Jump to content

Good News for encryption users!


anyedie
 Share

Recommended Posts

Yay 5th amendment?

Aren't you from the UK? You don't get the 5th amendment :)

....or do they have an equivalent over there?

Link to comment
Share on other sites

http://www.openrightsgroup.org/orgwiki/ind...IP_Act_Part_III

Best bit of the article: "In September 2003, Home Secretary David Blunkett announced wide-ranging extensions to the list of those entitled to see information collected under the RIPA. The list now includes job centres, local councils, and the Chief Inspector of Schools"

Link to comment
Share on other sites

This is an interesting situation. The guy gets caught with his drive open, police see illegal stuff and arrest the guy, shut down the machine and because of that now need a passphrase to remount the encrypted drive. This shows that the procedure used here is wrong. When you kill someone in your own home, some cop doesn't show up, sees that a murder has been comitted, takes you to the police station for interrogation and a couple weeks later a forensics team shows up, only to find that your cleaning lady has once again shown to not only be ruthlessly efficient, but very much worthy of that christmas bonus you were planning for her.

They should have a computer forensics team on stand-by much like the CSI people and the cop in question should've kept the machine on until those people got there.

Forcing the guy to produce his encryption key in this case I would consider reasonable because the evidence of the crime he's been charged with was on there and it already was accessible at the time of his arrest. If the laptop was confiscated in a bust of some sort, and police at no time in the investigation had access to the key to the drive, they shouldn't be allowed to request the suspect to divulge it.

The UK system is just wack, but I'm not sure where my country stands on this one.

EDIT:

Found it! In .NL you don't have to provide the key. Specifically

-----------------------

You don't have to cooperate with your own conviction. It's called the 'nemo tenetur'. It's not explicitly in our lawbooks, but is recognised based on article 6 of the EVRM (dutch abbreviation of 'european treaty of human rights and fundamental liberties'). Based on the Saunders-arrest of the European Court a suspect cannot be compelled to make a statement, but can be compelled to provide materials which are independant of his will, such as documents and blood samples. If the defendant writes a confession in his diary, and the police finds it during a search, it's admissible. Even when it's on a computer. But if the police can't find the diary, the suspect cannot be compelled to tell them where it is.

A password is similarly inside your head, and divulging it is akin to "making a statement". Which is why such an order to compel cannot be given here. This has been explicitly noted in article 125k Wetboek van Strafvordering. To witnesses, but also other relevant parties (such as a systems administrator) such an order to compel CAN be given - naturally as long as they actually know the password.

-----------------------

Source: http://blog.iusmentis.com/2007/12/18/ameri...en-aan-politie/

That blog post also points out that in a discussion in dutch parliament on a new computer crime law, our justice minister explicitly stated that 'nemo tenetur' made it illegal to compel a person to divulge his password. (source: http://www.ejure.nl/mode=display/dossier_i...ds/KST86350.rtf [dutch, rtf])

Interesting follow-up question posed in that blog post: If the suspect was using biometrics as authentication mechanism, can he be compelled to place his finger on the sensor? After all, taking someone's fingerprints is legal.

Link to comment
Share on other sites

Does raise an interesting point. Also, if you use biometrics like a finger print, what happens if you dip your finger in acid or use a dremel to remove or damage the finger beyond the biometric sensors ability to recoverer usable data? Plus, if your using something like a TPM to encrypt your data, and that breaks or is broken, how can they legally use something like the RIPA against you?

Link to comment
Share on other sites

This is an interesting situation. The guy gets caught with his drive open, police see illegal stuff and arrest the guy, shut down the machine and because of that now need a passphrase to remount the encrypted drive. This shows that the procedure used here is wrong. When you kill someone in your own home, some cop doesn't show up, sees that a murder has been comitted, takes you to the police station for interrogation and a couple weeks later a forensics team shows up, only to find that your cleaning lady has once again shown to not only be ruthlessly efficient, but very much worthy of that christmas bonus you were planning for her.

They should have a computer forensics team on stand-by much like the CSI people and the cop in question should've kept the machine on until those people got there.

Forcing the guy to produce his encryption key in this case I would consider reasonable because the evidence of the crime he's been charged with was on there and it already was accessible at the time of his arrest. If the laptop was confiscated in a bust of some sort, and police at no time in the investigation had access to the key to the drive, they shouldn't be allowed to request the suspect to divulge it.

The UK system is just wack, but I'm not sure where my country stands on this one.

QFE

taking and using fingerprints is fine with me because it like leaving "it" right out in the open

Like marijuana if you let it grow outside but behind a fence designed to keep people out and not let them see in police can't then use that but if it's behind a chain link fence they can use that

I'm too tired to make sence I'll try again tomorrow

Link to comment
Share on other sites

Pretty Good Privacy.. the title alone makes it sound just not that good enough.

Good enough to keep the cops out. this guy was lucky to have PGP, i bet most guys or girls that look at shit pictures like those would have to be really good with a computer. you would be dumb not to know how to hide it and take it to the airport.

Thats probably why when you see guys get caught its always old guys who think delete is all they need.

Link to comment
Share on other sites

Well, when you see busts of pedofile rings on the news, there's always a ton of computers, CDs and DVDs taken out of homes. I'm under the impression that they catch these crooks primarily by tracing back parcels, rather than actively monitoring internet sites and such.

This bright spark was simply brazen enough to put the shit on his laptop and head across the border with it. He should be counting his undeserved blessings for having chosen to store the filth on an encrypted drive.

Link to comment
Share on other sites

You do actually have a right to silence in the UK, but that's only in relation to giving evidence to something you've been charged with, i.e. you don't have to provide testimony during criminal proceedings (although since 1994 the jury can draw inferences from your silence, in England and Wales at least, not sure about Scotland and NI). Being forced to hand over encryption keys doesn't come under the same protection and you don't even have to be charged with a crime before being ordered to surrender your keys.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...