More judicial dumbassery

An appeals court in Minnesota has ruled that simply having encryption software installed on one’s computer can be viewed as evidence of criminal intent.

In making his decision, Judge R. A. Randall:

[…]favorably cited testimony given by retired police officer Brooke Schaub, who prepared a computer forensics report–called an EnCase Report–for the prosecution. Schaub testified that PGP “can basically encrypt any file” and “other than the National Security Agency,” nobody could break it.

Actually, that’s a bit of an understatement. Properly implemented public-key cryptography (with sufficiently large keys) is essentially unbreakable, even by the NSA. But it’s also a cornerstone of Internet commerce, and — since it’s so effective — is now commonly used to secure sensitive documents and emails in everyday life, even for users who are unaware of its role.

Extending this logic, we may presume that sealed envelopes suggest conspiracy, since people with nothing to hide would just use postcards, right? Leaving aside the utterly boneheaded implications along those lines, this also makes just about every computer out there evidence of criminal intent — Windows, if we’re not mistaken, can make encrypted ZIP files, and OS X includes a FileVault drive-encrypting feature. Both, presumably, include methods for initiating public-key secured network connections — otherwise, every credit card you type on the net would be sent in plaintext. Go Minnesota!

Comments are closed.