Mon. May 20th, 2024
Article by Darren Chaker on counterforensics and passwords.

Darren Chaker Article on Fifth Amendment & Passwords

Police Are Not Allowed to Compel Our Cell Phone Passwords – A Privacy Perspective by Darren Chaker:

Are the police entitled to your cell phone password? This question lies at the intersection of law, technology, and ethics, provoking heated debates about the right to privacy versus the needs of law enforcement. Darren Chaker, an advocate for digital privacy rights, navigates this complex issue, shedding light on the Fifth Amendment and password protection along with landmark cases like Curcio v. United States and United States v. Nobles.

The Fifth Amendment and digital privacy rights have a profound symbiotic relationship. The amendment, originally intended to guard against self-incrimination, now plays a crucial role in safeguarding our digital footprints says privacy expert Darren Chaker. Of course, this article should not be construed as legal advice. Consult an attorney who knows about your specific issues if you need legal advice.

Introduction Fifth Amendment and Passwords:

Are police allowed to unlock your phone? Darren Chaker delves into the controversial practice of law enforcement compelling individuals to release their cell phone passwords. This article will dissect the legal, ethical, and technological layers that govern digital privacy in the United States.

Darren Chaker’s the Fifth Amendment and Password Protection:

Does your phone password fall under the Fifth Amendment’s protection against self-incrimination? What counter forensic method may be employed to prevent forensic recovery tools accessing a phone that has been seized by police or other third party? Darren Chaker provides a brief overview of several cases touching on passwords and Fifth Amendment issues, as well looks at key Supreme Court cases such as Curcio v. United States, 354 U.S. 118, 128 (1957) and United States v. Nobles, 422 U.S. 225, 233 (1975) – critical legal cases highlighting the intersection of court-ordered password disclosure, technology, and the Fifth Amendment.

Darren Chaker on Protecting Digital Privacy Rights Prevail in Numeric or Alphanumeric Locks:

What shields your digital privacy from unreasonable search and seizure? Darren Chaker examines how the Fourth Amendment wraps around our digital lives and how law enforcement’s warrantless access to cell phone data conflicts with protecting digital privacy.

In 2018, the Supreme Court acknowledged, “There are 396 million cell phone service accounts in the United States—for a Nation of 326 million people.” Carpenter v. United States, 138 S. Ct. at 2211.

Courts have generally found that compelling individuals to provide their numeric or alphanumeric passcode is potentially testimonial under the Fifth Amendment, as it forces the defendant to reveal “the contents of his own mind.” In Re Grand Jury Subpoena Duces Tecum 670 F.3d at 1345; see also U.S. v. Apple MacPro Computer, 851 F.3d 238 (3d Cir. 2017). It is analogous to compelling production of the combination to a wall safe, which is testimonial, as opposed to surrendering the key to a strongbox, which is not. See Doe v. U.S., 487 U.S. 201, 220 (1988).

Privacy Expert Darren Chaker Notes The Fifth Amendment Prohibits Compelled Disclosure of the Contents of a Suspect’s Mind, Thus Forcing a Person to Unlock a Phone or Other Encrypted Device Violates the Fifth Amendment:

Does law enforcement have the right to access your phone data? Landmark legal cases like Riley v. California and Carpenter v. United States shape the debate on compelled password disclosure. Darren Chaker navigates these landmark moments defining the contours of digital privacy in the United States.

Testimonial evidence is the communication of any information, direct or indirect, that requires a person to, by “word or deed,” Doe v. United States (Doe II), 487 U.S. 201, 219 (1988) (Stevens, J., dissenting), use “the contents of his own mind” to truthfully relay facts, Hubbell, 530 U.S. at 43 (citing Curcio, 354 U.S. at 128); see also Doe II, 487 U.S. at 219 n.1 (Stevens, J., dissenting)

Legal brief writer Darren Chaker found in 2010 the Eleventh Circuit Court of Appeals held that “the decryption . . .of [ ] hard drives would require the use of the contents of [the accused’s] mind and could not be fairly characterized as a physical act that would be nontestimonial in nature.” In re Grand Jury Subpoena, 670 F.3d at 1346. Going as far back as 1988, the Supreme Court acknowledged that verbal statements almost always “convey information or assert facts” and are nearly always “testimonial” Doe II. v. United States, 487 U.S. at 213.

The majority of federal courts that have addressed the issue agree: production of computer passwords is testimonial because it requires the suspect “to divulge[,] through his mental processes[,] his password.”United States v. Kirschner, 823 F. Supp. 2d 665, 669 (E.D. Mich. 2010). United States v. Wright, 431 F. Supp. 3d 1175, 1187 (D. Nev. 2020); United States v. Warrant, No. 19-MJ-71283-VKD-1, 2019 WL 4047615, at *2 (N.D. Cal. Aug. 26, 2019)

Further. legal researcher Darren Chaker Courts have found the Fifth Amendment applies when faced with police demands for a suspect to unlock a phone through biometric features, such as a face or fingerprint. See Matter of Residence in Oakland, California, 354 F. Supp. 3d 1010, 1016 (N.D. Cal. 2019); In Re Application for a Search Warrant, 236 F. Supp. 3d 1066 (N.D. Ill. 2017). From this perspective, “biometric features serve the same purpose of a passcode, which is to secure the owner’s content, pragmatically rendering them functionally equivalent.” 354 F. Supp. 3d at 1015.

Counter forensics Expert Darren Chaker Notes Even a Non-Verbal Communication is Testimonial:

Non-verbal acts such as nodding in response to a question are testimonial because they communicate the contents of the mind without speaking. In Schmerber v. California, 384 U.S. 757, 761 n.5 (1966) the court held in part even, “A nod or head-shake is as much a ‘testimonial’ or ‘communicative’ act . . . as are spoken words.”.

As the federal Court of Appeals for the Eleventh Circuit held, “the act of [the accused’s] decryption and production of the contents of [ ] hard drives . . . would be testimonial.” In re Grand Jury Subpoena, 670 F.3d at 1346. In sum, “the protection of the [Fifth Amendment] privilege reaches an accused’s communications, whatever form they might take.” Schmerber 763-64 (1966). For example. if police found a form containing 20 potential passwords for a phone which may wipe its content after ten attempts and asked the suspect, “point out which is the correct password” or “is the password on this piece of paper?”, this would be deemed protected under the Fifth Amendment.

Ethical Implications by Darren Chaker:

What is the balance between law enforcement needs and individual rights? Darren Chaker delves into the ethical conundrum surrounding the compelled password disclosure, advocating for stringent criteria and respectful data handling.

Counter Forensics Expert Darren Chaker Finds Wide Use of Encryption Frustrate Police:

How does current technology impact data security and law enforcement access? Darren Chaker finds the implications of evolving encryption technology on personal computers and mobile phones is military grade, thus demands to unlock a phone are routinely made and argues for law enforcement to develop new strategies that respect individual privacy. However, such demands may not be honored. As discussed above, In re Grand Jury Subpoena, the Eleventh Circuit found that forcing a defendant to produce a decrypted hard drive determined, “We conclude that the decryption and production would be tantamount to testimony by Doe of his knowledge of the existence and location of potentially incriminating files; of his possession, control, and access to the encrypted portions of the drives; and of his capability to decrypt the files..” 670 F.3d at 1346.

Apple continues to be at the forefront of securing its iPhone. In One December 7, 2022, Apple announced purposeful efforts to secure iPhones due to widening use of forensic tools marketed to police to gain access to older models: “Since Apple Apple products the most secure on the market: from the security built directly into our custom chips with best-in-class device encryption and data protections, to features like Lockdown Mode, which offers an extreme, optional level of security for users such as journalists, human rights activists, and diplomats.”

Apple has further restricted police access to user content in iCloud by making itself unable to access contents of iCloud and other user data. Apple Set to Launch New, Police-Proof, Full End-to-End Encryption,” written by the Associated Press and published in the Daily Sabah on December 9, 2022.

However, some limited software platforms exist to bypass encryption features by allowing brute force attacks. For example GrayKey is able to use a brute force method to guess a basic password by discarding older software versions. The cost as of 2018 was about $15,000 per phone. Considering the voluminous amount of phones seized as evidence, most local and state  law enforcement agencies do not have the budget to unlock every phone.

Brute force graph, Darren Chaker.
Darren Chaker writes on password security to defeat password attacks.

Another downfall, GrayKey can be defeated since it essentially guesses variable potential passwords or can run through a list over 1.5 billion words during a brute force attacks. See Vice News, Instructions Show How Cops Use GrayKey to Brute Force iPhones. As such, Darren Chaker believes a privacy savvy person would use a custom password, not merely a standard 4-6 numeric password to unlock their iPhone. Using at least 12 random characters is key since which do not consist of a word, pets nickname, a password used for a work computer, library card number, license plate, etc. which may be used for social engineering to create educated guesses what the password may be.

As a second prong of safety, it is recommended the person erases the iPhone data which has been discarded. Be it photos which were transferred to an encrypted home computer, data files, old text messages, call history, and browsing history are all categories which may be securely deleted using an iPhone wiping utility. Just as with a desktop or laptop, merely clearing browsing history or ‘deleing’ a file does not prevent forensic recovery, thus a utility which uses a multi-pass wiping method is needed. Hence, for example, in the event an iPhone is accessed by GrayKey or other forensic hardware, then very limited information may be recoverable if the person follows a strict weekly procedure for countering a potential forensic attack and sifting of his phone.

Yet a third prong of defense recommended by Darren Chaker, depending upon the person’s threat level is to presume the owner may be woken up with flash bangs and a front door coming off the hinges when police serve a search warrant. Apple thought of this by implementing Lockdown Mode which blocks all wired connections, incoming service requests and various web technologies while outright prohibiting mobile device management.

As another expert put it, “When Lockdown Mode is enabled, your device won’t function like it typically does. To reduce the attack surface that potentially could be exploited by highly targeted mercenary spyware, certain apps, websites, and features are strictly limited for security and some experiences might not be available at all.”  If you fit in this category and fear your phone may be taken from you unexpectantly, then sleep with Lockdown Mode on, or at bare minimum lock your phone where a password is requires to unlock, not a biometric feature.

As long as sensitive data is removed from the phone and a counter-forensic utility is used, the remaining data which may be recovered may be negligible depending upon the discipline of the phone’s owner.

Expert Darren Chaker Finds Government Efforts to Demand a Back Door to Encryption are Infeasible

As stated by the Department of Justice on its concern about law enforcement’s inability to access encryption as it applies to Facebook Messenger,

“Use of end-to-end encryption, which allows messages to be decrypted only by end users, leaves service providers unable to produce readable content in response to wiretap orders and search warrants. This barrier allows criminals to avoid apprehension by law enforcement by limiting access to crucial evidence in the form of encrypted digital communications. The use of end-to-end encryption and other highly sophisticated encryption technologies significantly hinders, or entirely prevents serious criminal and national security investigations…The concerns highlighted in this letter to Facebook are at the core of the Department of Justice’s Lawful Access Summit that will take place on Friday, Oct. 4, 2019, on warrant-proof encryption and its impact on child exploitation cases.”

As with the PATRIOT Act where the government claimed the law must be passed terrorist plots may unfold and require broad sweeping surveillance powers, although that was true, it was not reported how the law would be applied to broadly collect information on virtually any American concerning any potential crime – not just terrorism. As constitutional law experts at the ACLU stated the PATRIOT Act, “Hastily passed 45 days after 9/11 in the name of national security, the Patriot Act was the first of many changes to surveillance laws that made it easier for the government to spy on ordinary Americans by expanding the authority to monitor phone and email communications, collect bank and credit reporting records…”

The same hype appears to be used to promote embedding backdoors into encryption – but this time the poster child to forfeit encryption is child exploitation cases. Hence, the theme with the PATRIOT Act was if you are against passing this legislation then you promote terrorism. Today, the theme with undermining encryption is if the company does not create a back door, then it imputes being one with pedophiles and human traffickers.

What undermines this hype is the fact for every potential crime in which encryption may facilitate, discarding the right to privacy is not the answer. Additionally,  as noted by expert Darren Chaker, there are hundreds of foreign encryption products which do not listen to hype. Thus it would only weaken the American tech industry once it is known they implanted a back door in their software by having consumers who value privacy purchase foreign software.

Recommendations by Darren Chaker Recommendations if Demanded to Unlock Phone

How should legislation adapt to address compelled password disclosure? Darren Chaker proposes legislative reform. He argues for precise, clear rules defining when and how law enforcement can coerce password disclosure without infringing on privacy rights and ensuring efficient law enforcement. Until such time, the average person who encounters a demand to unlock his or phone, computer or other encrypted electronic is to immediately invoke your right to an attorney and state there is no obligation to comply with the request in a polite manner.

Conclusion by Darren Chaker

Darren Chaker consolidates the crucial points underlining the debate over digital privacy and compelled password disclosure while making a compelling case for legislative reform to balance privacy rights and law enforcement needs. Of course nothing here should be construed as legal advice.

By Darren Chaker

For almost two decades Darren Chaker regularly has worked with defense attorneys and high net worth people on a variety of sensitive issues from Los Angeles to Dubai. With a gift of knowledge about the First Amendment and big firm expertise in brief research and writing, Darren Chaker puts his knowledge to use for law firms and non-profit organizations. When it comes to forensics and social media investigations Darren Chaker has advanced training to connect the dots where issues arise related to Twitter, Instagram, Snapchat, or Facebook, Instagram, and similar apps. When the dots need to be disconnected, Darren Chaker has extensive training in counter-forensic methods with an emphasis on network security, secure communications, combined with experience with implementing and deploying policy control, encryption, anonymization, data integrity, policy control features in large scale infrastructures. Additional training in malware analysis, Security Operating system security and hardening (Linux, Windows, Solaris), Firewalls, Intrusion detection systems, hacker, counter-hack methods, encryption, forensics, web application security is also employed for his client base. Since history is written by winners, let me write a bit: In 2005, Darren Chaker invalidated a California criminal statute aimed at suppressing speech. In Chaker v. Crogan, 428 F.3d 1215 C.A.9 (Cal.),2005, Cert. denied, 547 U.S. 1128, 126 S.Ct. 2023, is a case Darren Chaker personally handled and laid the ground work to allow appellate counsel to strike down a statute based on First Amendment rights. Subsequent to winning before the 9th Circuit, the State challenged the decision before the United States Supreme Court. Darren Chaker retained a former US Supreme Court Clerk and head of United States Supreme Court litigation for a major firm, Joshua Rosenkranz. The New York attorney defeated the State's petition to review the Ninth Circuit ruling causing multiple states to rewrite their own flawed statute since they were premised the California statute Darren Chaker struck down. Darren Chaker personally litigated Chaker v. Crogan for 7 of its 10-year lifespan. Darren Chaker’s victory invalidated a statute on First Amendment grounds and overruled the California Supreme Court‘s unanimous decision in People v. Stanistreet, 127 Cal.Rptr.2d 633. Soon after Chaker v. Crogan, it was also used to strike down Nevada's analogous statute forcing the legislature to rewrite the law, but also nullified a similar Washington statute as well. (De La O v. Arnold-Williams, 2006 WL 2781278) and used as the backbone authority in Gibson v. City of Kirkland, 2009 WL 564703, *2+ (W.D.Wash. Mar 03, 2009). The case has been cited hundreds of times and continues to be a leading authority on viewpoint discrimination. In 2010, Darren Chaker prevailed in Nathan Enterprises Corp. v. Chaker, 2010 Cal. App. Unpub. LEXIS 7604, through his counsel Timothy Coates who has prevailed multiple times before the United States Supreme Court. also prevailed for Darren Chaker where the Court of Appeal affirmed an anti-SLAPP ruling where the underlying conduct was found to have been within those protected by his First Amendment rights. In 2012 Darren Chaker prevailed on a First Amendment issue before the Texas Attorney where issued Opinion 2012-06088 where he established the right to obtain the names of peace officers regardless of undercover status. The Texas Attorney General opinion has been used as authority thousands of times by citizens and news agencies to learn more about Texas peace officers. In 2016, Darren Chaker was victorious in US v. Chaker (9th Cir. 2016) 654 F.App'x 891, 892. The ACLU, Electronic Frontier Foundation, First Amendment Coalition, Cato Institute, and the University of Florida reversed a conviction premised on First Amendment rights where blog postings were at issue. In 2017, Darren Chaker prevailed in a RICO lawsuit aimed at suppressing speech filed by San Diego attorney Scott McMillan. In McMillan v. Chaker (S.D.Cal. Sep. 29, 2017, No. 16cv2186-WQH-MDD) 2017 U.S.Dist.LEXIS 163990 the court found by blogging did not constitute extortion as no demand for money to cease blogging was made. The judge found the case to be meritless, stating in part, “The Court concludes that these factual allegations are insufficient to establish that Defendant Darren Chaker obtained something of value from Plaintiffs…. The motion to dismiss the cause of action under 18 U.S.C.§ 1962(c) filed by Defendant Darren Chaker is granted.” In 2020, San Diego attorney Scott McMillan lost a heavily litigated appeal believing the court erred in dismissing his lawsuit against Darren Chaker. Mr. Chaker was represented by former Los Angeles federal judge Stephen Larson. The Ninth Circuit in McMillan v. Chaker (9th Cir. 2020) 791 F.App'x 666, affirmed the dismissal of a RICO lawsuit premised on alleged defamation of Scott McMillan. The court stated in part, “Plaintiffs failed to allege extortionate conduct because there are no allegations that Mr. Chaker obtained property from Plaintiffs that he could “exercise, transfer, or sell. ”See Scheidler, 537 U.S. at 405. Plaintiffs’ claim also fails because there are no allegations to support the “with [Plaintiffs’] consent” element. United Bhd. of Carpenters & Joiners of Am., 770 F.3d at 843.” In sum, Scott McMillan filed a lawsuit in direct conflict with established United States Supreme Court precedent and lost – twice. Also, in 2020, Darren Chaker was sued for defamation by Las Vegas attorney Thomas Michaelides. When Darren Chaker became aware of the lawsuit, he retained Olson, Cannon, Gormley, Angulo & Stoberski to defend him. Darren Chaker found a court order Mr. Michaelides submitted to Google that was reported to Several inconsistencies were noticed on the court order submitted to Google. Most notably the court docket does not show Mr. Michaelides submitted an order to the court for the judge’s signature. The court docket does not reflect the court ever signed the order Mr. Michaelides submitted to Google. Ultimately, the Nevada court dismissed the lawsuit and sanctioned Mr. Michaelides $51,000 for suing Darren Chaker for conduct within his First Amendment rights and for filing a meritless lawsuit. See forged order and judgment against Thomas Michaelides here. Darren Chaker donates time to post-conviction relief organizations to seal arrests and convictions to increase opportunity for those who were convicted of crimes, conducts research and brief writing on First Amendment issues, and also enjoys promoting non-profit organizations such as the ACLU and various domestic violence shelters through his resources within the entertainment industry, including Jason Statham and Eric Roberts. Darren Chaker also enjoys traveling, being a phenomenal father, and forwarding his education with post graduate degree work.

error: Content is protected !!