A crime which is entirely inevident save for the ability to decrypt a file, is, ipso facto, a thought crime, and therefore IMO not a crime at all. The state needs to find its evidence somewhere which doesn't require the accused to testify against themselves.
This concept Kerr puts forward that criminals will become unstoppable given too powerful crypto is so laughable to anyone who understands cryptography as to be a complete waste of time. For a government built on balance of power and a long history of pushing the limits of that balance, the need for strong crypto is inherently obvious.
You can't issue a warrant for someone's private thoughts, no more than you can issue a warrant for my encrypted diary. It's not actually a 4th amendment issue, it's really an issue for the 5th.
What Apple has done, is take themselves out of the legal loop, where they shouldn't have been in the loop in the first place. Proper crypto is a win-win where I don't have to trust Apple, and Apple doesn't have to trust me. I doubt Apple is actually 100% there, but maybe close enough to stop the government from co-opting them into their investigatory responsibility.
It's perfectly obvious and reasonable that the manufacturer of a diary, e.g. Moleskin, should not be on-the-hook to reveal to authorities everything you write using their product. Similarly, before the Internet and cloud-era, it was perfectly reasonable that the manufacturer of a computer was not on-the-hook to reveal everything produced with that machine.
It's just a quirk of technology that these systems are easier to implement in a 'centralized clear-text' manor, exposing the data to 3rd parties, and therefore government warrants against those 3rd party copies. They never used to be centrally accessible, we've seen the damage a clear-text central store inflicts, and if we've learned anything from it, we won't ever return to this broken model again. Over time crypto will enable many of the 'easier to do centrally' type of services, performed over ciphertext, and without compromising individual privacy.
At this point I think Kerr is just trolling for the page views, since he doesn't seem to have learned anything from the extensive and thoughtful comments his first post elicited.
your ipso isn't quite so facto. There are many scenarios where encrypted information is evidentiary in non-thought-only crimes. Consider bitcoin theft, other money laundry. Consider second-order evidence, e.g. incriminating pictures or video of illegal acts for which not enough physical evidence has been gathered.
Self-incrimination is highly compelling evidence in all crimes. Interesting to note, however, is that a confession is one of the lowest and most unreliable forms of evidence.
But in speaking of thought crime, I'm merely speaking of crimes which are entirely inevident (which admittedly is a term I just made up) save for self-incrimination. Likewise, if it is evident that a crime has been committed, then by definition it is not a thought crime.
If there is evidence beyond self-incrimination, by all means find it and produce it at trial. For example, bitcoin theft by definition must effect an unwilling 3rd party, therefore there's at least a human who can testify their coins were stolen. It's evident in victim testimony, on the blockchain, in access logs and source code of the central service that was hacked, or in malware left behind on the victim's computer, etc.
The existence of a wronged third party is not evidence of guilt; the existence of a bitcoin wallet with the stolen funds on your phone, however, would be.
The idea that the digital world is so sancrosanct that it's totally exempt from existing law is enticing, I'll grant you. But not necessarily convincing.
It can be perfectly evident that a crime has been committed, without it being evident who committed it. So the evidence potentially found by examining the contents of a suspect's devices is not at all necessarily evidence of thoughtcrime.
The analogy with a diary is a good one, except that humanity has never been addicted to publicly carrying around a comprehensive all-encompassing diary, until now.
For many of us, these mobile computers record all of our thoughts, intentions and actions. They're really extensions of our minds. And our minds belong to us, not the government.
The government can build their cases as they've always done, without forcing us, or our extensions, to testify against ourselves.
Why do you consider anything encrypted as an extension of oneself? The 5th amendment protects you from being forced to testify against yourself. It does not protect you from being forced to turn over evidence. That is where obstruction of justice charges come into play. In your example of refusing to turn over a key to a diary is no different to the government than you burning that diary. You are actively preventing the government from accessing preexisting evidence.
The 5th Amendment grants you the right not to incriminate yourself in legal proceedings. Diaries found with a proper warrant can totally be used against you.
One could argue that governments can take possession of a computer with a search warrant, but even if they did, it violates the right against self-incrimination to have to give up your passwords and encryption keys. That's where the fifth amendment comes into play. It's my understanding that this is not settled law, and I'm not a lawyer, but that's the general idea.
Memorizing an unbreakable password to an encrypted file is a lot more convenient that memorizing the entire file and then destroying the bits.
However legally, I believe it should have the same net effect, because using technology to augment our increasingly limited biological memory shouldn't eliminate the protection against the government accessing that memory to use against us.
Maybe I'm 10-100 years early on this, but I think time will tell.
I totally agree with one exception. It's not a thought crime when there's an alleged crime and insufficient evidence. You could have a situation where there's good reason to believe a crime took place but the evidence is encrypted. (ie: a kid claiming to have been abused with photos taken, the accused is found to have an encrypted file labeled "kids", not a thought crime just alleged crime)
Certainly your example is not thought-crime. By Apple forcing the government to serve the warrant on the accused, most importantly I think we put the conversation where it belongs; not on the 4th but the 5th.
Does the 5th actually protect the accused in your particular example? I think it does, and I'm glad it does, because I think a 5th amendment which failed to protect the accused from this sort of self-incrimination, would fail overall.
How much can a defendant be forced to aid in their own prosecution? You cannot ask them "did you do it" and use their refusal to answer as evidence against them.
Now I have a device which constantly records the audio, video, GPS, temperature, barometric pressure, heart rate, breathing rate, etc. Maybe in a few years time it records not just everything it hears and sees, but literally everything its owner hears and sees. These devices have become, and will increasingly become, true and pure extensions of our own consciousness.
Today you have two choices; you can leave it all open and available for the government to "collect" and use against you, or you can quite literally keep it locked in your head using encryption.
The Bill of Rights was written in 1789. Seventeen-fucking Eighty Nine. In another 200 years, I hope its protections continue to be as meaningful.
This concept Kerr puts forward that criminals will become unstoppable given too powerful crypto is so laughable to anyone who understands cryptography as to be a complete waste of time. For a government built on balance of power and a long history of pushing the limits of that balance, the need for strong crypto is inherently obvious.
You can't issue a warrant for someone's private thoughts, no more than you can issue a warrant for my encrypted diary. It's not actually a 4th amendment issue, it's really an issue for the 5th.
What Apple has done, is take themselves out of the legal loop, where they shouldn't have been in the loop in the first place. Proper crypto is a win-win where I don't have to trust Apple, and Apple doesn't have to trust me. I doubt Apple is actually 100% there, but maybe close enough to stop the government from co-opting them into their investigatory responsibility.
It's perfectly obvious and reasonable that the manufacturer of a diary, e.g. Moleskin, should not be on-the-hook to reveal to authorities everything you write using their product. Similarly, before the Internet and cloud-era, it was perfectly reasonable that the manufacturer of a computer was not on-the-hook to reveal everything produced with that machine.
It's just a quirk of technology that these systems are easier to implement in a 'centralized clear-text' manor, exposing the data to 3rd parties, and therefore government warrants against those 3rd party copies. They never used to be centrally accessible, we've seen the damage a clear-text central store inflicts, and if we've learned anything from it, we won't ever return to this broken model again. Over time crypto will enable many of the 'easier to do centrally' type of services, performed over ciphertext, and without compromising individual privacy.
At this point I think Kerr is just trolling for the page views, since he doesn't seem to have learned anything from the extensive and thoughtful comments his first post elicited.
reply