Each year, law enforcement seizes thousands of electronic devices — smartphones, laptops, and notebooks — that it cannot open without the suspect’s password. Without this password, the information on the device sits completely scrambled behind a wall of encryption. Sometimes agents will be able to obtain the information by hacking, discovering copies of data on the cloud, or obtaining the password voluntarily from the suspects themselves. But when they cannot, may the government compel suspects to disclose or enter their password?
This Article considers the Fifth Amendment protection against compelled disclosures of passwords — a question that has split and confused courts. It measures this right against the legal right of law enforcement, armed with a warrant, to search the device that it has validly seized. Encryption cases present the unique hybrid scenario that link and entangle the Fourth and Fifth Amendments. In a sense, this Article explores whose rights should prevail.
This Article proposes a novel settlement that draws upon the best aspects of Fourth and Fifth Amendment law: the government can compel a suspect to decrypt only those files it already knows she possesses. This rule follows from existing Fifth Amendment case law and, as a corollary to the fundamental nature of strong encryption, also represents the best accommodation of law enforcement needs against individual privacy.
This work is licensed under a Creative Commons Attribution 4.0 International License.