Saturday, February 9, 2008

Pretty Good Privacy, Indeed



Encrypted Laptop Poses Legal Dilemma

Maybe some of the civil liberty erosion we've endured under the Bush administration is slowing down. Here's a case that will pit personal privacy against government intrusion in a way fundamental to digital life:
When Sebastien Boucher stopped at the U.S.-Canadian border, agents who inspected his laptop said they found files containing child pornography.

But when they tried to examine the images after his arrest, authorities were stymied by a password-protected encryption program.

Now Boucher is caught in a cyber-age quandary: The government wants him to give up the password, but doing so could violate his Fifth Amendment right against self-incrimination by revealing the contents of the files
Mr. Boucher uses a program called Pretty Good Privacy, encryption software that has a history of pissing off governments. Creator Philip Zimmerman ran afoul of panicky feds in the early '90's. They realized his encryption scheme was virtually unbeatable, and in a legal stretch that still astounds, defined PGP as a weapon, making it illegal to export, or, in this case, release to the Internet.
Philip R. Zimmermann is the creator of Pretty Good Privacy, an email encryption software package. Originally designed as a human rights tool, PGP was published for free on the Internet in 1991. This made Zimmermann the target of a three-year criminal investigation, because the government held that US export restrictions for cryptographic software were violated when PGP spread worldwide. Despite the lack of funding, the lack of any paid staff, the lack of a company to stand behind it, and despite government persecution, PGP nonetheless became the most widely used email encryption software in the world.

The idea that surrendering a password involves 5th amendment privilege is fascinating and a court decision regarding the issue is well overdue. This case bears watching.

PS: For a very solid on-the-fly and free encryption tool, I recommend True Crypt. It takes privacy to a new level. Without the password, files on a True Crypt drive can't even be seen, let alone examined. It's called "plausible deniability", and it's not just for Presidents anymore.

UPDATE (2/10/08): From the TSA Blog:
TSA does not and will not confiscate laptops or other electronic devices at our checkpoints. Our officers’ are solely focused on the safety of the traveling public and are looking for explosives and other prohibited items. Should one of our officers find something suspicious, we will immediately contact local law enforcement and potentially the local bomb squad. We will not ask for any password, access to any files or take the laptop from you for longer than it takes to determine if it contains a threat.

Should anyone at a TSA checkpoint attempt to confiscate your laptop or gain your passwords or other information, please ask to see a supervisor or screening manager immediately.

Powered by ScribeFire.

No comments:

Blog Archive

Creative Commons