Posted by Orin Kerr:
The Myth of Crypto As A Crime:
http://volokh.com/archives/archive_2005_05_22-2005_05_28.shtml#1117211056
A story is circulating around the blogosphere that using encryption is
now considered evidence of criminal activity, at least according to a
recent court decision. I think the misunderstanding started with
[1]this piece by Declan McCullagh, was then picked up by Bruce
Schneier's [2]widely read blog, and spread from there to may other
blogs (see, e.g., [3]here, [4]here, and [5]here). Obviously, the idea
that using encryption necessarily reflects criminal activity is rather
silly; Internet users use encryption all the time for all sorts of
legitimate reasons. As many critics of the new decision have noted, it
makes no sense to see encryption as inherently linked to crime. But
contrary to the blogospheric common wisdom, no court ever said it was.
Here is what happened in the case, [6]State v. Levie, decided by the
Minnesota Court of Appeals. (Warning: graphic, disturbing, and lengthy
facts of the case ahead.) The defendant in the Levie case was charged
with soliciting his young niece to take nude pictures of her for
money. The niece testified that her uncle, the defendant, had asked to
take nude pictures of her starting when she was 8 years old, and that
when she was nine she agreed to let him do so on several occassions.
The defendant took digital photographs of his young niece and
transfered them on to his computer. At one point, in late 2002, the
defendant asked his niece "to allow him to take a photograph of her
naked vagina and to pose naked for him with her legs straddling his
body as he lays between her legs and t[ook] a picture of her naked
vagina." The girl refused, and eventually the case was reported to the
police. The defendant had been accused of child sex-related offenses
before, and was known for hosting sleepover parties with 8-to-10
year-old girls.
The police seized the defendant's computer pursuant to a search
warrant and analyzed it using EnCase forensic software, a tool for
analyzing hard drives that is commonly used by state and federal law
enforcement. Presumably the goal was to recover the pictures of the
victim that the defendant had taken before, as well as any other
evidence that might verify the young victim's story. The EnCase
software produces a report that explains the contents of the hard
drive, and a detective created such a report in the caseusing the
software.
Surprisingly, however, the report did not reveal the discovery of
any nude photographs of the victim, or any other child pornography.
The only evidence the report recovered was that someone had entered
child-sex related search terms such as "lolita" into a web browser
found on the hard drive, and that there was a folder in the computer
labeled "research" that contained the text of the state statutes on
child pornography. The report also found that the computer contained a
copy of the encryption program PGP (pretty good privacy). The trial
judge ended up excluding part of the report at trial, but admitted the
portion of the report that disclosed the use of child-sex related
search terms and the existence of PGP.
The niece's testimony was the key evidence at trial. The contents of
the computer was an issue only to the extent it corroborated or
disproved her story. Although the opinion is not clear on this, it's
not hard to imagine why the contents of the computer were relevant.
The girl had testified that the defendant had put nude pictures of her
on his computer, but no pictures were recovered. The defense
presumably argued that the lack of pictures showed the niece was
lying. The government pointed to the Internet search terms as
corroboration, and argued that the lack of photos on the defendant's
computer only reflected the fact that he was savvy enough to get rid
of the images, hide them, or encrypt them because he knew the police
were coming. The evidence of the defendant's careful effort to hide
the files and evade law enforcement was the downloaded text of the
state statute and the copy of PGP. Not slam-dunk evidence, obviously,
but not entirely irrelevant.
And that's all that the Minnesota Court of Appeals held. Here is the
analysis:
Appellant first argues that he is entitled to a new trial because
the district court erred in admitting irrelevant evidence of his
internet usage and the existence of an encryption program on his
computer. Rulings involving the relevancy of evidence are generally
left to the sound discretion of the district court. State v. Swain,
269 N.W.2d 707, 714 (Minn. 1978). And rulings on relevancy will
only be reversed when that discretion has been clearly abused.
Johnson v. Washington County, 518 N.W.2d 594, 601 (Minn. 1994).
"The party claiming error has the burden of showing both the error
and the prejudice." State v. Horning, 535 N.W.2d 296, 298 (Minn.
1995).
Appellant argues that his "internet use had nothing to do with
the issues in this case;" "there was no evidence that there was
anything encrypted on the computer;" and that he "was prejudiced
because the court specifically used this evidence in its findings
of fact and in reaching its verdict." We are not persuaded by
appellant�s arguments. The record shows that appellant took a large
number of pictures of S.M. with a digital camera, and that he would
upload those pictures onto his computer soon after taking them. We
find that evidence of appellant�s internet use and the existence of
an encryption program on his computer was at least somewhat
relevant to the state�s case against him. See Minn. R. Evid. 401.
In sum, the court did not hold that encryption is a signal of
criminal activity. All it did was say that in one case, where a
crucial witness testified about the presence of a computer file on a
computer, that the presence of encryption software on the computer in
early 2003 was "at least somewhat relevant" to the question of whether
the defendant was a skilled computer user who had intentionally
removed any traces of that file from the hard drive.
References
1.
http://news.com.com/Minnesota+court+takes+dim+view+of+encryption/2100-1030_3-5718978.html
2. http://www.schneier.com/blog/archives/2005/05/encryption_as_e_1.html
3. http://www.bradspangler.com/blog/archives/83
4. http://blog.israeltorres.org/?p=38
5. http://www.temperantia.net/archives/2005/05/crypto_criminal.shtml
6. http://www.lawlibrary.state.mn.us/archive/ctappub/0505/opa040381-0503.htm
_______________________________________________
Volokh mailing list
[email protected]
http://highsorcery.com/cgi-bin/mailman/listinfo/volokh
