this post was submitted on 03 Jul 2023
215 points (100.0% liked)

Technology

29 readers
2 users here now

This magazine is dedicated to discussions on the latest developments, trends, and innovations in the world of technology. Whether you are a tech enthusiast, a developer, or simply curious about the latest gadgets and software, this is the place for you. Here you can share your knowledge, ask questions, and engage in discussions on topics such as artificial intelligence, robotics, cloud computing, cybersecurity, and more. From the impact of technology on society to the ethical considerations of new technologies, this category covers a wide range of topics related to technology. Join the conversation and let's explore the ever-evolving world of technology together!

founded 2 years ago
 

There’s been an increasing call in recent weeks and months for encryption to have government ‘backdoors’ put into them. This is a bad idea. No really, it’s an incredibly bad idea. Even if we took the assumption that it is a push that’s made with only the purest of intentions, and the government universal key is kept 100% safe and secure and never leaked or misused, it’s still a really, unbelievably, stupid idea.

you are viewing a single comment's thread
view the rest of the comments
[–] HelixDab@kbin.social 4 points 1 year ago (2 children)

As far as the US goes, that's incorrect. The issue is a 1A issue, not a 5A issue.

tl;dr - you are required to provide keys, combinations, fingerprints, etc. when there's a warrant. You might not be required to provide passwords.

Let's say cops have a search warrant for your house, and you have a safe in your house that they think the evidence of the crime they're investigating is hidden in. But it's locked. You are obligated to unlock that safe for them, whether it's a physical key, a combination, or a fingerprint. If you refuse, you can be compelled, and can be held in contempt of court and held in jail until you comply. (Or course, in the case of a physical safe, refusing the provide the key would mean that they'd hire a security expert to destroy the safe in order to retrieve the contents. But that's not possible with encrypted data.)

The problem is that a password is both a key and speech. I can be compelled to provide a key, but I can't be compelled to engage in certain speech. So far, courts have been divided on what a password is, and I don't believe that the question has been addressed by SCOTUS yet. (Although, knowing SCOTUS, I wouldn't expect them to be tech-savvy enough to make a good ruling.) In some cases, people that have been under court orders to provide passwords have been held in jail on contempt charges until they've divulged the password, even when they say that they've forgotten the password in question.

Keep in mind that the people that this is often applied to are not usually people you'd want to be friends with; most of that cases I've seen in the news involve people that are accused of having child pornography, either uploading or downloading it, or terrorism. But obvs. revoking rights to deal with exceptionally scummy people also means that those rights get revoked for everyone else...

[–] elscallr@kbin.social 3 points 1 year ago (1 children)

(Although, knowing SCOTUS, I wouldn't expect them to be tech-savvy enough to make a good ruling.)

Honestly the current SCOTUS has largely been finding in line with those things explicitly and literally within the US Constitution. I could see them considering being required to provide a password being required to provide evidence against yourself, which is a Fifth Amendment violation, or compelling speech in violation of the First, like you said. It's not impossible it violates both, and I'd expect to see that argument made in the decision.

[–] HelixDab@kbin.social 1 points 1 year ago

If we extend this thought experiment to a physical key, then that argument falls apart. A physical key is 'real or physical evidence', while a password (and apparently combinations?) ends up being considered 'testimonial', despite both serving the same function. While I may not be required to provide testimony against myself, I can be compelled to provide real of physical evidence. If, for instance, I have committed tax fraud, and my accountant has already told the IRS as much, but I have the only copies of the tax documents encrypted, I can be compelled to decrypt them, because the 'testimonial' value of the password is negligible since the gov't already knows that I have the fraudulent documents. But if they can't already demonstrate that they know what--roughly--the real evidence that's encrypted is, then no password for cops.

This seems inconsistent to me, since a password and a physical key serve the same function.

[–] tal@kbin.social 3 points 1 year ago* (last edited 1 year ago)

As far as the US goes, that's incorrect. The issue is a 1A issue, not a 5A issue.

No, it's a Fifth Amendment issue. The Wikipedia article I linked to discusses it. Being compelled to provide a password runs into some of the same problems that compelling self-incriminating testimony does.

search

You're confusing the Fourth Amendment -- which deals with searches -- and the Fifth Amendment. You're right that it's not an issue of protection against illegal searches, which is what one might assume to be the case, but not correct as to the actual rationale that it runs into.