Decryption disclosure doesn't violate Fifth Amendment, judge rules in child porn case

Subject of investigation had claimed forced disclosure of encrypted content violated self-incrimination protections

A federal judge in Wisconsin has ordered a suspect in a child porn investigation to either provide prosecutors with the passwords to several encrypted storage devices of his that are thought to contain incriminating evidence or to provide them with a decrypted copy of the contents of the drives.

Reversing a ruling from a few weeks ago, Magistrate Judge William Callahan for the U.S. District Court for the Eastern District of Wisconsin ordered Jeffrey Feldman, a senior software development engineer at Rockwell Automation, to comply with prosecution demands for access to the contents of several hard drives seized from his residence.

In a four page ruling last week, the judge noted that prosecutors in the case had provided enough evidence to show that Feldman had access and control over the storage devices. They also have shown that they know the names of files containing child porn and the probable existence of those files on the encrypted hard drives.

So getting Feldman to decrypt the files would not give the government any information they did not already have. As a result the request for the decryption keys did not violate his Fifth Amendment protections against compelled self-incrimination, the judge ruled.

This is not the first time that someone implicated in a criminal investigation has tried to cite constitutional protections to avoid handing over decryption keys to encrypted documents. In each case, the implicated individuals have claimed that turning over the decryption keys would amount to their admitting they had control over and knowledge of the encrypted contents.

In Feldman's case, court records show that federal agents seized a total of 16 storage devices during a search of his residence in January. Nine of those devices were encrypted, making the data in them inaccessible to investigators.

The encrypted programs used to protect the data appeared to be of a kind that would lock or destroy the data if too many failed password attempts were made. FBI investigators did however discover a peer-to-peer file-sharing program on one of the devices that showed that someone had downloaded many files containing names suggestive of child pornography.

After spending four months attempting to decrypt the hard drives, the government filed a motion seeing court intervention in getting Feldman to provide access.

Judge Callahan denied the government's initial motion in April on the grounds that the request would infringe upon Feldman's Fifth Amendment protections.

In order to compel Feldman to disclose the decryption keys, the government needed to show that it already knew what the encrypted devices would contain. They would also need to show that Feldman had access to, and control over the devices that potentially contained the incriminatory evidence.

In his ruling denying the motion, the judge noted that while the government had succeeded on the first count, it had failed to show conclusively that Feldman really had access to the devices.

A few weeks later, Callahan agreed to review the ruling again at the government's request.

This time around, prosecutors provided evidence showing they had managed to decrypt a small portion of the encrypted devices. The partially decrypted devices revealed many files that appeared to contain incriminating images. Also revealed were several files containing detailed financial records and images of Feldman.

The government contended, and the judge agreed, that the contents show Feldman had access and control over the devices in question. "The encrypted storage devices were found in Feldman's residence, where he admittedly lived alone for the past 15 years," the judge wrote in his ruling.

"Significantly, the recently decrypted portion of the storage system contains personal financial documents and images clearly belonging to Feldman," the judge noted. Thus, Fifth Amendment protections are no longer available to Feldman, with respect to the devices in question.

Feldman has until June 4 to comply with the judge's order.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is

See more by Jaikumar Vijayan on

Read more about encryption in Computerworld's Encryption Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags data securitysecurityencryptionRockwell Automationdata protection

More about FBIRockwellRockwell Automation AustraliaTopic

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jaikumar Vijayan

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place