Computers, Privacy & the Constitution
Encryption, Common Use Assumptions, & the 5th Amendment of the U.S. Constitution

Section I The 5th Amendment

The 5th Amendment of the United States Constitution states that "No person...shall be compelled in any criminal case to be a witness against himself." While in this author's opinion, the above text is pretty straightforward and should mean exactly what it says, some Courts and commentators apply its meaning differently, and specifically with regard to how that sentence applies in today's world of near infinite digital storage.

As one commentator has argued regarding the tension through contemporary application of the 5th Amendment, "In the pre-digital age, there was a distinct boundary between the information that resided only in our minds and the information that we committed to paper. The former was afforded strong constitutional protection; the latter, much less so." In light of this sentiment, should the law recognize the boundaries of information storage? Especially in the context that the frequency at which people's general utilization of digital media (whether e-mail, text message, chat) has increased to such an extent that it could be argued that keeping files on one's own computer has become so "second nature" the law should afford special protection beyond keeping paper documents in a wooden filing cabinet? Furthermore, are the common assumptions of computer use adequately taken into consideration in the course of the law?

This author would contend that the trends to recognize greater protection for consumers in regard to lengthy "terms of service" that are generally accepted to be read by "no-one," should be used as an analogy to the possibility that the scope and depth of digital storage has become so intertwined with the way people think and behave that its contents should be afforded protection equal to that of the contents of any defendant's own mind. I must ask whether we are at a point in time where the assumptions about the use of technology should in fact govern the use of technology? Or will we continue to allow judicially created rules or contemporary statutes enforce rules of law that would today be both unexpected and have unexpected consequences?

Section II The CFAA Making Everyday Computer Use Criminal?

The Computer Fraud and Abuse Act (CFAA)(18 U.S.C. § 1030(a)(2)(A)-(C))makes it a crime for any person to "intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains information." The critical question that generally becomes at issue in these circumstances is what constitutes "authorization." Here, the statute makes it a criminal offense to in effect even view a website without proper authorization. The possible result here is that any website can in fact write its own criminal law against those users who utilize a service or any other aspect of the website in a manner that violates the private contract between user and service (the Terms of Service). It can be argued that this is an absurd result that an ordinary person would never expect, even some U.S. Courts that noted (United States v. Drew, 259 F.R.D. 449, 457-462 (C.D. California 2009)) that such a result lacks adequate notice. However, the question that this author feels is most important, in the context of whether the 5th Amendment should protect the compelled disclosure of encrypted files, is in regards to what is the common assumption? Some would argue that it is common knowledge that no one reads terms of service agreements. Thus, can the same be said that it is common knowledge that someone would believe that his or her encrypted data is just as secure as the thoughts inside his or her mind?

Section III Should Application of the 5th Amendment Follow Contemporary Assumptions About Computer Use?

In the opinion of this author the answer is yes, and one could argue that to some extent in some jurisdictions the law in some tentative ways reflects this position. In one case a Federal District Court in Florida held a defendant in contempt for not producing unencrypted contents of encrypted files. The 11th Circuit Court of Appeals later overturned this decision. As the 11th Circuit noted the prosecution told the defendant that they would not use the "act of production" against him, but would use the contents of the unencrypted files against him. The question must be asked whether such a statement comports at all with the spirit of the 5th Amendment? Regardless, the 11th Circuit found that the prosecution could not use evidence "derived from the immunized testimony." (immunized testimony being the "act of production"). Furthermore, action in the law that tracks the assumptions of computer users can be found in regards to where the European Union is questioning whether (in light of the recognition that few read Terms of Service Agreements) Facebook is giving its users sufficient notice regarding their privacy. Such a move by the EU could potentially reflect motion to recognize within the law what people actually assume as opposed to the law's varied interpretation.

Navigation

Webs Webs

r2 - 13 Mar 2012 - 01:35:08 - WilliamCorso
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM