US child porn suspect doesn’t have to decrypt hard drives – yet

Child porn study examines nasty new trends including sextortion

Child, courtesy of ShutterstockIn a case that could have far-reaching implications for compelling criminal suspects to decrypt digital storage devices, a judge on Tuesday stayed [PDF, posted courtesy of Wired] – temporarily suspended – a previous order that would have forced him to decrypt hard drives suspected of containing child pornography.

The hard drives were seized from computer scientist Jeffrey Feldman, from the US state of Wisconsin.

The government has previously said in court papers that even without forcing Feldman to decrypt storage devices found in his house, they have managed to glean incriminating data from unencrypted portions of the storage.

The government says it found a large number of user-created links that “strongly suggest, often in graphic terms,” the presence of encrypted abuse images on Feldman’s hardware.

The investigators also found a peer-to-peer sharing utility that contained logs of 1,009 videos that Feldman had allegedly received, distributed and stored – most of the filenames being “unambiguously indicative” of child porn.

At question is Feldman’s right, under the Fifth Amendment, to be shielded from self-incrimination.

Magistrate William Callahan Jr. of Wisconsin wrote in April that this is “a close call,” but that if Feldman used a password to decrypt a storage device, it would be, more or less, the same as telling the government “something it does not already know” and would be tantamount to self-incrimination.

Callahan subsequently viewed new evidence that caused him to reconsider.

According to the order [PDF], the Federal Bureau of Investigations (FBI) had managed, given “substantial resources,” to decrypt and access one single hard drive.

Hard drive, courtesy of ShutterstockOn that decrypted segment of Feldman’s far more extensive storage system, the FBI says it found “an intricate electronic folder structure comprised of approximately 6,712 folders and subfolders,” in which agents found 707,307 files, including “numerous files which constitute child pornography.”

Writing [PDF] in late May, Callahan ordered Feldman to either enter the passwords without being observed by law enforcement or government counsel, or provide an unencrypted copy of the data.

However, a new federal judge, Rudolph Randa, has stayed that decision. Ars Technica’s Cyrus Farivar writes that Callahan was taken off the case, not being an “Article III Judge” and lacking the authority to grant the order in the first place.

The latest wrinkle in Feldman’s case doesn’t do much but postpone the question of whether compelling somebody to decrypt their electronic storage device is a violation of Fifth Amendment rights.

But if the government already has enough evidence to convict Feldman of possessing child abuse images, is it necessary to compel decryption?

We’ll keep watching this space. Regardless of this case or others like it, it’s important to fight the erosion of rights such as those granted by the Fifth Amendment.


Image of child and hard drive courtesy of Shutterstock.