Suppose that you want to send a message to someone that only that person can read. A mathematical process called encryption makes this possible.
Encryption scrambles the message using mathematical formulas that make the message unreadable to anyone except for someone possessing the key to "decrypt" it. Even the super-computers used by national intelligence agencies can't decipher messages created with numerous encryption programs, at least not without an exhaustive effort.
This development deeply concerns law enforcement officials around the world. And it's not surprising why: a technology now exists by which you can keep information secret, even from the government. In this age of warrantless wiretapping, ubiquitous video surveillance, and terrorist profiling, there are limits (albeit imposed by technology, not law) beyond which government cannot go.
Encryption is useful in many situations. You can encrypt an email message you send to someone to insure that only the intended recipient can read it. You can also send someone a confidential message on a CD or USB stick that only that person can decipher. You can also insure that confidential files on your personal computer can't be read by prying eyes.
This latter capability is particularly important if you travel internationally. For instance, U.S. Customs officials can seize and copy the contents of any laptop carried across a U.S. border. There's no arrest, warrant or probable cause required. (Click here to read an earlier blog entry I wrote on this development).
What happens, though, if you've taken the precaution of encrypting the contents of your laptop that Customs officials want to examine? Can they force you to reveal your "passphrase" that converts unreadable gibberish into intelligible—and potentially incriminating—text or images?
Recently, a federal judge in Vermont recently said that Customs officials don't have this right. The judge ruled that a man charged with transporting child pornography on his laptop across the Canadian border could legally refuse to disclose his encryption passphrase to prosecutors. To force him to do so, the judge ruled, would amount to forced self-incrimination. This is prohibited by the Fifth Amendment to the U.S. Constitution.
While prosecutors are appealing the decision, it sends a very important pro-privacy message. Simply encrypting the contents of your personal computer—a process made simple using programs such as Pretty Good Privacy (http://www.pgp.com) can provide a legally unassailable barrier to privacy invasion.
Incidentally, in other countries, this protection may not apply. For instance, in the United Kingdom, if police or Customs officials demand access to your laptop files, you must provide them with the passphrase. Failure to comply can result in up to a five-year prison sentence. (See this blog entry for more information.)
The message should be crystal clear. Encrypt your files. Better yet, use a program such as PGP Desktop that encrypts your entire hard disk. That way, not only will your confidential files be protected, but other data on your hard disk—e.g., not-quite-deleted files, Internet surfing logs, etc.—won't be visible, either.
Copyright © 2007 by Mark Nestmann
Comments