topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 10:43 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: File Encryption - now effectively outlawed in the US?  (Read 11365 times)

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
File Encryption - now effectively outlawed in the US?
« on: March 28, 2017, 10:42 PM »
Disturbing report from Falkvinge.net:
With shock appeals ruling, the United States has effectively outlawed file encryption
(Copied below sans embedded hyperlinks/images.)
With shock appeals ruling, the United States has effectively outlawed file encryption

PRIVACY  UNITED STATES   POSTED ON MARCH 28, 2017 • UPDATED MARCH 21, 2017 • BY RICK FALKVINGE 68  3
 Digital key

An appeals court has denied the appeal of a person who is jailed indefinitely for refusing to decrypt files. The man has not been charged with anything, but was ordered to hand over the unencrypted contents on police assertion of what the contents were. When this can result in lifetime imprisonment under “contempt of court”, the United States has effectively outlawed file-level encryption – without even going through Congress.

Last week, a US Appeals Court ruled against the person now detained for almost 18 months for refusing to decrypt a hard drive. The man has not been charged with anything, but authorities assert that the drive contains child pornography, and they want to charge him for it. As this is a toxic subject that easily spins off into threads of its own, for the sake of argument here and for sticking to the 10,000-foot principles, let’s say the authorities instead claim there are documents showing tax evasion on the drive. The principles would be the same.

Authorities are justifying the continued detention of this person – this uncharged person – with two arguments that are seemingly contradictory: First, they say they already know in detail what documents are on the drive, so the person’s guilt is a “foregone conclusion”, and second, they refuse to charge him until they have said documents decrypted. This does not make sense: either they have enough evidence to charge, in which case they should, or they don’t have enough evidence, in which case there’s also not enough evidence to claim with this kind of certainty there are illegal documents on the drive.

In any case, this loss in the Appeals Court effectively means that file- and volume-level encryption is now illegal in the United States.

Without going through Congress, without public debate, without anything, the fuzzy “contempt of court” has been used to outlaw encryption of files. When authorities can jail you indefinitely – indefinitely! – for encrypting files out of their reach, the net effect of this is that file level encryption has been outlawed.

So were there illegal documents on the drive? We don’t know. That’s the whole point. But we do know that you can be sent to prison on a mere assertion of what’s on your drive, without even a charge – effectively for life, even worse than the UK law which will jail you for up to five years for refusing to decrypt and which at least has some semblance of due process.

The point here isn’t that the man “was probably a monster”. The point is that the authorities claimed that there was something on his encrypted drive, and used that assertion as justification to send him to prison for life (unless he complies), with no charges filed. There’s absolutely nothing saying the same US authorities won’t claim the same thing about your drive tomorrow. Falsely, most likely. The point is that, with this ruling, it doesn’t matter.

Syndicated Article
This article has previously appeared at Private Internet Access.

It looks like the report might be correct. File encryption has effectively been outlawed - just like that.
I didn't think that a judicial system could do that.

panzer

  • Participant
  • Joined in 2008
  • *
  • default avatar
  • Posts: 941
    • View Profile
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #1 on: March 30, 2017, 07:36 AM »

panzer

  • Participant
  • Joined in 2008
  • *
  • default avatar
  • Posts: 941
    • View Profile
    • Donate to Member

c.gingerich

  • Supporting Member
  • Joined in 2011
  • **
  • Posts: 748
    • View Profile
    • The Blind House
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #3 on: March 31, 2017, 08:56 AM »
I think I am going to have to start making file encryption apps.  8)

y2kusuma

  • Supporting Member
  • Joined in 2011
  • **
  • Posts: 28
    • View Profile
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #4 on: April 01, 2017, 11:06 PM »
I think I am going to have to start making file encryption apps.  8)

How can we be sure that components/libraries/tools we use don't have backdoors?

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,747
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #5 on: April 02, 2017, 12:23 AM »
I think I am going to have to start making file encryption apps.  8)

How can we be sure that components/libraries/tools we use don't have backdoors?

You can't. But using open source standards (read: tools, libraries, and tools) should help alleviate those concerns.

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,186
    • View Profile
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #6 on: April 02, 2017, 07:54 AM »
I think I am going to have to start making file encryption apps.  8)

How can we be sure that components/libraries/tools we use don't have backdoors?

You can't. But using open source standards (read: tools, libraries, and tools) should help alleviate those concerns.


What seems to be missing is that it's not the tools, it's the laws.  If you have a tool without any backdoors or defects in security, if they can make you face indefinite detention if you don't decrypt it, your choices are limited.

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,747
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #7 on: April 02, 2017, 11:25 AM »
Not only that, but it seems the FBI can arrest and charge you for hacking even if you never hacked anybody:

http://www.thedailyb...o-hacked-no-one.html

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,186
    • View Profile
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #8 on: April 02, 2017, 02:40 PM »
Not only that, but it seems the FBI can arrest and charge you for hacking even if you never hacked anybody:

http://www.thedailyb...o-hacked-no-one.html


That is insane!  And chilling in the same way that the ruling against Blurred Lines is.  Just like there are only so many combinations of notes and it's very likely that one song is going to sound remotely like something else, and it's possible that it could sound very close to something else, it's possible, no matter how innocuous the software, that there will be some way someone with a will and a way is going to turn it negative.

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #9 on: April 03, 2017, 09:10 AM »
Not only that, but it seems the FBI can arrest and charge you for hacking even if you never hacked anybody:

http://www.thedailyb...o-hacked-no-one.html

That is as ridiculous as holding the CEO of the Post cereal company responsible, if someone goes out and buys a box of Grape Nuts cereal, pours it into a sock, and beats someone to death with it. (aka a cereal killer)

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,186
    • View Profile
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #10 on: April 03, 2017, 11:14 AM »
(aka a cereal killer)

Are you trying to take cranioscopical's place?

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #11 on: April 03, 2017, 11:33 AM »
(aka a cereal killer)

Are you trying to take cranioscopical's place?

Impossible! Nobody can do that. Not even worth trying. Besides, I don't want a rotten turkey sandwich on my profile. :P

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #12 on: April 03, 2017, 08:55 PM »
Regarding the matter of what alternatives there might be to addressing some of the potential problems/issues raised in the context of this discussion thread, this might be helpful/useful - I resurrected the old discussion thread: Re: FrogTea - strong encryption in an age when encryption may become illegal

04_300x242_BB6C25D1.png

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #13 on: April 03, 2017, 10:46 PM »
Don't use FrogTea - I've posted some reasons in the other thread.

What on earth is it supposed to help with, anyway? You're suggesting a product that's technically inferior to modern crypto, while not solving the issue at hand which is a politics based one.
- carpe noctem

IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #14 on: April 04, 2017, 12:32 AM »
@fodder:
Don't use FrogTea - I've posted some reasons in the other thread.
What on earth is it supposed to help with, anyway? You're suggesting a product that's technically inferior to modern crypto, while not solving the issue at hand which is a politics based one.
__________________

As I commented on that other thread:
Oh, so its apparently not of much use then? I had not known that.

Where you write:
...What on earth is it supposed to help with, anyway? etc. ...
________________________

...I don't quite follow.
I'll have to take your word for it that it's apparently broken/of no use, or something, though I gather that the experience of others more experienced and knowledgeable than I, who have used this technology, is that it does have some definite use and has had use for some considerable time - e.g., for holding such things as bank account details, passwords, registration keys and other confidential data that they might wish to share/sync securely between devices and/or with other people.
However, that is their reported experience and as I have never used the technology, I couldn't possibly comment.

You also seem to have been expecting me to be addressing specific issues or providing technological solutions to what seem to be legal/political problems in this discussion thread (which I started), and ask what use could it be and how might it help address the issues in this thread.

Well, of course I was not intentionally attempting to address specific issues or provide technological solutions to what seem to be legal/political problems, and I don't think I could even if I had intended to.
It would thus be a digression to do that - that is, to start a discussion about technology/products like FrogTea in this thread - and thus I had no intention of introducing such a digression, which is why I wrote (above): (the important bit is emphasised by me)
Regarding the matter of what alternatives there might be to addressing some of the potential problems/issues raised in the context of this discussion thread, this might be helpful/useful
_____________________
...and in the FrogTea discussion, I obliquely referred to the potential illegality of such technology in some (unspecified) countries.
The last thing I would wish to do is recommend that forum members should unwittingly use what, for them, could be an illegal technology. They might get arrested for it. Indeed I might too, if I had (say) recommended it to them, or incited them to use it in contravention of a local law.
Eggshells all over the place.

So you can probably see that keeping the discussion on FrogTea separate was very much about maintaining relevance and context in this thread and not wishing to interrupt the discussion with a digression, other than to say ..."By the way, this also might be interesting information in this context...".

Having said that, I would add that I don't wish to seem rude or abrupt, but could I thus suggest that you try to contribute to the discussion in this thread?
I feel sure that we forum readers could all potentially benefit from what you might be able to usefully and constructively offer on the matters in this context. I mean, it is a discussion, after all, and anybody's input is potentially golden.

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,186
    • View Profile
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #15 on: April 04, 2017, 10:15 AM »
This is a political problem.  Technology won't solve it.  I recall the old comic that showed a technical person making the supposedly un-crackable algorithm.  And the people in black suits using a $5 wrench to beat the encryption codes out of him.  Seems like the same analogy works in this case.  If they can suspend habeas corpus and detain someone indefinitely until they give the keys, no amount of technology is going to get around that.

Seems pretty straightforward to me, and f0dder's argument a straightforward demonstration of that.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #16 on: April 04, 2017, 12:05 PM »
IainB, I'm going to cut your prose short.

You revived the other thread, so that's where I posted objective reasons to avoid the product.

This thread is about a political issue, and thus this thread is where I ask why you're trying to solve a political problem with a (bad) technological solution.

Also...
security.png
- carpe noctem

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,186
    • View Profile
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #17 on: April 04, 2017, 12:40 PM »
^ That's the comic I was referring to!  ;D

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #18 on: April 04, 2017, 07:37 PM »
Not only that, but it seems the FBI can arrest and charge you for hacking even if you never hacked anybody:

http://www.thedailyb...o-hacked-no-one.html

Got news... Under existing US laws, you already may be arrested and held indefinitely - without trial or charges, and at the discretion of the executive - if you are deemed a threat to US national security. The determination is solely that of the executive and applies (according to the wording of the law) to any person of any nation, anywhere in the world, and at any time. And such action is not subject to any form of judicial review or oversight in any real sense of either word.

Maybe someday the people will finally wake up and realize they're no longer living in the nation or world they think they are.  :huh:

mwb1100

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,645
    • View Profile
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #19 on: April 04, 2017, 07:47 PM »
^ That's the comic I was referring to!

That reminds me of when I bought a safe and at one point I had a bit of a lapse and asked the salesman, "What do I do if someone's robbing me, points a gun at me and tells me to open the safe?".

The salesman gave me a stare and said, "Open the safe!"


IainB

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 7,540
  • @Slartibartfarst
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: File Encryption - now effectively outlawed in the US?
« Reply #20 on: April 05, 2017, 01:49 AM »
@f0dder
...This thread is about a political issue...
_______________________

Is it? Is that all it is? To be frank, I'm not sure what the heck it is.
I must admit, when I started this thread it was merely to describe a disturbing report:
Disturbing report from Falkvinge.net:
With shock appeals ruling, the United States has effectively outlawed file encryption
(Copied below sans embedded hyperlinks/images.) ...
________________________________

I didn't really know what to make of it.
To me, it seemed to be a legal issue where a US appeals court had apparently, by overturning a prior judgement, effectively outlawed file encryption by default.

I'm ignorant of US judicial processes, but from the report it seemed as though the appeals court had thereby stepped outside of their boundaries to make some kind of a new law - though lawmaking is not within the bailiwick of an appeals court.

As I wrote:
It looks like the report might be correct. File encryption has effectively been outlawed - just like that.
I didn't think that a judicial system could do that.

 - and that's the really worrying thing about this.

The thing is, if this decision/law sticks and does not itself get overturned, then not just Americans but people in other nations may find themselves to be affected by such a law, There could be potentially huge ramifications/consequences.
It's not a good look at all. It reeks of creeping statism.

This creep seems to have been going on for years, and it's not as though things aren't bad enough in that regard already, as @40hz puts it (above):
Got news... Under existing US laws, you already may be arrested and held indefinitely - without trial or charges, and at the discretion of the executive - if you are deemed a threat to US national security. The determination is solely that of the executive and applies (according to the wording of the law) to any person of any nation, anywhere in the world, and at any time. And such action is not subject to any form of judicial review or oversight in any real sense of either word.
__________________________

If one tried to respond to the situation as @c.gingerich put it:
I think I am going to have to start making file encryption apps.  8)
- then one may well discover that one risked being arrested for doing something illegal, or for inciting others to do something illegal, and it would be a federal offence. One could be putting a noose around one's neck. So that's not likely to help.

As the noose inevitably tightens, it may well be that the only recourse one has left is to impotently and passively rail against the state or its cruel laws, or impotently and passively make seemingly clever jokes and cartoon jokes about the very real predicament that citizens have been placed in by such laws. Which would be no recourse at all, of course, though at least in the latter case one could perhaps die with a smile on one's face, but by then that would probably have become a smile of happy release. The key word in all of this is probably the word "passively", as one well-known American thinker put it some time ago:
New pressures are causing ever more people to find their main satisfaction in their consumptive role rather than in their productive role. And these pressures are bringing forward such traits as pleasure-mindedness, self-indulgence, materialism, and passivity as conspicuous elements of the American character.
 -- Vance Packard
__________________________
He might have said that, but, not being an American, I couldn't possibly comment.
__________________________________________
"As lambs to the slaughter." - (Isaiah, Jeremiah)
« Last Edit: April 05, 2017, 01:58 AM by IainB »