R v.Lambert House of Lords and RIP reverse-burden-of-proof

Julian T. J. Midgley jtjm at xenoclast.org
Sun, 8 Jul 2001 11:42:42 +0100 (BST) 

On Sat, 7 Jul 2001, Owen Lewis wrote:

>
> It is also clear that if the enciphered container held incriminating
> material, it would be much in the interest of its owner to withhold the key,
> claiming it to be lost or some such. I can see no way to prevent such a
> course being taken except to ensure that it is likely to lead the owner into
> a great deal of trouble - albeit perhaps less trouble that he would be in if
> the contents could be read.
>
> It is essential with PKC that secret keys be kept securely. It is much in
> the interest of the owner that they are never lost or compromised, with the
> single exception that a 'loss' can thwart a search. It is reasonable
> therefore to presume that key holders secure their secret keys with care.

No it isn't.  The fact of its being sensible (or even necessary, for any
genuine security) to keep one's keys secure, does not by any stretch of
anyone's imagination imply that all those who have created secret keys for
whatever purpose will a) have kept them secure, b) still remember where
they are, or what the passphrases are.

It is sensible not to drive when drunk or extremely tired; it is
absolutely not reasonable to presume that every driver one meets on the
roads is therefore neither drunk nor extremely tired.

A better example (since there's no implied breaking of the law involved):
In the interests of ensuring that leather shoes wear well, it is
essential that they be polished regularly with a good polish.  It is
nonsense to suggest that this implies that all those who wear leather
shoes polish them regularly.


> Nevertheless, keys are lost from time to time; many of us will have lost a
> key at some time or other. Therefore it seems right that a court listen to a
> reasoned explanation as to why a key demanded has not been handed over and
> exercise judgement as to whether the explanation is reasonable in the
> circumstances.

What does that mean?  "Reasonable in the circumstances?"  -

'I typed rm -fr * in the wrong directory by accident, and didn't have any
backups.  Unfortunately I couldn't recover the data from the disk,
because by the time I noticed what I'd done, I'd already copied the
Netscape source on to the machine, unpacked it, and started compiling it'

Sounds reasonable to me (it's not an offence not to have backups).  But it
could just as easily be a convenient excuse behind which a criminal was
hiding.  How about trying to prove it?  Well, the presence of the Netscape
source on the machine corroborates the latter half of the story, but says
nothing about whether the keys were actually ever on that box.  Impossible
to prove either way (though fans of STM disk analysis might disagree).

What if the reason given was "the dog ate the floppy"?  Would that not be
reasonable because it sounds too much like a conventional schoolboy
excuse?  But dogs can and do chew up floppy disks (I've lost at least one
that way myself).

I fail to see how anyone can be expected to exercise judgment as to
whether the excuse proffered is reasonable or not (or, more usefully, I
believe that anyone (with a modicum of intelligence) can concoct an
explanation that must be accepted as reasonable since it could quite
reasonably have occured).

Therefore, I believe that it is nonsensical to suggest that we gain
anything by allowing a court to decide whether or not an explanation is
"reasonable in the circumstances".  Either the court tends towards genuine
"reasonableness", in which case the criminals win, or it tends towards
requiring "proof", in which case the innocents lose.  There is no happy
middle ground.

Even if there is a significant amount of prima facie evidence that the
accused is engaged in some criminal activity, it is wrong for the court to
assume that if he claims he no longer has the keys then he is lying.  It
is quite possible that his dog did eat the floppy that very morning, and
he should not be convicted of anything because of that misfortune.

> But the purpose of the law will be thwarted if the owner of a
> key is not required to prove that the loss has occurred and in some way that
> can be shown to have no connection to a demand for its surrender.

There is one significant flaw in this argument.  How does one prove that
one does not have something (or does not remember something)?  The
simplest case occurs when the secret key itself was on the same machine as
the data (and so is now in the hands of the police).  In order to make use
of this key, they require the passphrase.  They ask you for it.  You say,
"I'm sorry, but I've forgotten it".  They respond, "prove it".  And you do
what, exactly?

Surely at the very least the prosecution will need to start by proving
that at some point you possessed the key, before you can be asked to
prove that you don't any longer.  Even then, your failure to be able to
prove that you no longer have it should not be deemed incriminating.  ("I
lost the floppy in a house move." - might be true, might not be, can
hardly be proven.)


> So what should be the real effect of this on key owners? Surely, it
> reinforces their natural inclination to assure that their keys are well
> secured at all times. There is some miniscule part of the population who may
> be placed unfairly at risk because of such law. It seems to me that their
> satisfactory protection should come not from removal of the new offence of
> not surrendering a key but from ensuring that there is a strong prima facie
> case to be made against either the key holder or against some person from
> whom it can be shown he has been in receipt of enciphered information.

Careful.  It would appear from your above that if I am a known criminal,
and am aware that I am being monitored, I can get my own back on someone
who has crossed me by sending him some enciphered material (having created
a key in his name which I later discard).  He then has the devil of a time
proving that he didn't have the key.

And I don't believe that the possession of strong prima facie case against
an individual should have any bearing whatsoever on whether he is guilty
of failing to turn over the keys.  After all, if we have convincing
evidence that someone robbed a pharmacy, and a policeman is discovered
dead in the alley next to the pharmacy half an hour after it was robbed,
we don't convict the robber of the policeman's murder without requiring
evidence for that particular crime.

To be honest the only reasonable way that I can think of that will allow
the guilty to be convicted without also convicting the innocent is for the
police, instead of waltzing in and seizing equipment, to install
monitoring software on the suspect's machine (something to capture
keystroke's etc), and wait for him to use his key.  Not significantly
different in nature from a phone tap.

Julian

-- 
Julian T. J. Midgley                    http://www.xenoclast.org
Cambridge, England.                       PGP Key ID: 0xBCC7863F