Silk Road forums
Discussion => Security => Topic started by: Bungee54 on September 13, 2012, 01:44 pm
-
**Clearnet Link->*** http://www.forbes.com/sites/jonmatonis/2012/09/12/key-disclosure-laws-can-be-used-to-confiscate-bitcoin-assets/
Jail time for refusing to comply with mandatory key disclosure hasn’t occurred in the United States yet. But, it’s already happening in jurisdictions such as the UK, where a 33-year-old man was incarcerated for refusing to turn over his decryption keys and a youth was jailed for not disclosing a 50-character encryption password to authorities.
Similarly harsh, key disclosure laws also exist in Australia and South Africa which compel individuals to surrender cryptographic keys to law enforcement without regard for the usual common law protection against self-incrimination.
Key disclosure laws may become the most important government tool in asset seizures and the war on money laundering. When charged with a criminal offense, that refers to the ability of the government to demand that you surrender your private encryption keys that decrypt your data. If your data is currency such as access control to various amounts of bitcoin on the block chain, then you have surrendered your financial transaction history and potentially the value itself.
Take Your Stinking Paws Off My Benjamins, You Damn Dirty Statist Daniel J. Mitchell Daniel J. Mitchell Contributor
Kim Dotcom's Pretrial Legal Funds Would Be Safe With Bitcoin Jon Matonis Jon Matonis Contributor
Brainwallet: The Ultimate in Mobile Money Jon Matonis Jon Matonis Contributor
My Answer To A VC's Bitcoin Question Jon Matonis Jon Matonis Contributor
These laws will impact not only money laundering prosecution but almost any asset protection strategy that attempts to maintain an element of financial privacy such as private banking or family trusts. Prior to all these money laundering laws being enacted, I once heard it said that the practice of moving money around was simply referred to as banking.
Doug Casey famously said that “it’s a completely artificial crime. It wasn’t even heard of 20 years ago, because the ‘crime’ didn’t exist.” Furthermore he said, “The War on Drugs may be where ‘money laundering’ originated as a crime, but today it has a lot more to do with something infinitely more important to the state: the War on Tax Evasion.” And, if they can’t track it from the outside via the banks and financial institutions, they’ll track it from the inside via access to an individual’s passwords and private keys.
In the United States, relevant case law has revolved around the Fifth Amendment privilege against self-incrimination as there is currently no specific law regarding key disclosure. The definition of a password is alarmingly broad too — all the way from an extension of your personal memory to an illegitimate tool that only hides something tangible from law enforcement.
The first case to address directly the question of whether a person can be compelled to reveal his or her encryption keys or password was In re Grand Jury Subpoena to Sebastien Boucher in 2009. Here a magistrate judge ruled that producing the passphrase for the encrypted hard drive would constitute self-incrimination, but on appeal the District Court overturned that decision, holding that decrypting and producing the complete contents would not constitute self-incrimination since Boucher initially cooperated in showing some of the computer files to border agents.
Next, there was the federal criminal case of United States v. Fricosu in 2010 in which the Federal District Court ordered a criminal defendant to decrypt the contents of an encrypted laptop. Although the defendant claimed Fifth Amendment rights against self-incrimination and the Electronic Frontier Foundation (EFF) filed an amicus curiae brief, the Court sided with the government in ruling that since defendant admitted to ownership of the laptop and knowledge of the passwords in a recorded conversation, the existence of evidence was a “forgone conclusion” and therefore Fifth Amendment privilege could not be implicated. In early 2012, the Tenth Circuit Court of Appeals rejected an appeal and let that decision stand.
In a blog post, Orin Kerr cited In re Weiss (703 F. 2d 653) in summarizing testimonial obduracy and what a future Court’s likely posture would be if defendant refuses to comply with a key disclosure order or claims to have forgotten the password. On the specific Fifth Amendment issue in United States v. Fricosu, Kerr states:
If I’m reading Fricosu correctly, the Court is not saying that there is no Fifth Amendment privilege against being forced to divulge a password. Rather, the Court is saying that the Fifth Amendment privilege can’t be asserted in a specific case where it is known based on the facts of the case that the computer belongs to the suspect and the suspect knows the password. Because the only incriminating message of being forced to decrypt the password — that the suspect has control over the computer — is already known, it is a “foregone conclusion” and the Fifth Amendment privilege cannot block the government’s application.
In another case upholding the constitutional right against forced decryption, the Eleventh Circuit Court of Appeals in United States v. Doe on February 24th, 2012 overturned a contempt of court ruling for refusing to decrypt. Arguing that without any specific knowledge of a hard drive’s file contents or file existence, the government cannot assert that certain items can be described with “reasonable particularity” and therefore compelling a defendant to produce those files would violate the Fifth Amendment’s protection against self-incrimination. The Electronic Frontier Foundation (EFF), which again filed an amicus curiae brief in the case, called it a major victory for constitutional rights in the digital age.
To say the cryptocurrency bitcoin is disruptive would be an understatement. Bitcoin not only disrupts payments and monetary sovereignty, it also disrupts the legal enforcement of anti-money laundering laws, asset seizure, and capital controls. It is very likely that a key disclosure case will make it to the U.S. Supreme Court where it is far from certain that the Fifth Amendment privilege, as it relates to a refusal to decrypt bitcoin assets, will be universally upheld.
Many observers have suggested defensive techniques that deploy TrueCrypt disk encryption with hidden volume partitions or PGP Whole Disk Encryption rendering the entire computer unbootable thereby making even file time and date stamps unavailable. Another legal strategy to complicate matters could be to split the passphrase with another person and claim that you are never in possession of the entire real passphrase. Then, at least there would be “plausible deniability” as to who provided the invalid portion of the passphrase or you would have a cellmate if held in contempt.
-
AGAIN ! NEVER EVER TALK TO COPS ! NEVER NEVER NEVER !
IF YOU ADMIT THATS YOUR LAPTOP THEY WILL FUCK YOU SOMEHOW! ALWAYS !
DONT TALK ! NEVER !
-
You won't pry my fingers from its private key until you pull it from my cold dead hands.
-
You won't pry my fingers from its private key until you pull it from my cold dead hands.
Hear ye, hear ye!
-
"This could never happen in America"
-
AGAIN ! NEVER EVER TALK TO COPS ! NEVER NEVER NEVER !
IF YOU ADMIT THATS YOUR LAPTOP THEY WILL FUCK YOU SOMEHOW! ALWAYS !
DONT TALK ! NEVER !
If you read the OP carefully, you will see that Bungee's analysis is spot on: never speak with LE without a lawyer present. Never, for any reason. None of those cases, in the USA anyway, would have gotten anywhere if the suspect simply did not speak with the cops.
Forcing you to reveal encryption keys is interesting in this context. I can see how it might be made to happen however I seriously doubt it will be effective. I can think of a number of things that can be done which will completely stop this line of inquiry. ("Oh, yeah, that was my address. I sent all those coins to bitZino.com and then lost it all in Roulette." Remember: don't talk to LE, this is just an example of what could be said. Talk to a lawyer before you say anything.)
One piece of advice would be to look into Brain Wallets. Essentially it is a method to generate a public/private key pair by simply using a password. You never have to have anything written down or on your computer if you can remember the password. (Obviously you have to put something in a computer to spend the coins in that wallet. This is just for funds that you want to store for a while or, at least, that you don't immediately need.)
Similar to the idea of TrueCrypt, if you create two passwords, one with your real account and one with a fake, you can always give LE the fake password if you are forced to in court.
-
AGAIN ! NEVER EVER TALK TO COPS ! NEVER NEVER NEVER !
IF YOU ADMIT THATS YOUR LAPTOP THEY WILL FUCK YOU SOMEHOW! ALWAYS !
DONT TALK ! NEVER !
you will see that Bungee's analysis is spot on:
Beavis & Butthead -> mehmeh "He said "Analysis" mehehehe meheheheheh
Thank you for treating the rant as "Analysis" 8)
Seriously *nosarcasm*
-
nice post. crazy. how long could you be held in contemp.
-
Makes a good argument not to have the computer admin account to be Your Full Name, as that might muck things up.
-
Makes a good argument not to have the computer admin account to be Your Full Name, as that might muck things up.
this argument is as old as the first ms os :D
-
I heard that the penalty for key disclosure is analogous to an obstruction of justice.
Which, is a minor offense compared to what you may be keeping covered by not revealing your passphrase.
Yet, it is still an illegal and unethical charge. A judge is trying to have you put in jail for evidence they don't have.
-
"This could never happen in America"
I hope your quotations indicated sarcasm. this could most definitely happen in America, but it probably would be from an IRS investigation than a DEA investigation. Think Al Capone.