[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FYI] (Fwd) DoJ cybercrime manual covers PDAs, encryption, secret se
- To: debate@fitug.de
- Subject: [FYI] (Fwd) DoJ cybercrime manual covers PDAs, encryption, secret se
- From: "Axel H Horns" <horns@ipjur.com>
- Date: Fri, 12 Jan 2001 19:12:30 +0100
- Comment: This message comes from the debate mailing list.
- Organization: NONE
- Sender: owner-debate@fitug.de
------- Forwarded message follows -------
Date sent: Fri, 12 Jan 2001 10:12:25 -0500
To: cryptography@c2.net
From: Declan McCullagh <declan@well.com>
Subject: DoJ cybercrime manual covers PDAs, encryption, secret searches
*******
See: http://www.cybercrime.gov/searchmanual.htm
*******
http://www.wired.com/news/politics/0,1283,41133,00.html
The Feds'll Come A-Snoopin'
by Declan McCullagh (declan@wired.com)
2:00 a.m. Jan. 12, 2001 PST
WASHINGTON -- Ever wonder how much leeway federal agents have when
snooping through your e-mail or computer files?
The short answer: a lot.
The U.S. Department of Justice this week published new guidelines
for police and prosecutors in cases involving computer crimes.
The 500 KB document includes a bevy of recent court cases and
covers new topics such as encryption, PDAs and secret searches.
It updates a 1994 manual, which the Electronic Privacy Information
Center had to file a Freedom of Information Act request to obtain.
No need to take such drastic steps this time: The Justice
Department has placed the report on its cybercrime.gov site.
[...]
SECRET SEARCHES: Call it the latest trend in law enforcement:
Surreptitious breaking-and-entering of homes and offices.
In one recent secret-search case related to computers, the feds
sneaked into the office of Nicodemo S. Scarfo, the son of
Philadelphia's former mob boss, who allegedly ran a loan shark
operation in north New Jersey. Once there, they secretly installed
software to sniff Scarfo's PGP passphrase so they could decrypt
his communications.
Civil libertarians argue secret searches are unconstitutional.
"Sneak-and-peek searches may prove useful in searches for
intangible computer data. For example, agents executing a
sneak-and-peek warrant to search a computer may be able to enter a
business after hours, search the computer, and then exit the
business without leaving any sign that the search occurred," the
Justice Department says.
The DOJ argues that secret searches are permissible, despite rule
41(d) of the Federal Rules of Criminal Procedure, which requires
agents to notify the person whose home or office has been broken
into. But the document admits that courts have "struggled" to
reconcile this idea with the U.S. Constitution's privacy
guarantees.
To clear up any doubt, in mid-1999 the Justice Department proposed
legislation that would let police obtain surreptitious warrants
and "postpone" notifying the person whose property they entered
for 30 days.
After vocal objections from civil liberties groups, the
administration backed away from the controversial bill. In the
final draft of the Cyberspace Electronic Security Act submitted to
Congress, the secret-search portions had disappeared.
[...]
ENCRYPTION: The manual doesn't address whether a criminal
defendant can be compelled to give up his passphrase to allow
prosecutors to decrypt his files.
But it does give one good reason to use useful software like
PGPdisk (available for free at pgpi.com) that can create an
encrypted hard drive partition that requires a passphrase to
access.
Under current law, anyone with access to the computer you use --
including your spouse -- can allow the feds to search it without a
warrant. (Unless your files are stored on a remote computer on a
network, in which case it gets more complicated.)
But if your files are encrypted, you might be better off. "It
appears likely that encryption and password-protection would in
most cases indicate the absence of common authority to consent to
a search among co-users who do not know the password or possess
the encryption key," the Justice Department says.
[...]
------- End of forwarded message -------