In Re: Decryption of Seized Data

In the United States District Court for the Eastern District of Wisconsin, case 13-M-449, titled "In the Matter of the Decryption of Seized Data Storage System," the court has held that the owner of several hard drives seized by the FBI cannot be compelled to come to court and decrypt the drives for the FBI, because that would violate the Constitutional protection against self-incrimination. 

From the opinion:

On January 22, 2013, a warrant was issued allowing the FBI to enter and search Feldman’s residence, including electronic storage media, for evidence of child pornography. The warrant was executed two days later. 

During the search, Banner spoke briefly to Feldman before he invoked his right to counsel.  Specifically, Feldman stated that he had lived at his current residence for the past 15 years, and that he was the sole occupant of the residence.  Other evidence showed that Feldman is the only person paying taxes and receiving mail at his residence.  Feldman has a computer science degree from the University of Wisconsin–Madison.  He is a longtime employee of Rockwell Automation, currently holding the title of Senior Software Development Engineer.  In 2010, Feldman filed as a co-inventor for a U.S. patent for a “system and method for interfacing with an enterprise resource planning system.” 

Agents seized 16 storage devices during the search.  Five devices showed no traces of electronic data, and two devices were not encrypted.  The remaining nine devices contained data inaccessible due to encryption.  The encryption programs on the storage devices appeared to be the sort that would lock or damage data if too many incorrect password guesses were made. FBI analysts have spent over four months attempting to access the encrypted files without success. 

On one of the unencrypted devices, a Dell computer, FBI examiners found a peer-to-peer software program called “eMule.”  Within eMule, log files indicated that 1,009 files were received, distributed, or stored using eMule, with most of the files having titles mainly indicative of child pornography.  Examiners also found evidence that some of these files had been downloaded to various devices connected to the Dell computer—particularly, the “F,” “G,” and “I” drives.  The “I” drive corresponded to one of two encrypted devices.  The “F” and “G” drives might correspond to any of the other connected devices.  The Dell computer’s login screen showed only one username, “Jeff.”

So it seems pretty clear that this guy has been downloading some child porn and most likely storing it on encrypted external hard drives.  The FBI apparently gave up trying to break through the encryption themselves and went to the court to force Feldman to do it for them.  But doesn't that violate his right to remain silent?

Yes it does, said the court: 

[T]he government has shown that the encrypted devices contain data. In addition, during the search of the unencrypted Dell computer, the government found a peer-to-peer software program whose log files indicated that 1,009 files were received, distributed, or stored using the program, with most of the files having titles mainly indicative of child pornography. Examiners also found evidence that some of these files had been downloaded to various devices connected to the Dell computer, including one of two encrypted devices. In short, the government already knows the names of the files (which indicate child pornography) and their probable existence on the encrypted hard drives. Under these facts, “[t]he existence and location of the [files] are a foregone conclusion.”

Still, however, there is an issue of possession and authenticity. Feldman has a computer science degree, is a longtime employee of Rockwell Automation (currently, he holds the title of Senior Software Development Engineer), and filed as a co-inventor for a U.S. patent for a “system and method for interfacing with an enterprise resource planning system.” Accordingly, unlike in Subpoena Dated March 25, 2011, here, the government has shown that Feldman may very well be capable of accessing the encrypted portions of the hard drives.

But the following question remains: Is it reasonably clear, in the absence of compelled decryption,7 that Feldman actually has access to and control over the encrypted storage devices and, therefore, the files contained therein? To be sure, the storage devices were all found in Feldman’s residence, where he has admittedly lived alone for the past 15 years. In addition, the unencrypted Dell computer, which showed connections to the encrypted storage devices, has a login screen with only one username, “Jeff.” Nevertheless, unlike in Boucher and Fricosu [cases], here, Feldman has not admitted access and control.

This is a close call, but I conclude that Feldman’s act of production, which would necessarily require his using a password of some type to decrypt the storage device, would be tantamount to telling the government something it does not already know with “reasonably particularity”—namely, that Feldman has personal access to and control over the encrypted storage devices. Accordingly, in my opinion, Fifth Amendment protection is available to Feldman. Stated another way, ordering Feldman to decrypt the storage devices would be in violation of his Fifth Amendment right against compelled self-incrimination.

So it seems that what really violates his Fifth Amendment protection is admitting that he can decrypt the drives, not necessarily the act of decrypting them.  If the officer had asked early on, "Can you decrypt these for us if you wanted to?" and Feldman had said yes, the case may have turned out differently.

From JSOnline:

FBI Special Agent Brett Banner suggested in an affidavit that the increasingly common use of encryption could become a real hardship for law enforcement if courts don't order suspects to decrypt possible evidence.

Well, yes, it could become a real hardship for law enforcement if citizens had a way to keep things private from the authorities.  That's the point, Agent Banner.  The point of the Constitution and the Bill of Rights is to protect citizens from government.  That means citizens don't always have to do what the government wants, no matter how much the government wants it.

Encryption is amazing stuff when used correctly.  I prefer TrueCrypt myself.  Use a strong key.

UPDATE:  TrueCrypt has fallen into disfavor since this blog post was published, although it still works for many functions.  Here are some alternatives to TrueCrypt:  https://www.comparitech.com/blog/information-security/truecrypt-is-discoutinued-try-these-free-alternatives/