Federal court finds refusing to decrypt a hard drive is contempt of court

politicians on social media randall case court gavel
Paul Matthew Photography/Shutterstock

Refusing to decrypt your hard drive for authorities, even if you’ve allegedly forgotten the password, is still considered contempt of court. That’s according to a U.S. Third Circuit Court of Appeals ruling handed down this week, which upheld a lower court ruling.

The John Doe at the center of the case had argued that not decrypting his hard drives was allowed under his Fifth Amendment right to avoid self-incrimination. The man is accused of owning child pornography. Several devices were seized upon his arrest including a Mac Pro, two external hard drives, an iPhone 5S, and an iPhone 6 Plus.

According to court documents published by The Register, the defendant had voluntarily handed over the password for one of his iPhones but refused to do so for his Mac and the two external hard drives. The authorities eventually got access to the Mac with help from forensic analysts but have been unable to decrypt the external hard drives.

Through their investigation, the analysts determined that the computer had been used to download files from sites that hosted child abuse material, however these files were not found on the Mac. The police believe they are stored on the external hard drives, citing a statement from the defendant’s sister indicating that she said she saw these files on the drives.

The defendant had already provided access to his iPhone 6 Plus where police did indeed find incriminating material.

“Forensic analysts also found an additional 2,015 videos and photographs in an encrypted application on Doe’s phone, which Doe had opened for the police by entering a password,” said the ruling.

Based on this, the police felt that there was reasonable cause for decrypting the hard drives in the same way the other devices were decrypted. However, John Doe failed to provide access to the hard drives because “he could not remember the passwords necessary to decrypt the hard drives,” Several incorrect password attempts were made during the examination.

The judge overseeing the case thinks otherwise, though, and stated that the defendant was lying and “chose not to reveal [the passwords] because of the devices’ contents” which amounts to contempt of court.

An attorney for the Electronic Frontier Foundation told The Register that it was disappointed in the ruling. The digital rights organization is opposed to compelled password production by authorities. “Any time suspects are forced to disclose the contents of their mind, that’s enough to trigger the Fifth Amendment, end of story,” he said.