers that will open a combination lock.

That “clearly” points to a similar decision regarding compelled disclosure of the sequence of characters constituting an encryption passcode, the attorney wrote.

But as Ars Technica’s David Kravets notes, a federal appeals court ruled in 2012 that a bank-fraud defendant could be compelled to decrypt her laptop. Similar to the fight over the San Bernardino iPhone, that ruling wasn’t enforced, given that prosecutors got the password elsewhere.

The Philadelphia case began last year, with a local investigation into an anonymous file-sharing network called Freenet.

The government’s relying on the testimony of two witnesses. One was John Doe’s estranged sister, who claims that she looked at child abuse imagery with him on his computer. The other was a forensic examiner who said it was his “best guess” that the hard drives would contain illegal sexual content.

The Electronic Frontier Foundation (EFF) and the American Civil Liberties Union (ACLU) have filed a friend-of-the-court brief (PDF) in which they backed up the suspect’s Fifth Amendment argument, saying that…

…compelled decryption is inherently testimonial because it compels a suspect to use the contents of their mind to translate unintelligible evidence into a form that can be used against them. The Fifth Amendment provides an absolute privilege against such self-incriminating compelled decryption.

The court, for its part, is bypassing arguments over the Fifth Amendment altogether, arguing (PDF) that courts have the authority to hold persons in contempt, without a trial:

Civil contempt orders are intended to be coercive or compensatory in nature, and do not require… a jury trial.