Encryption & New Zealand Law

Forums › ICT Policies and Regulation › Encryption & New Zealand Law

1 | 2 | 3 | 4

2385 posts

Uber Geek
+1 received by user: 286
Inactive user

#765854 19-Feb-2013 15:52

russelo:

I suppose a hidden volume would be the way to go in this instance (assuming you were one wanting to hide something) as a court would order you to decrypt the drive, you would provide a key for the decoy drive and proving that you have provided a decoy key would be incredibly difficult.

Is a hidden volume enough to acquit you? What if the judge is smart enough to know this feature and requires you to hand over the second key? There's no way to prove if there is indeed a hidden volume, can you still be held in contempt for not providing the key to a 'only you knows' existing or non-existing hidden volume?

Thats not how it works

Have a look here:

http://www.truecrypt.org/docs/hidden-volume

Klipspringer

2385 posts

Uber Geek
+1 received by user: 286
Inactive user

#765855 19-Feb-2013 15:54

ajobbins:
russelo: Is a hidden volume enough to acquit you? What if the judge is smart enough to know this feature and requires you to hand over the second key? There's no way to prove if there is indeed a hidden volume, can you still be held in contempt for not providing the key to a 'only you knows' existing or non-existing hidden volume?

The difference is that there is no argument that there is an encrypted volume. They can therefore require you to hand over the key.

With a hidden volume they can't know that it is (or isn't) there. If you hand over the key to the 'good' volume, there is nothing more they can do or ask of you.

Suggesting that there was a hidden volume would be conjecture.

Nicely explained.

muso

28 posts

Geek
+1 received by user: 6

#765856 19-Feb-2013 15:55

SaltyNZ:
You will never see a government vote to decrease their powers. Historically, getting that to happen requires a revolution.

Not true... for example here, here, here (explained here), part 2 subpart 8 of the Evidence Act, (eg s60), here...

Among others

SaltyNZ

8869 posts

Uber Geek
+1 received by user: 9554

Trusted

2degrees

Lifetime subscriber

#765858 19-Feb-2013 16:10

muso:
SaltyNZ:
You will never see a government vote to decrease their powers. Historically, getting that to happen requires a revolution.

Not true... for example here, here, here (explained here), part 2 subpart 8 of the Evidence Act, (eg s60), here...

Among others

I'll give you some of those but not all.

The king didn't sign the Magna Carta because he was a nice guy; he signed it because the nobles - who commanded significant armies of their own - threatened him, in a nutshell. It's not an accident that high ranking nobles are referred to as 'peers'. That's their chosen word, not the monarch's.

Likewise the Fourth Amendment - you're talking about a very new government that had just been formed by a revolution. It is quite telling that contemporary US governments are quite handy at waving away Fourth Amendment objections. In point of fact in a lot of ways, common law countries with *no* constitutional rights to things like free speech often have in practice more protections than the US.

Anyway, perhaps I should not have used the word 'never'. Let me say instead that it is the exception to the rule.

iPad Pro 11" + iPhone 15 Pro Max + 2degrees 4tw!

These comments are my own and do not represent the opinions of 2degrees.

muso

28 posts

Geek
+1 received by user: 6

#765861 19-Feb-2013 16:13

SaltyNZ:
Let me say instead that it is the exception to the rule.

Agreed :)

timbosan

2199 posts

Uber Geek
+1 received by user: 294

Subscriber

#765865 19-Feb-2013 16:29

1080p:
timbosan:
Judge David Harvey told me about it in 2003: No right to silence for computer users.

I wish Judge Harvey was a member here on Geekzone, the guy is very smart and really sets the stage for how the legal system in NZ can embrace and understand technology. If you ever have a chance, read his papers.

Where is he published? Does he lecture for a university or something?

I had access to some papers via my University subscription, but a quick search picked this up - directly related to this very thread.

EVERYONE should read this.

http://www.waikato.ac.nz/__data/assets/pdf_file/0011/125201/Waikato-Law-Review-vol-4-Issue-2-1996.pdf

There is even reference to a case that highlights self incrimination.

(Starts on Page 64, WARNING - PDF LINK!!!)

New World

Shop on-line at New World now for your groceries (affiliate link).

Dratsab

3964 posts

Uber Geek
+1 received by user: 1728

Trusted

Lifetime subscriber

#765895 19-Feb-2013 18:22

1080p: I remember reading about this case in which the police went to incredible lengths to secure an offender's computer while it was on and decrypted so they were able to analyse its contents. Would this mean a judge could not have ordered the drive's decryption or simply that the police wanted an easier time gathering evidence?

My interest is based on the rising number of crimes being committed online, from hacking to child pornography to copyright infringement, and the technical inability to crack such encryption systems when administered correctly.

I think this line from the article you've linked to adresses much of what you ask here: "We were aware if we didn't get the system live it would be a boat anchor and the success of the case would be hugely compromised."

1080p

1332 posts

Uber Geek
+1 received by user: 152
Inactive user

#765942 19-Feb-2013 20:40

Dratsab:
1080p: I remember reading about this case in which the police went to incredible lengths to secure an offender's computer while it was on and decrypted so they were able to analyse its contents. Would this mean a judge could not have ordered the drive's decryption or simply that the police wanted an easier time gathering evidence?

My interest is based on the rising number of crimes being committed online, from hacking to child pornography to copyright infringement, and the technical inability to crack such encryption systems when administered correctly.

I think this line from the article you've linked to adresses much of what you ask here: "We were aware if we didn't get the system live it would be a boat anchor and the success of the case would be hugely compromised."

Indeed, I was interested to know whether not having the computer in a decrypted state would actually be a hindrance to a case/investigation or if a judge could simply order the keys be handed over. It turns out that a judge can do just that according to the legislation linked in this thread.

I wonder why they went to so much work in that case, they teamed up with the FBI and coordinated a chat with the man while they conducted the raid. It seems like an incredible amount of effort to go to if they could simply order the man to hand over decryption keys after the fact.

This is why I am interested in contempt of court, I suppose a judge cannot keep you in prison indefinitely so perhaps keeping your mouth shut would lead to less time in prison overall, depending on the charge.

BigMal

998 posts

Ultimate Geek
+1 received by user: 160

ID Verified

Trusted

#765943 19-Feb-2013 20:40

In the mid 2000's I worked for the NZ police e-crime department. We had a case where someone had what we believed to be encrypted wav files on his machine. He had conveniently forgotten all his passwords and at the time (from memory) the punishment for withholding a password was significantly less harsh than the punishment he would have received if the encrypted files contained the bad stuff that was suspected.

I don't work there anymore and don't know if the law has changed since.

1080p

1332 posts

Uber Geek
+1 received by user: 152
Inactive user

#765944 19-Feb-2013 20:42

timbosan:
1080p:
timbosan:
Judge David Harvey told me about it in 2003: No right to silence for computer users.

I wish Judge Harvey was a member here on Geekzone, the guy is very smart and really sets the stage for how the legal system in NZ can embrace and understand technology. If you ever have a chance, read his papers.

Where is he published? Does he lecture for a university or something?

I had access to some papers via my University subscription, but a quick search picked this up - directly related to this very thread.

EVERYONE should read this.

http://www.waikato.ac.nz/__data/assets/pdf_file/0011/125201/Waikato-Law-Review-vol-4-Issue-2-1996.pdf

There is even reference to a case that highlights self incrimination.

(Starts on Page 64, WARNING - PDF LINK!!!)

Tanks for this, I'll see if a friend can get a copy of his publications. I am interested to see what he has said.

1080p

1332 posts

Uber Geek
+1 received by user: 152
Inactive user

#805205 24-Apr-2013 22:43

I just came across this and although it is all based in US law I would imagine something similar would occur here. If a judge had reason/suspicion to believe you were intentionally answering "I don't know/can't remember." to questions about your password then he'd likely just hold you in contempt. I wonder how difficult it would be to convince a judge that you have forgotten a 64 character password?

New World

Shop on-line at New World now for your groceries (affiliate link).

Zeon

3926 posts

Uber Geek
+1 received by user: 759

Trusted

#805239 24-Apr-2013 23:21

Interesting thread and very glad you posted it. The right to silence does seem like a thing of the past. I wonder how many NZers realize that? It's interesting in America too how they let the terorists win by destroying their freedoms from the inside in the name of security.

Speedtest 2019-10-14

coffeebaron

6304 posts

Uber Geek
+1 received by user: 3567

Trusted

Lifetime subscriber

#805326 25-Apr-2013 09:44

Implement a kill switch. E.G. Hand over valid encryption keys, but system needs a secondary (silent) authentication within a small time frame, else it will activate an auto re-encrypt with random keys, or a more exciting self destruct sequence.

Rural IT and Broadband support.

Broadband troubleshooting and master filter installs.
Starlink installer - one month free: https://www.starlink.com/?referral=RC-32845-88860-71
Wi-Fi and networking
Cel-Fi supply and installer - boost your mobile phone coverage legally

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com

SaltyNZ

8869 posts

Uber Geek
+1 received by user: 9554

Trusted

2degrees

Lifetime subscriber

#805329 25-Apr-2013 10:05

TrueCrypt has lots of plausible deniability features... fake volumes that are presented if a special key is entered instead of the real one, for example.

iPad Pro 11" + iPhone 15 Pro Max + 2degrees 4tw!

These comments are my own and do not represent the opinions of 2degrees.

1080p

1332 posts

Uber Geek
+1 received by user: 152
Inactive user

#836092 12-Jun-2013 22:53

Well, everything I own that is able to store data (with the exception of my phone and tablet) is now encrypted and plausibly deniable.

My only remaining 'weaknesses' are my workstation SSD which is too small to install a guest OS in an outer volume and a secret one in an inner volume; this will change as soon as I can pick up a larger SSD and my ZFS server has disk level AES but is not plausibly deniable. I don't know of a better solution, however.

Transfer rates for items like external HDDs are not affected noticeably either which is a bonus.

I had no reason to worry beforehand but this was surprisingly simple to configure and maintenance is a breeze (non existent): I recommend it. :)

1 | 2 | 3 | 4