Strong encryption

Jordon Bedwell jordon at envygeeks.com
Tue Jan 25 11:22:26 UTC 2011 

On 1/24/2011 10:26 PM, Basil Chupin wrote:
> On 25/01/2011 10:08, Robert Holtzman wrote:
>> On Sun, Jan 23, 2011 at 04:11:51PM -0700, Doug Robinson wrote:
>>> Does anybody have a feel for the problems associated with
>>> distributing software that employs Strong Encryption.
>>>
>>> I have looked around and there is a number of good things
>>> out there but I wonder if the US Feds are still throwing
>>> hissie fits every time this stuff appears in public?
>> They probably are but since Phil Zimmermann, the creator of PGP,
>> beat them in court I don't think you have too much to worry about.
>> Someone correct me if I'm wrong.
>>
>> Note: I am *not* a lawyer and the above is *not* legal advice.
>
> There was an article recently about a person who was placed in jail 
> for contempt of court because he refused to provide the "authorities" 
> his encryption key to the data on his computer. I cannot remember in 
> which country this occurred whether it was USA, or Australia, or 
> Britain :-( . (I *think* that the article was on BBC Online but I am 
> not sure.)
>
> But in the same article it came out that, say, in the USA you MUST 
> provide your encryption key on demand by "the spooks" if they feel 
> that you are being 'naughty' and trying to act like a 'terrorist' (and 
> of course all Americans it seems are 'terrorists' as they are under 
> surveillance by at least 3 'spook' organisations :-) ).
>
> BC
>

The "spooks" would not ask you for your encryption key because the 
spooks job is to find a way to get it. The spooks are the CIA and 
partially the NSA.  They are not in the business of asking questions and 
taking names like the FBI, they are in the business of kicking ass first 
and asking questions later (not really) and mostly counting wins.  They 
are called "spooks" for a reason, and given most people know what the 
CIA and NSA is and how good they are you can only guess why they are 
called that.  The CIA and NSA will either have it, try to find a way to 
get it or create a way to undeniably get it; they won't come and ask you 
for it.  They wouldn't even charge you with anything, they are not 
police they are intelligence agencies.  The FBI or DHS and other such 
agencies like ICE are not spooks.
*
*There is no law in the United States that requires the disclosure of 
any encryption key and probably never will be as it would violate a god 
given right.**

*/*In the Unites States you cannot be punished for refusing to hand over 
encryption keys because you have the right to blindly deny any such 
reasonable warrant under the 5th Amendment.*/*  This is supported by the 
supreme court in the case: United States vs. Boucher 
(http://en.wikipedia.org/wiki/United_States_v._Boucher).  A judge cannot 
punish you or rule against your right to plea the 5th as there is no 
reasonable proof that you have given the key to anybody else or that the 
encrypted information would not further and/or aid in incriminating 
you.  You have the right against self-incrimination and you also have 
the right to request a grand jury be convened in the case and if they 
fail to support you then you still use your 5th Amendment right.  In the 
United States you truly, lawfully, undoubtedly, undeniably, unrefutably, 
unalterably have the right to remain silent.  This is a guaranteed right 
under the Constitution of the United States unlike other countries where 
they are simply laws.

There are exceptions to 5th amendment rights though (and only the 
supreme court, the supreme justice of the land, the only people with 
more power than the president can truly decide this), like stated 
before: giving the key to somebody else and a court being able to 
reasonable prove they (the 3rd party) know it, the court could force 
said person to give the key and even punish them for not handing it over 
if they can reasonably prove it would not incriminate them which again 
they couldn't because it's a blind 5th amendment claim. In large cases 
the prosecutors will most likely just hand out a blind immunity to the 
3rd party.  There was a case recently involving the 5th amendment that 
the supreme court ruled did not apply.  The guy tried to plea the 5th on 
IRS documents stating that it would be self-incrimination, it was ruled 
that he could not use that right since he submitted the documents to the 
IRS in the first place.  This is obviously not the case of encryption 
since it well...defeats the entire purpose of encryption in the first place.

The case you are speaking about was in the UK though where, if I recall 
right, the right to remain silent is simply a law.  It involved a 19 
year old boy if I remember right.

You guys also need to clearly define your context, some of the contexts 
(like the PGP case) are irrelevant IMO to what the OP is actually asking 
because it's an entirely different context of export there are no real 
set of given variables or anything of the sort that help us help the OP, 
this is nothing more than a case full of competing contexts that 
conflict and confuse people who are trying to clearly learn from a 
situation and gather some real R&D.

A little bit of twisting for you Basil since you think America is worse 
than Australia: The Cybercrime Act 2001 No. 161, Items 12 and 28 grant 
police with a magistrate's order the wide-ranging power to require "a 
specified person to provide any information or assistance that is 
reasonable and necessary to allow the officer to" access computer data 
that is "evidential material"; this is understood to include mandatory 
decryption. Failing to comply carries a penalty of 6 months 
imprisonment.  Lets not even bring up the great Australian firewall.  
Intriguing.

*I'm not lawyer, I just research a lot*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20110125/e39e6159/attachment.html>

More information about the ubuntu-users mailing list