Categories
Join Us At:
|
Kicking in Our (Electronic) DoorsA major unresolved legal issue in the United States right now is your right NOT to tell the government your password when they demand access to encrypted material in your posession. Now a fight is underway over just that question and the authorities have just won a round: A federal judge has ordered a criminal defendant to decrypt his hard drive by typing in his PGP passphrase so prosecutors can view the unencrypted files, a ruling that raises serious concerns about self-incrimination in an electronic age.With the government gaining more and more powers in recent years to access private data held by third parties (through the Patriot Act and other means), information kept in one’s own posession is still largely protected by the Fourth Amendment. But, there are exceptions including a big one: any time you cross the nation’s border. As it stands now, DHS policies allow the searching and copying of data, books and documents at the border, all without probable cause. And, the information that people routinely carry in their posession can now include what in a previous time would have been entire libraries of correspondence and other “papers and effects” (to quote the Fourth Amendment). In that situation, encryption is often the last bastion of privacy. But if this decision is upheld — it has already been appealed to the 2nd Circuit — this last bastion will be breached. If it is upheld, no one will travel with sensitive data in the future because they will never be able to be confident that it cannot be breached (and sometimes even everyday data is sensitive, because in large quantities its disclosure feels like such an invasion). Instead, people will turn to Virtual Private Networks and Cloud Computing, in which data is stored on remote servers and which raises privacy problems of its own since the data is held by a “third party” where it has so far been judged to have no constitutional protection. The government’s aggressive stance with regards to electronic searches is ensnaring innocent people, drawing precious security resources away from real threats, imposing costs on business, and resulting in racial profiling of business travelers. Meanwhile, last year both houses of Congress introduced legislation that struck a nice balance between Americans' privacy and national security. The bills would restore Americans' privacy rights at the border by prohibiting the copying of electronic data without probable cause. (Federal agents would still be able to retain intelligence after getting a warrant.) We're looking for this Congress to reintroduce this, or similar legislation, this session, so stay tuned.
A Blog of Rights Service Announcement: We are currently implementing some exciting new changes to this website. While we work on this, blog comments have been disabled. But they'll be back up ASAP, so hold that thought and you'll be able to submit your comment soon.
7 Responses to "Kicking in Our (Electronic) Doors" |
|
|
© ACLU, 125 Broad Street, 18th Floor New York, NY 10004 |
Feb 27th, 2009 at 4:13pm
THE EVIDENCE IS OVERWHELMING THAT THE GOVERNMENT'S SURVEILLANCE OPERATIVES DO NOT "PLAY BY THE RULES"...
...HAVE THE TECHNOLOGY TO COVERTLY 'CAPTURE' PASSWORDS AT WILL WITHOUT EVEN ASKING;
...AND CONTINUE TO VIOLATE THE CONSTITUTIONAL RIGHTS OF THOUSANDS OF AMERICANS UNJUSTLY 'TARGETED' FOR SURVEILLANCE.
A CLASS-ACTION LAWSUIT IS NEEDED TO RESTORE FREE SPEECH.
Want evidence? Just read through this daily account of "free speech horrors" on the ACLU's "Free Speech" blog, sub-item, "Internet Filters":
http://blog.aclu.org/2009/01/26/internet-filters-volu ntary-ok-not-government-mandate/#comments
Feb 27th, 2009 at 9:19pm
Hello ACLU,
I have a question about a workaround. Can you estimate what legal protection a deniable file system (like TrueCrypt) provides? That system has multiple passwords, and AFAIK you entering password 1 boots a different operating system than password 2. Can the border control force you to reveal how many passwords you have? Or can you just give them one password, leading to a fresh installation that has no private data on it?
Feb 27th, 2009 at 9:20pm
I suppose lying to a federal officer is a crime, so can you refuse to answer or "forget" how many passwords you have?
Feb 28th, 2009 at 2:06am
geeeee whiz, I'm sure the legal pressure is on, but sounds like the ole excuse 'I can't recall' generally still holds with 9 out of 10 judges --just saying. Another one of those prove yourself innocent cases.
wild;)
Mar 2nd, 2009 at 2:31pm
I'm torn on this one. I've been following it for a while and it "feels" to me like this a 5A violation. I look at it like this...if I had information in my head that would tend to incriminate me, I can't be forced to reveal it or apply it and the password to that encrypted volume is in my head.
However, before I start screaming to my representatives about this, I need to understand the State's argument. In this article (http://rss.slashdot.org/~r/Slashdot/slashdot/~3/vN8Eio0pRRU/article.p l) it says that "US District Judge William K. Sessions III said the man had waived his right against self-incrimination when he initially cooperated with border agents." Can anyone explain that to me?
Thanks,
Chaz
Mar 7th, 2009 at 12:45pm
I keep saying the more things change the more they stay the same, but it isn't true unless by staying the same you mean Government is taking over our rights.
If saying a Border guard asks can he look at your confidential stuff and you say yes...you lose. Therefore we need a "Miranda" warning.
Nov 23rd, 2009 at 10:25am
Electronic things are not so easy to handle but if you need any help regarding that you can contact Air Conditioning Inspections
Nov 23rd, 2009 at 10:31am
The article was quiet interesting i really like it.
Haider
Energy Assessor Training