Encrypting Your Hard Drive No Longer Works Against US Federal Prosecution

Sometimes common "street smarts" fail you. Like when you ask the guy who's selling you drugs if he's a cop. Or when you encrypt your hard drive and refuse to unlock it for prosecutors while citing the self-incriminating clause of the Fifth Amendment.

A federal court judge has just ruled that being forced to decrypt one's hard drive during prosecution does not violate the defendants's Fifth Amendment rights. The ruling stems from a case against Ramona Fricosu, who is charged with mortgage fraud. She has refused to decrypt the contents of her hard drive arguing that doing so would require her to essentially testify against herself.

Nuh-uh, said judge Robert Blackburn, citing an earlier ruling against one Sebastien Boucher. In that case, the courts decided that, while Boucher's encryption password was certainly protected, the information on his drive could be considered evidence in the case and was therefore not subject to the same liberties.

"I find and conclude that the Fifth Amendment is not implicated by requiring production of the unencrypted contents of the Toshiba Satellite M305 laptop computer," Blackburn wrote in his opinion today. He also cited the All Writs Act, a 1789 statute, could be invoked as well to force Fricosu's compliance.

Friscosu has until February 21 to comply or face contempt of court charges. Geez, it's getting to the point that your secrets are better left on microfilm in pumpkin patches rather than on your hard drive. [CNet via The Verge]

Image: Tatiana Popova/Shutterstock



    Wow, the US government are more and more stripping away peoples rights under the constitution.

      Searching your hard drive is the same as searching your home, provided there is a warrant and/or done within the confines of the law.

      You can't tell the cops that they cant search your house even with a warrant because you locked the door.

      This is hardly a first. It's happened before, and the person was charged.

    Americans have rights?! Those lucky bastards!

    I'm not really seeing the difference between the right to take someones HDD and read it as apposed to making someone give you their password.
    It just seems that if your drives are encrypted your just saying Yup you guys really want this data.
    To be clear i think the point is should they be alowed to read your hdd not the encrypted part.

      Ha Ha, my to be clear part wasn't so clear... WHERE IS MY COFFEE???
      Too me its the same if they can take your HDD then they can take your password. Encryption is good against thieves but police???

        What if the person kept an encrypted diary using a cipher only they knew. Would the courts be able to force the author to give up the cipher?

        I see these two situations as being similar, has anyone heard of courts ordering diary authors to give up the key?

    Hopefully Australian courts will interpret our constitution otherwise. First SOPA and now this!

      There's no bill of rights in our constitutiuon.

      The police won't want your hard drive unless they have direct evidence that links you to illegal activities (it would require a search warrant for starters, followed by actual planning of a raid)...in which case you're probably as good as guilty, decrypted drive or not.

    Not to everyone, if you're using TrueCrypt, add a hidden partition, this essentially gives you the power to have one 'normal' password which decrypts a drive and gives you one lot of content, and another 'secret' password which gives you a second set of content. There is no way to know a secret partition exists so they couldn't force you to decrypt it.

    or setup a dead man switch that kills your HD in the event of unauthorised attempt to access the system.

      That would be terrible if you had a:
      unwitting friend

      I'd also be willing to bet that the police would simply take the hard drive out of the computer after confiscating it to avoid a bios lock.

    I can't believe nobody's suggested "I forgot my password".

    If you want to keep something private, use encryption software that allows for encryption within encryption (I don't know the technical term). When asked for your password, you give the password to portion A which contains a few documents worthy of encryption, but nothing serious. What the authorities can't see or even prove exists is that within portion A lies portion B which requires a second password. All of your really sensitive material goes in here. TrueCrypt is the free software I use.

    Not an expert on the matter so please feel free to correct me or add useful comments.

    Does this mean that US Customs officials now have a legal standpoint to require you to decrypt your laptop when they want to look for "illicit materials"?

    Like I heard recently: If you have nothing to hide, why not just walk around naked?

    Just thought I'd put it out there that Truecrypt, a popular, open source, encryption tool, offers plausible deniability in the form of hidden volumes.

    One alternative that no court can really beat is you forgetting your password. If you are incapable of unlocking the encrypted drive, there's really not much they can do.
    There is also no way of proving that you remember the password.

Join the discussion!

Trending Stories Right Now