Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[t'Sade]

http://www.schneier.com/blog/archives/2007/06/third_party_con.html
http://www.law.com/jsp/article.jsp?id=1179092588804
http://www.wired.com/politics/law/commentary/circuitcourt/2007/05/circuitcourt_0523

This is an interesting problems. When a police officer does a warrentless search, i.e. with someone's permission, they can basically thumb through stuff in the room, but they can't go through any locks. So, a locked chest is forbidden, but if you have it open (or even unlocked), you can't.

At least that is how I understand things.

Well, on the computer, I was told you are "locking" if you require a password. In this case, the police officers use a custom piece of software that explicitly bypasses the password and goes directly to the file. In this case, it found someone guilty of the crime, but it the big issue is, can you lock a computer with a password. Obviously, in this discussion, the majority of the judges involved said no, but I suspect this is going to make the supreme court at some point.

I feel that password-protecting your computer is a valid form of lock. With this, it points out, you probably should have a padlock on your computer too and password protect the boot process to prevent this type of invasive "snooping" without a warrent.

Frankly, I find it kind of annoying since they are basically saying "semantics, I can get in without a password, therefore it isn't locked".

[KK]

I agree, but of course German law is (once more) different here.

If the police condutcs a warrantless search with permission of the person whose premises is search, he can stop the search at any time. So the problem simply doesnt exist here.

Anyway, I agree that a password protection is a form of "lock" on a virtual level.

While physical objects require a physical lock to keep them away, it's logical that virtual objects (data) require a virtual lock (password). And from that point of view I see no difference between picking a lock or using a program to circumvent a password. Inherent to both a lock and a password is their function to prevent access to the physical or virtual objects.

[t'Sade]

In this case, it might be true since the man's father didn't know anything about computers and basically said yes without realizing the impact. So, I don't think he would have known to say no, even when they pulled the hard drive out of the case and started scanning it. I presume they did it there, since taking things from the computer would be illegal.

But, that is one of those places where it appears to be a great difference between the US and Germany.

[t'Sade]

http://blog.wired.com/27bstroke6/
http://blog.wired.com/27bstroke6/2007/06/appeals_court_s.html

Wired has a bit about how the courts say a warrant is needed to check emails. Pretty interesting read, pretty interesting blog if you are into privacy concerns.

[KK]

Good ruling.

We need warrants to access emails as well. There's a special section in our proccessual law code that deals with this. It is harder to obtain than a warrant to search a suspects "snail mail". It's only allowed when there is probable cause for a major crime AND other methods of investigation are expected to not be successful (which has to be explained in the application for the warrant).

Also, telecommunications/ISP companies commit a crime if they allow investigators access without a warrant! Essentially, they must be forced to comply with a warrant or their personnel find themselves charged with a crime more quickly than the suspect.

Btw, with a search warrant, officers are allowed to stwitch on computers and browse thru files during their search IF the warrant specifices that information can be contained in a computer (but this is routinely specified in a warrant, unless the DA was sloppy).