WSJ:
In a ruling that could have broad ramifications for law enforcement, a federal appeals court has ruled that a man under investigation for child pornography isn’t required to unlock his computer hard drives for the federal government, because that act would amount to the man offering testimony against himself.
The ruling Thursday appears to be the first by a federal appeals court to find that a person can’t be forced to turn over encyption codes or passwords in a criminal investigation, in light of the Fifth Amendment, which holds that no one “shall be compelled in any criminal case to be a witness against himself.”
The Atlanta-based U.S. Court of Appeals of the 11th Circuit ruled that “the Fifth Amendment protects [the man’s] refusal to decrypt and produce the contents of the media devices,” which the government believes contain child pornography.
In this instance, the accused individual hasn’t even been charged.
Regular readers will remember my call for a computer forensics innocence project. Among my concerns is that if your hard drive or mine fails, there’s no hope of ever recovering a thing from it. But if the police get the same hard drive they explain that there’s no way to completely delete anything on it.
Bruce Schneier, one of the most respected computer security specialists in the world, “We in the security field know the risks associated with trusting digital data, but this evidence is routinely assumed by courts to be accurate.”
Computer forensics is a complex, time consuming, and expensive process poorly understood outside the world of experts. Computer data is volatile and a good computer forensics expert must be skilled in the acquisition, analysis and presentation of computer evidence. For the average person, especially outside of big metropolitan areas, that’s impossibly hard to find.