It would also be nearly impossible to prevent the government from secretly using the key database to aid mass surveillance efforts such as those exposed by Edward Snowden.
161, Items 12 and 28 grant police with a magistrate's order the wide-ranging power to require "a specified person to provide any information or assistance that is reasonable and necessary to allow the officer to "access computer data that is "evidential material"; this is understood to include mandatory decryption.
"[7] The Loi du 28 novembre 2000 relative à la criminalité informatique (Law on computer crime of 28 November 2000), Article 9 allows a judge to order the authorities to search the computer systems and telecommunications providers to provide assistance to law enforcement, including mandatory decryption, and to keep their assistance secret; but this action cannot be taken against suspects or their families.
Loi no 2001-1062 du 15 novembre 2001 relative à la sécurité quotidienne, article 30 (Law #2001-1062 of 15 November 2001 on Community Safety) allows a judge or prosecutor to compel any qualified person to decrypt or surrender keys to make available any information encountered in the course of an investigation.
[21] The German Code of Criminal Procedure grants a suspect the right to deny cooperation in an investigation that may lead to incriminating information to be revealed about themselves.
For private usage is no legal basis that would compel a suspect to hand over any kind of cryptographic key due to this nemo tenetur principle.
Section 7(4)(b) of the Criminal Justice (Offences Relating to Information Systems) Act 2017 allows a member of the Garda Síochána or other persons as deemed necessary (via a search warrant issued by a judge of the District Court (Section 7(1))) to demand the disclosure of a password to operate a computer and any decryption keys required to access the information contained therein.
(iii) to produce the information in a form in which it can be removed and in which it is, or can be made, visible and legible.As of 2016[update] New Zealand Customs was seeking power to compel key disclosure.
[26] Although New Zealand may not have a key disclosure law, they have since enforced penalties against travelers unwilling to unlock mobile devices when compelled to do so by officials.
provides means of protecting against self-incrimination, including lack of penalization for refusing to answer any question which would enable law enforcement agencies to obtain access to potential evidence, which could be used against testifying person.
[28] Under the RICA Act of 2002, refusal to disclose a cryptographic key in one's possession could result in a fine up to ZAR 2 million or up to 10 years' imprisonment.
The proposed legislation would allow police to require an individual to disclose information, such as passwords and cryptographic keys, during searches.
The provision was first used against animal rights activists in November 2007,[37] and at least three people have been prosecuted and convicted for refusing to surrender their encryption keys,[38] one of whom was sentenced to 13 months' imprisonment.
[40] In 2017, schedule 7 of the Terrorism Act 2000 was used to charge Muhammad Rabbani with "wilfully obstructing or seeking to frustrate a search examination" after allegedly refusing to disclose passwords.
[42] In 2018, Stephen-Alan Nicholson, the prime suspect in a murder case, was charged with refusing to provide his Facebook password to police.
"[45][46] In another case, a district court judge ordered a Colorado woman to decrypt her laptop so prosecutors can use the files against her in a criminal case: "I conclude that the Fifth Amendment is not implicated by requiring production of the unencrypted contents of the Toshiba Satellite M305 laptop computer," Colorado U.S. District Judge Robert Blackburn ruled on January 23, 2012.
[47] In Commonwealth v. Gelfgatt,[48] the court ordered a suspect to decrypt his computer, citing exception to Fifth Amendment can be invoked because "an act of production does not involve testimonial communication where the facts conveyed already are known to the government...".
[52] One company, Lavabit, chose to shut down rather than surrender its master private keys due to the government wanting to spy on Edward Snowden's emails.
A technical report was written and published by MIT Computer Science and Artificial Intelligence Laboratory, where Ronald Rivest, an inventor of RSA, and Harold Abelson, a computer science professor at MIT with others, explain the technical difficulties, including security issues that arise from the regulation of encryption or by making a key available to a third party for purposes of decrypting any possible encrypted information.
[53] In 2019, the Pennsylvania Supreme Court, in a ruling that only controls for that state's law, held that a suspect in a child pornography case could not be compelled to reveal his password, despite telling the police "We both know what's on there.