Legal compulsion and crypto

Nicholas Bohm nbohm at ernest.net
Mon, 06 Jul 1998 19:48:25 +0100 

Some rather different issues have got bundled up together on this subject.
I offer some comments with a view to sorting them out (though I do not have
the expertise in enough specialist subjects to think I can offer definitive
answers):

In the context of discovery in civil litigation, or of a subpoena to
produce documents and give evidence, or (with differences of detail) the
powers of the Serious Fraud Office to insist on the provision of information:

1  Generally you do not have to keep a copy of what you say or send to
anyone.  Therefore you cannot be penalised for not providing a copy unless
you can be proved to have kept one and to be withholding it in breach of
some relevant duty.

2  If you originally had a copy but you destroyed it (or a key necessary
for gaining access to it), you cannot be penalised for not providing a copy
(unless you destroyed it after coming under a duty to provide it - contempt
of court); but you may be obliged to say when you destroyed it.  You would
probably be under a duty to provide ciphertext, however useless it might
seem without the key.

3  If you can decrypt ciphertext I have no doubt that a court would compel
provision of plaintext on pain of penalties for contempt of court
(unlimited fines and/or imprisonment).

4  You would be obliged to answer questions about the content of the
communication so far as you could remember where you were subject to
subpoena or an SFO notice.

In the context of search warrants, the approach is a little different.
Generally they permit what would otherwise be a criminal offence or a
trespass.  If you won't open your safe, it can be broken open; but it is no
offence not to hand over the key.  PACE says "The constable may require ",
but seems to provide no sanction for any failure to comply.  Criminal
powers are generally interpreted restrictively rather than liberally (or so
they say), and on this basis "visible and legible" mean no more than they
say, and do not extend to "intelligibly" or "in English" or to requiring
any other transformation.

New legislation ought to confront some of the problems in the criminal
context so that we know clearly where we stand.

Bear in mind, finally, that these are principles.  How they work is a
practical matter.  The fact that you cannot produce a copy of a document
because you have destroyed it justifies your not producing it on subpoena,
in principle.  But if in practice the judge disbelieves you, then you may
find yourself in hot water.  The same will no doubt be true of the
principles which in due course cover compulsory decryption.

	Regards,

		Nicholas Bohm

Salkyns, Great Canfield,
Takeley, Bishop's Stortford CM22 6SX, UK

Phone		01279 870285	(+44 1279 870285)
Fax		01279 870215	(+44 1279 870215)
Mobile   	0860 636749  	(+44 860 636749)

PGP RSA 1024 bit public key ID: 0x08340015.  Fingerprint:
9E 15 FB 2A 54 96 24 37  98 A2 E0 D1 34 13 48 07
PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF.  Fingerprint:
5248 1320 B42E 84FC 1E8B  A9E6 0912 AE66 899D D7FF