Yottabytes: Storage and Disaster Recovery

May 13 2017   11:40PM GMT

Another Judge Rules on Smartphone Encryption

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

Tags:
Encryption
Security
smartphone

Courts are still trying to decide if law enforcement can make you unlock your smartphone, with some ruling one way and some ruling the other. In the most recent case, they ruled that you have to. And, for once, it wasn’t a case involving child pornography or terrorism.

As you may recall, the whole issue boils down to how a device is encrypted. Traditionally, courts have ruled that you can be compelled to give up something you have, such as your fingerprint, which is used to encrypt your phone, but you cannot be compelled to give up something you know, such as a password. That’s because simply admitting you have the correct password on a particular encrypted phone or other storage device could be considered self-incrimination.

In this particular case, Hencha Voigt and co-defendant Wesley Victor were accused of threatening to release sex videos stolen from a phone belonging to a Miami socialite known as YesJulz, writes David Ovalle in the Miami Herald. After the phone was stolen, YesJulz received a series of text messages demanding money. After consulting with police, YesJulz set up a fake meeting with the extortionists, and the two were arrested. At the time, they had four phones with them, the contents of which prosecutors want to examine, he continues.

What makes this case unusual is that there is actually settled case law about it in Florida. A December appeals court decision allowed police in Sarasota to force a suspected voyeur, allegedly caught at a mall trying to take photos up women’s skirts, to give up his iPhone pass code, Ovalle writes. The judge who ruled on the Voigt case had to follow that precedent, he said.

Attorneys for the two contend that law enforcement is asking for the passcode so it can go on a fishing expedition, writes Eric Levenson for CNN. “They’re asking for the passcode so they can keep on searching what’s on the phone — which may be incriminating my client — and then use that against her,” Kertch Conze, Voigt’s attorney, told CNN, he writes. Technically, though, that isn’t allowed – law enforcement needs to have a reasonable suspicion that the information they’re looking for is on the encrypted device, Levenson explains.

The judge, Miami-Dade Circuit Judge Charles Johnson, explicitly referred to the thing-you-have-vs.-thing-you-know debate by saying that for him, turning over a password is like turning over a key to a safety deposit box – in other words, a thing you have, which you can be forced to surrender, rather than a thing you know, according to the BBC.

Attorneys for the defendants may have telegraphed their strategy going forward by noting that they would need to talk to the clients to see whether they remembered the passcode. On the other hand, in another case, last year one U.S. defendant was arrested for claiming not to remember the password to an encrypted device, and other defendants have been jailed in the UK.

Meanwhile, the case law on either side of the argument keeps piling up, meaning that, eventually, the whole thing is liable to end up in the lap of the Supreme Court – especially now that we have a full complement of Supreme Court judges, meaning that whatever they decide can be used as a precedent in the future. “No question in my mind that the U.S. Supreme Court will need to decide the issue eventually,” Mark Rumold, a lawyer with the Electronic Frontier Foundation, told Ovalle. “To me, it’s not so much a question of if, but when.”

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: