To my lay understanding (IANAL) it seems the legal system used to have a strong distinction between "things you have" and "things you know". To the point in the U.S. where "taking the 5th" is very much in the public consciousness as not having to say anything that could be used against you. A warrant certainly can be used to take the drive with any encrypted material on it, but forcing divulgence of the keys seems like another level entirely.
The proper analogy would be refusing to give a combination for a safe, which you can probably do, its not such an issue because they can break the safe open.
The 5th amendment right to avoid self-incrimination only extends to testimony. A search warrant can compel you to furnish the contents of a safe (as property, it is governed by the 4th amendment -- due process is all that is required, and in this case, the process of getting a search warrant is all that the Constitution requires).
It is not that clear cut. You don't have to unlock the safe, you have to provide the key to unlock the safe. If the key only exists in your mind, and the contents of your mind are protected by the Fifth Amendment, then it is likely that you don't have to provide the key.
You are further protected by the fact that we don't have mind-reading devices yet. (People are often forgetful under stress, so it follows that you could forget your difficult-to-remember password under the stress of arrest and trial.)
Yes, there is US v. Boucher. That is a very special case, however, and District Court rulings are far from definitive.
The "contents of your mind" are not protected by the 5th amendment. The part of the 5th that everyone remembers and obsesses about only prevents the state from compelling you to testify against yourself.
Here is the example which is more appropriate to this discussion: The state contends that Bernie Madoff may have stashed billions in offshore bank accounts, the state has proof that these accounts exist and that he accessed them on a regular basis. The state (specifically a judge) can compel him to produce the account numbers and access codes to enable prosecutors and investigators to examine the account activity. If he refuses the judge has the power to place him in jail (for contempt of court) until such time as he provides the information to the court that it feels is necessary to render a fair judgement.
Sure, but the judge can hold you in contempt for anything. There was one judge who put his entire courtroom in jail because someone's phone rang and nobody admitted to it. He is no longer allowed to be a judge.
Anyway, this is why there exists deniable encryption. The example cases usually involve someone beating you with a rubber hose, but contempt is a much more realistic outcome. So you spend a day or to in jail, "decide to remember" your key, and everyone thinks you have done them a big favor. In reality your cache of bomb-making plans and maps of the white house are still several enctyped volumes deep. It looks like you were coerced into cooperating, but you actually didn't.
The contents of your mind are a bitch -- nobody knows them but you.
But really, in real life, the state would have to prove that you don't actually have an unformated drive containing random data. I have a few disks like this; they once contained useful data, but I since upgraded them, and now they are useless. They were overwritten with random data, but at one point had real data. Do I risk indefinite imprisonment for this? Hopefully not. (The government mandates that government agencies keep their unwanted disks in this state.)
Bullshit. If providing information incriminates yourself you do not have to provide it. If those account numbers are on a piece of paper, sure he has to produce the paper. But not if it's in his brain only.
What if you forgot your password. O have a file catted from /dev/random that looks like a it could be TrueCrypt partition, good luck trying to convince them it is not an encrypted file. They'll just say "yeah, yeah" and you go to jail for 5 years.
Despite what you might hear from Fox News, you do actually have the right to a fair trial.
So far the case law (in the US) with respect to crypto is unclear. The only case involved someone showing the government child porn on their computer, and only later not providing the key. As far as I know, having an encrypted partition has never gotten anyone in any trouble, even if accused of a crime.
Under UK anti-terror measures in a case of national security failure to provide means to unlock encrypted files carries a 5 year prison sentence.
Those of the 15 cases (since the legislation passed in 2007) that have not been terror related have concerned child abuse (probably pornography) or domestic abuse (I'm thinking that possibly means "honour killings", but that's speculation).
Personally I have no problems with coercing people to reveal details of the children they've abused, family members they've had killed, or of their plans to blow up my fellow countrymen.
<sarcasm>But I can see how, if it's just your porn collection that you're hiding from your wife, that when you get collared for terrorism that having some mathematician at GCHQ know you've got a rubber fetish is really going to ruin your day.
I have a little more faith in the mathematicians of GCHQ than this. Indeed I suspect that in at least some of these cases (which according to Sir Christoper relate only to child endangerment, domestic abuse or terrorism) GCHQ could decrypt the contents themselves but wished not to reveal that fact to terrorist groups that want to blow us all [in the UK] up.
> O have a file catted from /dev/random that looks like a it could be TrueCrypt partition, good luck trying to convince them it is not an encrypted file.
That's a mistake unlikely to be made; partly because the vast majority of seized computers run Windows :P but mostly because it is fairly obvious.
Actually, the randomness coming from /dev/random and the randomness of a TrueCrypt partition are demonstrably different. See: http://16systems.com/TCHunt/faq.php
As a point of interest. The level of evidence required to get to serve on of these notices is fairly high. I'm willing to bet (an informed guess really) that it is a very small percentage of people with encrypted material that qualify to be served.
