technopolity

encryption (continued)

V.D) Implicated Legal Issues

            The question that must be answered is whether Boucher divulging his key would be "testimonial" and therefore violate his Fifth Amendment rights.  Case law seems to strongly support Boucher in this argument.[205]  Throughout American history, accused have been forced to furnish blood samples, give a handwriting example, stand in a lineup, wear particular clothing, and perform a variety of other physical acts.[206]  Forcing the accused to follow these orders was permissible for at no time was the accused forced "to disclose any knowledge he might have" or "speak to his guilt."[207]  Conversely, "it is the ‘extortion of information of the accused; the attempt to force him to ‘disclose the contents of his own mind' that implicates the Self-Incrimination Clause."[208]  Further, Kastigar v. United States clearly states that the clause "protects against any disclosures that the witness reasonably believes could be used in a criminal prosecution or could lead to other evidence that might be so used."[209]  Thus, Neidermeier's ruling seems to be well supported with strong precedent from other bodies of case law, even though the case is the first of its kind in America.

V.E) Future Implications

            Should Neidermeier's ruling withstand a government appeal, a tricky precedent will certainly have been set.  According to Mark D. Rasch, a former federal prosecutor, "You're going to see drug dealers and pedophiles encrypting their documents, secure in the knowledge that the police can't get at them."[210]  However, should Boucher be forced to reveal his encryption key, an even more complicated situation could arise.  As seen in the United Kingdom,[211] those receiving the requests may spread from serious criminals to petty offenders eventually resulting in a complete lack of privacy allowed by the police force.  Further, given the legal precedent that is already set regarding what is deemed "testimonial,"[212] it would imply that the encryption key was being treated as a tangible item.  Such a model, applying laws normally reserved for tangible items to computers and their related intangible items, could result in a new paradigm in which internet and data security laws could be formed.

VI) Conclusion 

            At the center of the encryption debate is the question of how much privacy and security should an individual have.  Since the strength of encryption has grown significantly faster than the ability to break it in modern times, it is now possible to encode messages that won't be cracked for decades to come.  While the level of security and privacy that this provides is believed by many Americans to be true to the spirit of the country, many others find the consequences of this, namely criminals and other enemies having access to the same technology, dangerous and irresponsible.  This resulting conflict, and the case and policy issues that result, will continue to persist until the schism between the two groups is resolved.

 

 

[1] Bruce Schneier, The Psychology of Security, BruceSchneier.com, January 18, 2008, available at http://www.schneier.com/essay-155.html.

[2] Marshall Brain, How Locks Work, available at HowStuffWorks http://home.howstuffworks.com/lock.htm (last visited April 7, 2008).

[3] Brinks Home Security, http://www.brinkshomesecurity.com (last visited April 7, 2008).

[4] Safe, available at Wikipedia http://en.wikipedia.org/wiki/Safe (last visited April 7, 2008).

[5] Your Safe Deposit Box May Not Be So Safe, available at MSN Money http://moneycentral.msn.com/content/Banking /FinancialPrivacy/P41893.asp (last visited April 7, 2008).

[6] Gary Kleck & Marc Gertz, Carrying Guns for Protection: Results from the National Self-Defense Survey, Vol. 35 Journal of Research in Crime and Delinquency 2 (1998), available at http://jrc.sagepub.com/cgi/content/abstract/35/2/193.

[7] Bodyguard, available at Wikipedia http://en.wikipedia.org/wiki/Bodyguard (last visited April 7, 2008)..

[8] Susan M. Bauman, Engineering the Protection of Our Cities, Vol. 25 Technology in Society 4 (2003), available at http://www.sciencedirect.com/science?_ob=ArticleURL&_udi=B6V80-49TRJTP-3&_user=489256&_rdoc=1&_fmt=&_orig=search&_sort=d&view=c&_acct=C000022721&_version=1&_urlVersion=0&_userid=489256&md5=bd6ab7e6daaad24da8ec79cad9d24bdf.

[9] Bruce Schneier, The Psychology of Security, BruceSchneier.com, January 18, 2008, available at http://www.schneier.com/essay-155.html.

[10] Protecting Intellectual Property Rights Abroad, available at Export.gov http://www.export.gov/regulation/exp_tic_ipr_article.asp (last visited April 7, 2008)..

[11] Small Business FAQ, available at United States Patent and Trademark Office  http://www.uspto.gov/smallbusiness/about/faq.html (last visited April 7, 2008).

[12] Marshall Brain, How Encryption Works, available at HowStuffWorks http://computer.howstuffworks.com/encryption.htm (last visited April 7, 2008)..

[13] Encryption, available at Webopedia http://isp.webopedia.com/TERM/E/encryption.html (last visited March 30, 2008)..

[14] Encryption, available at Wikipedia http://en.wikipedia.org/wiki/Encryption (last visited April 7, 2008)..

[15] Id.

[16] Id.

[17] Cryptanalysis, available at Wikipedia http://en.wikipedia.org/wiki/Cryptanalysis (last visited April 7, 2008)..

[18] Id.

[19] Cyrus Peikari & Seth Fogie, Security Reference Guide: Encryption Strength, available at InformIT http://www.informit.com/guides/content.aspx?g=security&seqNum=134 (last visited April 7, 2008)..

[20] Id.

[21] Id.

[22] Id.

[23] 40-bit Crypto Proves No Problem, CNet News, January 31, 1997, available at http://www.news.com/2100-1017-266268.html.

[24] Exponential Growth, available at Wikipedia http://en.wikipedia.org/wiki/Exponential_growth (last visited April 7, 2008)..

[25] Id.

[26] Key Strengthening, available at Wikipedia http://en.wikipedia.org/wiki/Key_strengthening (last visited April 7, 2008)..

[27] SecureTrust Cryptography History, available at SecureTrust https://www.securetrust.com/historyofcryptography/history/ (last visited April 7, 2008).

[28] Id.

[29] Id.

[30] Atbash, available at Wikipedia http://en.wikipedia.org/wiki/Atbash (last visited April 7, 2008).

[31] Id.

[32] Suetonius, The Lives of the Caesars, The Deified Julius (110)

[33] Id.

[34] Caesar Cipher, available at Wikipedia http://en.wikipedia.org/wiki/Caesar_cipher (last visited April 7, 2008).

[35] Id.

[36] A substitution cipher is any encryption algorithm which replaces units of unencrypted text with units of encrypted text.  In other words, by constructing a simple table, any single encrypted character can represent any unencrypted character with no apparent pattern other than the fact that a single character cannot represent more than one character.  Substitution Cipher, available at Wikipedia http://en.wikipedia.org/wiki/Substitution_cipher (last visited April 7, 2008).

[37] SecureTrust Cryptography History, available at SecureTrust https://www.securetrust.com/historyofcryptography/history/ (last visited April 7, 2008).

[38] Id.

[39] Frequency Analysis, available at Wikipedia http://en.wikipedia.org/wiki/Frequency_analysis (last visited April 7, 2008).

[40] SecureTrust Cryptography History, available at SecureTrust https://www.securetrust.com/historyofcryptography/history/ (last visited April 7, 2008).

[41] Id.

[42] Babington Plot, available at Wikipedia http://en.wikipedia.org/wiki/Babington_plot (last visited April 7, 2008).

[43] Id.

[44] Id.

[45] History of Cryptography, available at Wikipedia http://en.wikipedia.org/wiki/History_of_cryptography (last visited April 7, 2008).

[46] Auguste Kerckhoffs, available at Wikipedia http://en.wikipedia.org/wiki/Auguste_Kerckhoffs (last visited April 7, 2008).

[47] Id.

[48] History of Cryptography, available at Wikipedia http://en.wikipedia.org/wiki/History_of_cryptography (last visited April 7, 2008).

[49] Id.

[50] Id.

[51] Id.

[52] Id.

[53] Id.

[54] Claude Shannon, Father of Information Theory, Dies at 84, available at Bell-Labs.com http://www.bell-labs.com/news/2001/february/26/1.html (last visited April 7, 2008).

[55] History of Cryptography, available at Wikipedia http://en.wikipedia.org/wiki/History_of_cryptography (last visited April 7, 2008).

[56] Bruce Schneier, Crypto-Gram Newsletter, Schneier.com, June 15, 2000, available at http://www.schneier.com/crypto-gram-0006.html.

[57] Id.

[58] Id.

[59] Data Encryption Standard, available at Wikipedia http://en.wikipedia.org/wiki/Data_Encryption_Standard (last visited April 7, 2008).

[60] Bruce Schneier, Crypto-Gram Newsletter, BruceSchneier.com, June 15, 2000, available at http://www.schneier.com/crypto-gram-0006.html.

[61] Data Encryption Standard, available at Wikipedia http://en.wikipedia.org/wiki/Data_Encryption_Standard (last visited April 7, 2008).

[62] A brute-force attack is one that attempts to guess the encryption key by guessing every single possible combination of bits until the correct one is chosen.  Brute Force Attack, available at Wikipedia http://en.wikipedia.org/wiki/Brute_force_attack (last visited April 7, 2008).

[63] Bruce Schneier, Crypto-Gram Newsletter, BruceSchneier.com, June 15, 2000, available at http://www.schneier.com/crypto-gram-0006.html.

[64] Id.

[65] Id.

[66] History of Cryptography, available at Wikipedia http://en.wikipedia.org/wiki/History_of_cryptography (last visited April 7, 2008).

[67] Id.

[68] Id.

[69] What is Diffie-Hellman?, available at Rsa Laboratories http://www.rsa.com/rsalabs/node.asp?id=2248 (last visited April 7, 2008).

[70] Id.

[71] Id.

[72] History of Cryptography, available at Wikipedia http://en.wikipedia.org/wiki/History_of_cryptography (last visited April 7, 2008).

[73] Id.

[74] Marshall Brain, How Encryption Works, available at HowStuffWOrks http://computer.howstuffworks.com/encryption.htm (last visited April 7, 2008).

[75] Id.

[76] Id.

[77] Jeffery L. Vagle, Securing Web Services: PKI Basics, Linux.com, available at http://www.linux.com/articles/37792 (last visited April 7, 2008).

[78] Id.

[79] Id.

[80] A digital certificate is an electronic document that allows a user to verify that a public key is actually associated with a given partner.  This prevents a third user from acting as an intermediary between the two and secretly recording the message.  Digital Certificates, available at Wikipedia http://en.wikipedia.org/wiki/Digital_certificates (last visited April 7, 2008).

[81] RSA, available at Wikipedia http://en.wikipedia.org/wiki/RSA (last visited April 7, 2008).

[82] Id.

[83] Id.

[84] Id.

[85] Id

[86] Id.

[87] Id.

[88] Advanced Encryption Standard, available at Wikipedia http://en.wikipedia.org/wiki/Advanced_Encryption_Standard (last visited April 7, 2008).

[89] Id.

[90] Id.

[91] National Policy on the Use of Advanced Encryption System (AES) to Protect National Security Systems and National Security Information, Committee on National Security Systems, June 2003, available at http://www.cnss.gov/Assets/pdf/cnssp_15_fs.pdf.

[92] Id.

[93] Advanced Encryption Standard, available at Wikipedia http://en.wikipedia.org/wiki/Advanced_Encryption_Standard (last visited April 7, 2008).

[94] Id.

[95] Hybrid Cryptosystem, available at Wikipedia http://en.wikipedia.org/wiki/Hybrid_encryption (last visited April 7, 2008).

[96] Id.

[97] Id.

[98] Secure Sockets Layer, available at Wikipedia http://en.wikipedia.org/wiki/Secure_Sockets_Layer (last visited April 7, 2008).

[99] Id.

[100] Id.

[101] Id.

[102] Id.

[103] National Policy on the Use of Advanced Encryption System (AES) to Protect National Security Systems and National Security Information, Committee on National Security Systems, June 2003, available at http://www.cnss.gov/Assets/pdf/cnssp_15_fs.pdf.

[104] Why Use Encryption?, available at ITWorld http://www.itworld.com/nl/unix_sec/01242002/ (last visited April 7, 2008).

[105] What is Diffie-Hellman?, available at Rsa Laboratories http://www.rsa.com/rsalabs/node.asp?id=2248 (last visited April 7, 2008).

[106] Johnny Papa, Secure Sockets Layer: Protect Your E-Commerce Web Site with SSL and Digital Certificates, available at MSDN http://msdn2.microsoft.com/en-us/magazine/cc301946.aspx (last visited April 7, 2008).

[107] Telecommunication is the process of working of home by means of an electronic connection (usually the internet) with a central office.  Telecommuting, available at Meriam-Webster http://www.merriam-webster.com/dictionary/telecommuting (last visited April 7, 2008).

[108] A virtual private network is "a private network that uses a public network to connect remote sites or users together."  Marshall Brain, How Virtual Private Networks Work, available at How StuffWorks http://computer.howstuffworks.com/vpn.htm (last visited April 7, 2008).

[109] Joel Durbin, Telecommuting Security: Protecting Sensitive Data Inside and Out, available at Information Security Magazine http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1208738,00.html (last visited April 7, 2008).

[110] Shannon Gaudin, Seagate Targets Data Theft with Encrypted Hard Drive, InformationWeek, September 6, 2007, available at http://www.informationweek.com/news/hardware/desktop/showArticle.jhtml;jsessionid=4OFVKYU00LC0AQSNDLPSKHSCJUNN2JVN?articleID=201804500&_requestid=470897.

[111] RSA, available at Wikipedia http://en.wikipedia.org/wiki/RSA (last visited April 7, 2008).

[112] Why Use Encryption?, available at ITWorld http://www.itworld.com/nl/unix_sec/01242002/ (last visited April 7, 2008).

[113] Id.

[114] History of Cryptography, available at Wikipedia http://en.wikipedia.org/wiki/History_of_cryptography (last visited April 7, 2008).

[115] Paul McDougall, Sun, IBM Offer Technology to Protect Customer Data, InformationWeek, September 18, 2006, available at http://www.informationweek.com/news/security/cybercrime/showArticle.jhtml;jsessionid=DK34PPMC0CVJWQSNDLPSKHSCJUNN2JVN?articleID=193001148&_requestid=480870.

[116] Deborah Pierce, Weak Arguments Against Strong Encryption, Seattle Press, October 11, 2001, available at http://archive.seattlepressonline.com/article-9276.html.

[117] Jaikumar Vijayan, TJX Data Breach: At 45.6M Card Numbers, It's the Biggest Ever, BusinessWeek, March 29, 2007, available at http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9014782.

[118] Phillip Britt, The Encryption Code, Information Today, March 2006, available at http://www.infotoday.com/it/mar06/Britt.shtml.

[119] Id.

[120] Seymour Bosworth & Michel E. Kabay, Computer Security Handbook (2002).

[121] Allen Cohen, Computers Hard to Use?, NYTimes, May 30, 1998, available at http://query.nytimes.com/gst/fullpage.html?res=9807E3DE103BF937A35755C0A96E958260.

[122] Secure Sockets Layer, available at Wikipedia http://en.wikipedia.org/wiki/Secure_Sockets_Layer (last visited April 7, 2008).

[123] NetNanny, http://www.netnanny.com/ (last visited April 7, 2008).

[124] Why Use Encryption?, available at ITWorld http://www.itworld.com/nl/unix_sec/01242002/ (last visited April 7, 2008).

[125] Electronic Frontier Foundation, www.eff.org (last visited April 7, 2008).

[126] American Civil Liberties Union, www.aclu.org (last visited April 7, 2008).

[127] RSA, available at Wikipedia http://en.wikipedia.org/wiki/RSA (last visited April 7, 2008).

[128] Privacy, available at United States State department http://usinfo.state.gov/products/pubs/rightsof/privacy.htm (last visited April 7, 2008).

[129] Brian Bergstein, Encryption Allows for Security and Privacy, MSNBC, June 18, 2006, available at http://www.msnbc.msn.com/id/13351116/.

[130] Louis J. Freeh, On War and Terrorism, available at http://www.9-11commission.gov/hearings/hearing10/freeh_statement.pdf (last visited April 7, 2008).

[131] Id.

[132] Id.

[133] Id.

[134] Deborah Pierce, Weak Arguments Against Strong Encryption, Seattle Press, October 11, 2001, available at http://archive.seattlepressonline.com/article-9276.html.

[135] Export of Cryptography, available at Wikipedia http://en.wikipedia.org/wiki/Export_of_cryptography (last visited April 7, 2008).

[136] Id.

[137] Id.

[138] Id.

[139] Id.

[140] Phil Zimmerman, Why I Wrote PGP, available at http://www.philzimmermann.com/EN/essays/index.html.

[141] Pretty Good Privacy, available at Wikipedia http://en.wikipedia.org/wiki/Pretty_Good_Privacy (last visited April 7, 2008).

[142] Id.

[143] Id.

[144] Id.

[145] Bernstein v. United States Dept. of Justice, 192 F.3d 1308 (9th Cir. 1999).

[146] Pretty Good Privacy, available at Wikipedia http://en.wikipedia.org/wiki/Pretty_Good_Privacy (last visited April 7, 2008).

[147] Id.

[148] Id.

[149] Export of Cryptography, available at Wikipedia http://en.wikipedia.org/wiki/Export_of_cryptography (last visited April 7, 2008).

[150] Id.

[151] Id.

[152] Id.

[153] id.

[154] Web Browser History, available at http://www.livinginternet.com/w/wi_browse.htm (last visited April 7, 2008).

[155] Export of Cryptography, available at Wikipedia http://en.wikipedia.org/wiki/Export_of_cryptography (last visited April 7, 2008).

[156] Id.

[157] Commercial Encryption Export Controls, available at US Department of Commerce http://www.bis.doc.gov/encryption/default.htm (last visited April 7, 2008).

[158] U.S. Encryption Policy, available at Center for Democracy and Technology http://www.cdt.org/crypto/admin/ (last visited April 7, 2008).

[159] Id.

[160] Id.

[161] Id.

[162] Johnny Papa, Secure Sockets Layer: Protect Your E-Commerce Web Site with SSL and Digital Certificates, available at MSDN http://msdn2.microsoft.com/en-us/magazine/cc301946.aspx (last visited April 7, 2008).

[163] Deborah Pierce, Weak Arguments Against Strong Encryption, Seattle Press, October 11, 2001, available at http://archive.seattlepressonline.com/article-9276.html.

[164] Id.

[165] Thomas Fridman, The World Is Flat: A Brief History of  the Twenty-First Century (2005).

[166] Jack Kelley, Terror Groups Hide Behind Web Encryption, USA Today, February 5, 2001, available at http://www.usatoday.com/tech/news/2001-02-05-binladen.htm.

[167] Louis J. Freeh, On War and Terrorism, available at http://www.9-11commission.gov/hearings/hearing10/freeh_statement.pdf (last visited April 7, 2008).

[168] Deborah Pierce, Weak Arguments Against Strong Encryption, Seattle Press, October 11, 2001, available at http://archive.seattlepressonline.com/article-9276.html.

[169] Id.

[170] Id.

[171] Id.

[172] Id.

[173] Id.

[174] Id.

[175] The Clipper Chip, available at Electronic Privacy Information Center http://epic.org/crypto/clipper/ (last visited April 7, 2008).

[176] Bernstein v. United States Dept. of Justice, 192 F.3d 1308 (9th Cir. 1999).

[177] Pretty Good Privacy, available at Wikipedia http://en.wikipedia.org/wiki/Pretty_Good_Privacy (last visited April 7, 2008).

[178] Accessory (Legal Term), available at Wikipedia http://en.wikipedia.org/wiki/Accessory_%28legal_term%29 (last visited April 7, 2008).

[179] Antiterrorism and Effective Death Penalty Act of 1996 18 U.S.C § 2339B.

[180] Louis J. Freeh, On War and Terrorism, available at http://www.9-11commission.gov/hearings/hearing10/freeh_statement.pdf (last visited April 7, 2008).

[181] Secure Sockets Layer, available at Wikipedia http://en.wikipedia.org/wiki/Secure_Sockets_Layer (last visited April 7, 2008).

[182] Louis J. Freeh, On War and Terrorism, available at http://www.9-11commission.gov/hearings/hearing10/freeh_statement.pdf (last visited April 7, 2008).

[183] Ellen Nakashima, In Child Porn Case, a Digital Dilemma, Washington Post, January 16, 2008, available at http://www.washingtonpost.com/wp-dyn/content/article/2008/01/15/AR2008011503663.html.

[184] Id.

[185] Id.

[186] Id.

[187] Id.

[188] Id.

[189] Id.

[190] Id.

[191] Id.

[192] Id.

[193] More Boucher Coverage, available at http://volokh.com/posts/1200466965.shtml (last visited April 7, 2008).

[194] Id.

[195] Id.

[196] Id.

[197] Id.

[198] Id.

[199] Pretty Good Privacy, available at Wikipedia http://en.wikipedia.org/wiki/Pretty_Good_Privacy (last visited April 7, 2008).

[200] Id.

[201] Id.

[202] Law Requiring Disclosure of Decryption Keys in Force, Outlaw, February 10, 2007, http://www.out-law.com/page-8515.

[203] Id.

[204] John Leyden, Animal Rights Activist Hit with RIPA Key Decrypt Demand, The Register, November 14, 2007, available at http://www.theregister.co.uk/2007/11/14/ripa_encryption_key_notice/.

[205] John Doe v. United States, 487 U.S. 201, 220 (1988).

[206] Id.

[207] Id.

[208] Id.

[209] Kastigar v. United States, 406 U.S. 441, 445 (1972).

[210] Ellen Nakashima, In Child Porn Case, a Digital Dilemma, Washington Post, January 16, 2008, available at http://www.washingtonpost.com/wp-dyn/content/article/2008/01/15/AR2008011503663.html.

[211] John Leyden, Animal Rights Activist Hit with RIPA Key Decrypt Demand, The Register, November 14, 2007, available at http://www.theregister.co.uk/2007/11/14/ripa_encryption_key_notice/.

[212] Kastigar v. United States, 406 U.S. 441, 445 (1972).

Menu

 

** Content contributions are requested from the technology and legal community. **   (Please create a login; it helps limit our spam.)   

Don't know HTML?  Add content using our  WYSIWYG  editing interface

home 

technology policy

technology law

technoculture and technology business 

technology theory and human development 

BIBLIOGRAPHY

about technopolity

Please note that nothing on this website should be construed as legal advice, and by using this website, you agree to our Content Waiver.   We do our best to provide correct content, but we cannot actively monitor this website or promise this website will be error-free; please help us by correcting our content or letting us know of errors or other content issues on this site.

  

 

Site

Changes
Index
Search

 

User

 

Log In

 
 

Last Modified 5/22/08 2:59 PM