The contentious case of a man held in custody since 2015 for refusing to decrypt two hard drives appears to have reached a resolution of sorts after the US Court of Appeals ordered his release.
Former Philadelphia police sergeant Francis Rawls was arrested in September 2015, during which the external hard drives were seized along with other computers from his home.
Based on forensic analysis of his download habits and the testimony of his sister, the police believe they contained child abuse imagery but were unable to prove that without access to the drives.
Rawls claimed he did not know or had forgotten the passcodes while his lawyers argued that on principle forcing him to reveal these violated his Fifth Amendment right against self-incrimination.
Ruled in civil contempt of court, in 2017 a second court rejected the Fifth Amendment argument.
Never formally charged with a crime, a lot seems to have hinged on whether Rawls should be treated as a suspect or a witness. If Rawls was considered a witness, the fact that he’s being asked to provide information that could be used against himself, is, in effect, self-incriminating testimony.
From the start, this was an unusual case that will be referenced for years to come, not last by the civil liberties campaigners who took up the case and opposed the Government’s arguments.
The prosecutors said they had ample evidence of Rawls’ alleged downloading of child abuse images but seemed happy to leave him in jail without charge.
Their assumption that he knew the passcode meant that he would surely relent rather than languish in jail indefinitely. And yet, Rawls didn’t relent, perhaps calculating that the courts would eventually take his side in a highly technical argument.
Rawls has now been released on the basis that the detention under civil contempt does not allow prosecutors to hold a witness for longer than 18 months.
But there was always a technical dimension hovering over this case – the hard drives were reportedly encrypted using Apple’s FileVault software.
Although Rawls could have been using any encryption software, Apple’s involvement must have hit a nerve.
The company has been in dispute with the Government over a series of cases, most famously attempts to force Apple to aid access the iPhone of the San Bernardino shooter in 2015. More recently, the iPhone access issue came up again after a shooting at a US Naval base.
The Rawls case is different in that it’s not the company being pursued but the suspect. But it underlines the battle now happening between companies offering encryption which can be used by anyone and a Government keen to head off the inconvenience this creates.
In January it was alleged that Apple has been more cooperative with the Government than it’s yet admitted, rowing back on a plan to extend end-to-end encryption to iCloud backups.
Ultimately, the FBI would like a backdoor only they could use, a move Apple has resisted.
But failing that, there’s always the front door. Rawls seems to have held out against demands for encryption passcodes, but he won’t be the last to be asked.
Latest Naked Security podcast
Click-and-drag on the soundwaves below to skip to any point in the podcast. You can also listen directly on Soundcloud.
36 comments on “Suspect who refused to decrypt hard drives released after four years”
I think Apple should allow back door access to their systems. I think it’s fine that we to give up some of our rights and privacy to be protected by the federal government. The FBI is only here to protect us and would never do anything wrong with access to our data. I’m sure it would be fine. Apple, don’t fight — you must obey.
Do you live under a rock?
The Weaver family would disagree, if they were alive. (Ruby Ridge)
After all, if you have nothing to hide, why hide?
It’s not about hiding. I have never been political. I am not even registered to vote. I am 40 years old. I mentioned this to a co-worker, he broke it down for me and after asking my opinion on a few subjects surmised i am mostly democrat. My boss walked in the room and listen for a few minutes, and 2 weeks later i was told i wasn’t getting a raise this year. I am the highest producing employee with perfect attendance for 3 years. Turns out the boss went to a trump rally a few days before.
Aye, you’ve a good point. But sadly the US government is very opaque with what they do, without any stoppers for corruption and very overzealous, so sadly, no matter if you have something to hide or not, they may well incriminate you regardless. That’s the unfortunate reality of the situation, so until there is a massive overhaul of the US political system, there shall always be good reason to hide what one does.
“People who trade freedom for security have neither”.
yeah anyone who trades freedom for security deserves neither
Backdoors aren’t just for the people you like, they are for everyone.
LOL, apart from all the other reasons no to, if Apple built back doors into their devices it would decimate sales.
I dont think it really would. Among IT savy people maybe a little. But 98% of people probably wouldn’t care at all.
My sarcasm radar is setting off alarms. I certainly hope it’s reading this correctly as sarcasm.
Plus, as you already know, no one but the FBI would ever be able to use that access. Ever.
Lol the comments below show how people just don’t have a sense of humor.
Nice try, FBI.
Give up “some of our rights” today. They give up some more tomorrow, the next day, etc. How many days until we have none left?
I expect they made clones of his drives to work on. It’s likely that eventually they will be readable and he will be back in court, even if it takes 20 years. Something to watch for; If he is guilty, he will leave the country and change his name.
Even if they say they made clones, who’s to say the evidence wasn’t planted on a so called cloned drive? I mean if your an innocent person of the public and your picked up for selling arms on the Web, witch you have never done in your life and they take your drive and show a court that you have been selling arms and here it is on your drive, they plant it in there, how do you prove it was planted, does it leave a trace showing it was planted? Always, always back up your drive to an external drive, and do it frequently so you have proof of your own after they take the main drive from your devise, giving governments, law and military a backdoor to your phone or computer is making everyone vulnerable to being set up, the way they want you set up, remember your just a number In there eyes no matter how powerful you are, give them access and they can wipe you from history or make you a criminal.
Unlikely to happen in 20 years. Maybe in 100 years when a brute force attack could be successful.
Now to search for encryption software that allows for two passwords: One that will decrypt all the data, the other to destroy all the data. Oop! I got them confused. Sorry about that. Poof goes the data. No doubt someone has already devised such software.
They have such features. One decripts mildly offensive stuff leaving the illegal stuff totally hidden.
That would have to be encoded in specific hardware. Like, the hardware itself needs a password, and in the event you enter the wrong password three times or attempt to temper with it, the data gets destroyed. Perhaps they could have it sealed so that it gets destroyed if the internal pressure changes, or something like that. Perhaps it could even be built to look like a regular 3.5″ SATA drive to prevent people from knowing what kind of security features to expect.
Good advert for filevault.
I was nervous whether 128 bit key or some undisclosed flaw could make my backup drives vulnerable. I don’t have any fantasies about FBI/NSA coming for me, but I do want my systems secure against more likely attackers.
Two years on and trained techs still not got in – probably good enough for an ordinary guy like me to say filevault would not be the weakest point in my security.
In the vast majority of cases, human error is what makes a successful attack.
My mate will decript it for a fiver and a bag of cheese and onion crisps
Your mate needs to chat to Philadelphia police – they will give him more than a fiver and a bag crisps.
If I hear that has happened – this guy then back in jail + on the sex offender list where needs to be – I’ll happily give your mate another bag crisps … and then start using additional 3rd party encryption on my filevault drives.
If they build a back door bad actors will have access, possibly before law enforcement gets a chance to use it.
The problem with a dedicated backdoor is that it exists. One bad actor or shady gov’t contractor with debt, and the backdoor is for sale on the darkweb. Or Chinese hackers will hit the NSA zero-day repository, or Russians named after a bear will discover it through trial and error, or some other highly likely worst case scenario. If unintended bugs can be found, an intentional vulnerability most certainly will be.
Doubtful – assuming the files were encrypted with a strong hash and he used a sufficiently strong password, barring an unlikely breakthrough in quantum computing it would take any computer that could conceivably be created in our lifetimes hundreds of millions to billions of years to brute-force the password. This is why the government so badly wants backdoor access to modern encryption – there’s no other way around it.
I would certainly love to have a go at cracking those hard drives.
Pretty sure that would be something that can be done.
So if China does it’s an evil dictatorship and when the US does the same it’s just a mistake a misunderstanding and a isolated case.
They got into apple devices via a spoofed “update” process I believe. That may have changed. If they can crack other devices via something like quantum superiority they’ll just make hardware that’ll effectively self-destruct under cloning or cracking circumstances.
Quantum computers may provide an advantage against asymmetrical encryption (RSA, elliptical curve), but not against symmetrical encryption like AES.
Apple cannot give a backdoor easily. That would compromise their existence.
Writers and other content creators do not want to have to worry about their content being distributed all over the internet half finished or in a state they never meant anyone to read/see, let alone steal. I need to know that no one is going to be able to get their hands on something I consider a piece of my soul until I am ready to share it. So I do not want to have to worry about the possibility that this protection may be circumvented by anyone.