With shock appeals ruling, the United States has effectively outlawed file encryption

Digital key

An appeals court has denied the appeal of a person who is jailed indefinitely for refusing to decrypt files. The man has not been charged with anything, but was ordered to hand over the unencrypted contents on police assertion of what the contents were. When this can result in lifetime imprisonment under “contempt of court”, the United States has effectively outlawed file-level encryption – without even going through Congress.

Last week, a US Appeals Court ruled against the person now detained for almost 18 months for refusing to decrypt a hard drive. The man has not been charged with anything, but authorities assert that the drive contains child pornography, and they want to charge him for it. As this is a toxic subject that easily spins off into threads of its own, for the sake of argument here and for sticking to the 10,000-foot principles, let’s say the authorities instead claim there are documents showing tax evasion on the drive. The principles would be the same.

Authorities are justifying the continued detention of this person – this uncharged person – with two arguments that are seemingly contradictory: First, they say they already know in detail what documents are on the drive, so the person’s guilt is a “foregone conclusion”, and second, they refuse to charge him until they have said documents decrypted. This does not make sense: either they have enough evidence to charge, in which case they should, or they don’t have enough evidence, in which case there’s also not enough evidence to claim with this kind of certainty there are illegal documents on the drive.

In any case, this loss in the Appeals Court effectively means that file- and volume-level encryption is now illegal in the United States.

Without going through Congress, without public debate, without anything, the fuzzy “contempt of court” has been used to outlaw encryption of files. When authorities can jail you indefinitely – indefinitely! – for encrypting files out of their reach, the net effect of this is that file level encryption has been outlawed.

So were there illegal documents on the drive? We don’t know. That’s the whole point. But we do know that you can be sent to prison on a mere assertion of what’s on your drive, without even a charge – effectively for life, even worse than the UK law which will jail you for up to five years for refusing to decrypt and which at least has some semblance of due process.

The point here isn’t that the man “was probably a monster”. The point is that the authorities claimed that there was something on his encrypted drive, and used that assertion as justification to send him to prison for life (unless he complies), with no charges filed. There’s absolutely nothing saying the same US authorities won’t claim the same thing about your drive tomorrow. Falsely, most likely. The point is that, with this ruling, it doesn’t matter.

Syndicated Article
This article has previously appeared at Private Internet Access.

Rick Falkvinge

Rick is the founder of the first Pirate Party and a low-altitude motorcycle pilot. He works as Head of Privacy at the no-log VPN provider Private Internet Access; with his other 40 hours, he's developing an enterprise grade bitcoin wallet and HR system for activism.


  1. David Collier-Brown

    And it’s the all writs act, which if memory serves was one of the reasons for the US fifth amendment.

  2. David Collier-Brown

    That’s odd, half the print on this page is grey, not black, and my comment is almost completely greyed out…

  3. Anonymous

    How to get rid of that fucking U.S. government? It is like a virus on this planet.

    1. Rick Falkvinge

      Yeah, but careful what you wish for, there will always be a king of the hill. In ousting the American, would you prefer the Russian or the Chinese to take their place? Those are the current alternatives.

      1. Ninja

        It seems to me that it is easier to work to fix what the US is doing wrong than putting Russia or China at the top. Of course, ideally nobody should be at the top. If the UN worked fine and every country had its equal share of power it would be a better mechanism. As it is today (some top countries with veto powers) it’s kind of useless.

  4. Anonymous

    This has happened before, e.g. to Martin A. Armstrong (fraud charges): many years in jail just for contempt of court, before any conviction.

  5. Anonymous

    Not only that, but filling a file whose name ends in .tc with random data is now extremely dangerous – it looks like a TrueCrypt volume but you can obviously never decrypt it, so you can’t prove your innocence… (notice something else wrong with this? Prove your innocence? That’s not how justice is supposed to work…)

  6. Joe

    The question is whether or not a legal warrant was acquired based on reasonable suspicion. A warrant to search premises doesn’t require charges in advance. The same goes for access to an encrypted disk.

    1. Jon Severinsson

      > A warrant to search premises doesn’t require charges in advance. The same goes for access to an encrypted disk.

      No, the same would apply to the police trying to decrypt your disk without your cooperation. If the police gets a warrant to your safe, you don’t have to provide your code, but if you don’t provide it the authorities are free to force it open (likely causing incidental property damage in