In what may become a precedent setting digital rights ruling, Judge Robert Blackburn of the United States District Court of Colorado ruled that compelling an individual to provide access to the encrypted contents of a device does not violate the US Constitution’s prohibition of self incrimination.
The ruling came during the trial of Ramona Fricosu, who is accused of taking part in fraudulent real-estate transactions. While serving a search warrant of Fricosu’s home, investigators confiscated a laptop for which they had a warrant. Finding the contents of the drive encrypted, the authorities then requested that Fricosu enter the password or otherwise provide to the court the unencrypted contents of the computer. The Electronic Frontier Foundation argued that such a request constituted a breach of Fricosu’s Fifth Amendment rights, and submitted an Amicus Curaie on Fricosu’s behalf over the summer.
Yesterday Judge Blackburn, an appointee of George W. Bush, concluded that an individual’s protection from self incrimination under the Fifth Amendment isn’t violated by requiring production of the unencrypted contents of the laptop.
The Fifth Amendment, part of the Bill of Rights, states that “No person shall… be compelled in any criminal case to be a witness against himself…”
In explaining his rationale, Blackburn acknowledges the Supreme Court precedent that a defendant cannot be compelled to reveal the self-incriminating content of his or her mind, but concludes that that protection doesn’t extend to the contents of the hard-drive. In step with that reasoning, the government has offered Fricosu immunity from the use of any information revealed in the actual act of producing the unencrypted contents of the laptop, whether by revelation of a password or otherwise.
One prominent cyber law expert said the ruling isn’t unexpected.
“Doctrinally it’s not too surprising,” said Jonathan Zittrain of the Berkman Center for Internet and Society at Harvard University. “The fact that the person knows the password at all may not be usable against the person — i.e. using the knowledge of the password to tie the person to the hard drive. That probably would fall under 5th Amendment protection.”
In other words, even with the decrypted data in hand, the prosecution still needs evidence that they believe establishes Fricosu as the owner of the laptop even without the encryption key.
Fricosu has until February 21, 2012 to provide a copy of the hard drive or appeal.
You can read a copy of the indictment, courtesy of Wired, here.
