No. 953213
UNITED STATES OF AMERICA,
APPELLEE
v.
CHARLES F. WOODBURY,
APPELLANT
A number of the messages transmitted on the second line were encrypted with "Cypherpunks Labs Automated Messenger 3.01" (CLAM), a computerized encryption program using a 128-bit key to encode electronic documents. Use of such a powerful encryption scheme or possession of files encrypted by such a scheme is criminalized under the Cryptography Control Act of 1995 ("CCA" or "Act"), unless a copy of the decoding key is filed with a Government escrow agency. CCA 10(a),(b). The key used to encrypt the messages sent over the second line was not on file with Government key escrow agencies when they attempted to decrypt those messages, and subsequent attempts to crack the cipher without the key failed.
Using the manifestly weak evidence of narcotics trafficking gathered from line one, and the presence of encrypted documents without a filed key on line two, the DEA obtained a warrant to search Woodbury's home. The police were not able as a result of the search to link Woodbury to drug-related crimes, and he was cleared of those charges by the jury at trial. However, the Government's seizure of Woodbury's personal computer turned up a number of files encrypted with CLAM. No evidence has been presented as to the dates of the files' origin and encryption. Nevertheless, Woodbury was convicted by the trial court of violations of the CCA for using strong encryption without having a key on file with the Government. The United States Court of Appeals for the Thirteenth Circuit affirmed that conviction, and Woodbury appeals to this Court.
While much of the discussion of key escrow provisions has rightly focused on the Fourth Amendment and general privacy interests, see Section II, infra; see also, Christopher E. Torkelson, The Clipper Chip: How Key Escrow Threatens to Undermine the Fourth Amendment, 25 Seton Hall L. Rev. 1142 (1995); Charlene L. Lu, Note: Seeking Privacy in Wireless Communications: Balancing the Right of Individual Privacy with the Need for Effective Law Enforcement, 17 Hastings Comm/Ent L.J. 529 (1995), there are also insurmountable hurdles posed by the First Amendment to the mandatory key escrow scheme established by the CCA. A challenge to the CCA as substantially overbroad is in order, as it regulates speech on the basis of its content, has a significant effect on associational rights, and regulates the manner of speech. With the establishment of a facial overbreadth challenge, Mr. Woodbury may assert his own rights and those of others who will be brought within the truly sweeping character of this statute. See, e.g., Board of Airport Commissioners v. Jews for Jesus, Inc., 482 U.S. 569 (1987). The CCA has a constitutionally unacceptable chilling effect on the speech of all users of cryptography for whom there is not even probable cause to suspect any illegal activity. The constitutional interests we assert here are of course to be balanced against state interests. But this Court requires that Government action burdening speech on the basis of its content meet strict scrutiny -- serving compelling state interests, and being narrowly tailored to serve those interests. If speech mixed with conduct is involved, a slightly different test (set forth particularly in Section I.A.2., infra) is imposed, but the protection of the underlying speech still requires that the least restrictive alternative be followed to accomplish the Government's objective. United States v. O'Brien, 391 U.S. 367, 376 (1968). Although the interest asserted by the United States in preventing crime is undoubtedly compelling, the means used under the CCA are not tailored in any sense. By reaching all uses of cryptography, the CCA trods all over the First Amendment.
A. The CCA is Substantially Overbroad.
When a statute reaches both constitutionally protected speech and speech alleged to be without such protection, it is overbroad and subject to facial invalidation. Board of Airport Commissioners, 482 U.S. at 474. While the standing doctrine generally holds that a party before a court may only invoke her own rights, not those of another, overbreadth is an exception to that requirement designed to protect First Amendment interests. See Brockett v. Spokane Arcades, Inc., 472 U.S. 491, 502 (1985) (citing United States v. Raines, 362 U.S. 17, 21 (1960)); see generally Allen v. Wright, 468 U.S. 737 (1984). Decisions of this Court have indicated that the overbreadth must be "substantial," but where pure speech, associational rights, or time, place and manner restrictions on expressive conduct are involved, that requirement is met. Broadrick v. Oklahoma, 413 U.S. 601, 612 (1973). Because the CCA is not in any way subject to a narrowing construction limiting it to a constitutional scope, see id. at 613, an overbreadth challenge is appropriate here. Thus, even were this Court to find that the CCA is constitutionally applicable to Mr. Woodbury, it must consider the rights of other parties reached by the sweeping character of the statute. Overbreadth analyses of a statute consider both the asserted rights on the party before the court and those other parties who may be fairly swept within the reach of the statute "because of judicial prediction or assumption that the statute's very existence may cause others not before the court to refrain from constitutionally protected speech or expression." Id. at 612.
Sections 1 and 2 below illustrate that the overbreadth doctrine under the Broadrick test applies here because the CCA's restrictions on speech are content-based, demanding strict scrutiny of its provisions. Section 3 shows that even if this Court finds that the CCA restricts only conduct associated with speech, the Broadrick test still requires the overbreadth analysis. Section 4 presents three paradigmatic cases to illustrate the CCA's clearly unconstitutional burden on speech interests besides Mr. Woodbury's.
The CCA requirement that a key be filed with the Government for
possible use in the future is only applicable to a person when
encryption is in fact used. CCA, 10. This may seem to be an attempt
to avoid overreaching in the regulation of encryption, but in fact has
the insidious effect of making the act of filing a key a statement
that the person has documents important enough to use strong
cryptography. See also Section II.C, infra (arguing that the escrow
requirement interferes with the development of an expectation of
privacy); Section III.A, infra (arguing that it requires individuals
to reveal that they have something they wish hidden); cf. Fed.
R. Evid. 801(a) (defining "statement" as an oral or written assertion,
or nonverbal conduct if intended by a person as an assertion). Even
more significantly than if such a statement were required to be made
to a private party, this required disclosure must be made to the
Government. There is no question that regulatory burdens such as
reporting requirements may be placed on business information in this
context, see e.g., Schaumburg v. Citizens for a Better Environment,
444 U.S. 620 (1980); Secretary of State of Maryland v. Joseph
H. Munson Co., 467 U.S. 947 (1984), but in the case of private
individuals, such demands are patently unconstitutional unless
narrowly tailored to serve a compelling state interest. "Mandating
speech that a speaker would not otherwise make necessarily alters the
content of the speech...[and is] a content-based regulation of
speech." Riley v. National Federation of the Blind, 487 U.S. 781, 795
(1988).
2. CCA Fails to Pass Constitutional Muster Under the Strict
Scrutiny Standard, Particularly in Its Utter Absence of Any Tailoring
to the Asserted Government Interest.
Content-based restrictions on speech are "subject to exacting First
Amendment scrutiny." Id. at 798. This requires both a compelling
state interest, and narrow tailoring of the means used to further that
interest. See, e.g. Simon & Schuster v. New York State Crime Victims
Board, 502 U.S. 105 (1991). In its case against Mr. Woodbury, the
Government asserts its incontestably compelling interest in preventing
crime. But it makes no showing whatsoever as to how this Act is
tailored to protect speech interests, let alone narrowly so. Indeed,
the CCA is not tailored at all -- it applies to every person in the
country who chooses to use cryptography, regardless of whether the
Government even has reason to suspect that person is using
cryptography to commit a crime. Because the CCA chooses to chill
speech through a content-based regulation, without even attempting to
limit its scope so mandatory key escrow carefully furthers the
asserted goal of crime prevention, it must be struck down.
3. Even if the Key Escrow Provisions Do Not Reach Pure Speech,
Overbreadth Review is Still Appropriate.
It is settled constitutional doctrine that the applicability of
overbreadth analysis does not completely depend upon the reaching of
"pure speech." Broadrick, 413 U.S. at 615. The "speech-conduct" mix
is enough, but requires that "the overbreadth of a statute must not
only be real, but substantial as well, judged in relation to the
statute's plainly legitimate sweep." Id. We concede that the Act may
be tailored so as to be constitutional -- it may certainly be applied
against those who have in some sense forfeited many rights, such as
convicted felons, see infra Section I.B.2. -- but the language of the
statute and intent of the Congress is so far beyond that narrow
category that the overbreadth here is plainly substantial.
The key and the document encrypted are constitutionally protected as
pure speech, but if this Court finds that they are separable, it
should apply the test adopted in O'Brien to determine whether the
regulation that affects speech but claims to do so on grounds other
than regulating the content of the speech should nonetheless be struck
down. In O'Brien, this Court required that the action taken be within
the constitutional power of the Government, that it further an
important Government interest unrelated to the freedom of expression,
and that it be "no greater than is essential to the furtherance of
that interest." O'Brien, 391 U.S. at 376. In sweeping every citizen
who wishes to use strong cryptography for whatever reason under its
tentacles, the CCA fails the narrow tailoring prong of the O'Brien
test.
4. The CCA Is Overbroad Because It Chills Unquestionably Protected, and
Even Privileged Speech, as Shown By Three Paradigmatic Cases
Three examples, before this Court because of the substantial
overbreadth of the statute, best illustrate the unconstitutional
unacceptability of the Government's strategy here. First are the
run-of-the-mill users of cryptography who wish to connect their
computers to the Internet while keeping personal papers private from
potential intruders -- intruders who would have access to exactly the
type of computing power that could break weaker cryptography. See
generally James Fallows, An Outlaw in Cyberspace, N.Y. Times, Feb. 4,
1996, sec. 7, p. 14 (reviewing three recent books on the extensive
hacking activities of Kevin Mitnick). Second is a group subject to
harassment that wants to keep its membership list and internal memos
secret, asserting the associational and anonymity rights of its
members, fearing reprisal from the Government or from private parties.
See NAACP v. Alabama ex rel. Patterson, 357 U.S. 449 (1958). Third
are lawyers and clients who wish to ensure the confidentiality of
their communications. See Trammel v. United States, 445 U.S. 40, 51
(1980) ("The attorney-client privilege rests on the need for the
advocate and counselor to know all that relates to the client's
reasons for seeking representation if the professional mission is to
be carried out.") Each of these groups has a desire to encrypt files
that is entirely unrelated to any criminal purpose, and has the need
for strong encryption because of the interest of both Government
entities and private parties in accessing the data they wish to keep
private. The CCA forbids the use of strong encryption to all of them,
unless they accept the Government's attempt to compel the statement
that they have data important enough for strong encryption's use.
This would have a plainly unconstitutional chilling effect on speech
in each of the three cases, thus violating the First Amendment.
Cf. Fisher v. United States, 425 U.S. 391, 420 (1976) (Brennan, J.,
concurring) (analogizing chilling effect of requiring exposure of
private papers to that of exposure of private thoughts).
Particular instances of violation of speech rights will be covered in
subsequent sections, but it is important to reiterate here the truly
extensive character of the CCA. It contains no exceptions for
encryption of any type of communication otherwise privileged, and
specifically bars the use of technological means to attempt to protect
that privileged communication absent the provision of the means to
decrypt the communication to the Government. CCA, 10(a). This
implicates general privacy rights protected in part under the First
Amendment, see Stanley v. Georgia, 394 U.S. 557 (1969), though more
generally under the Fourth, see Section II, infra, and also reaches
core First Amendment speech interests in the cases set forth here. By
reaching these matters while allowing no means for exception from the
licensing requirements of the Act, the CCA is facially overbroad and a
violation of the First Amendment.
Although the general analysis under overbreadth provides a proper
background for the Court in making its decision, it will also be
helpful to consider the particular elements of the claim as separate
constitutional doctrines, each recognized by this Court in past cases,
and to address the legally flawed claims of the Thirteenth Circuit.
B. The CCA Compels the Speech of All Users of Cryptography.
1. Consideration of a Compelled Speech Claim is Appropriate.
The Thirteenth Circuit erroneously concluded that Mr. Woodbury's
compelled speech claim was not justicable because he had not complied
with the escrow requirements of the statute. Slip op. at ____.
Because of the substantial overbreadth of the CCA, his claims are not
limited by his lack of compliance. Broadrick, supra; Slip op. at ____
(Axsmith, J., dissenting). This Court must thus consider the claim as
if raised by a party who complied with all the provisions of the
statute. See Section I.A, supra.
2. The CCA Compels the Speech of Mr. Woodbury and All Subject to the Act.
As explained above, the escrowing of a key makes a statement to the
Government that the person filing possesses a document that they wish
to keep secret through strong encryption. Thus, filing a key under
the CCA is communicative action: it declares that the registrant
possesses an encrypted document, has used encryption techniques, or is
about to do so. In compelling this speech, the Government forces the
individual to alter the contents of the document that would otherwise
have been protected to account for the possibility of interception.
Interception and decryption would of course be most likely by the
Government, but by requiring that a key be transmitted to the
Government, the CCA also increases the risk that the key itself could
be intercepted by a private party and used to decrypt documents.
The Thirteenth Circuit attempts to avoid the conclusion that speech is
compelled in this case by analogizing this claim to the requirement
that drivers carry a license identifying them. But driving is not a
constitutional right, and necessarily directly implicates the rights
and lives of others. The encryption of private speech does not in any
way have the broad import that the requirement that a drivers license
be carried does. A proper analogy using the driver's license would be
presented if license required to be carried contained a transmitter
that at all times broadcast the position of the driver and the
possessions in the car. Such a requirement would be patently
unconstitutional.
Another, more appropriate use of the Thirteenth Circuit's driver's
license analogy would be to point out that the CCA is, in effect, a
licensing scheme requiring those who wish to truly ensure the privacy
of their communications and personal thoughts to allow the possibility
of Government decryption at a time unknown to them. Government
licensing schemes have been a deep concern of this Court and of the
development of free speech in Anglo-American law. See, e.g., City of
Lakewood v. Plain Dealer Publishing Co., 486 U.S. 750 (1988). Such
schemes were adopted in England for the particular object of chilling
speech critical of the Government and any dissent from the established
mores of the time. See Vincent Blasi, John Milton's Areopagitica and
the Modern First Amendment, Communications Lawyer, vol. 14, no. 4
(Winter 1996), at 1. It is Pollyannaish at best to assume that this
overly broad scheme could not be used in the same way. See generally
Anthony Summers, Official and Confidential: The Secret Life of
J. Edgar Hoover.
3. The CCA's Actions Are Not Narrowly Tailored to the Articulated
Government Objectives.
The analogy to a motorist's claim that speed limits violate her right
to travel in the Thirteenth Circuit's opinion is particularly
inapposite. Speed limits are certainly restrictions on the right to
travel, but they are narrowly tailored actions that serve compelling
Government interests. Anti-cryptography legislation may be able to
constitutionally reach those whose actions the Government has an
almost irrebuttable criminal suspicion about, just as convicted felons
may be denied the right to vote, or the right to bear arms. See,
e.g., Baker v. Cuomo, 58 F.3d 814 (2nd Cir. 1995) (right to vote);
United States v. Bartelho, 71 F.3d 436 (1st Cir. 1995) (right to bear
arms). A provision denying the use of encryption to convicted felons,
then, would clearly be narrowly tailored to serve a compelling
Government interest. But it certainly may not reach everyone, and may
not reach Mr. Woodbury through the State's (at best) weak wiretap
warrant in this case. Even if it could reach Mr. Woodbury, the
extensive character of the CCA and its lack of exception for other
specifically protected speech renders it constitutionally
unacceptable.
"A statute is narrowly tailored if it targets and eliminates no more
than the exact source of the 'evil' it seeks to remedy." Frisby
v. Schultz, 487 U.S. 474, at 485 (1988) (citation omitted). "A
complete ban can be narrowly tailored, but only if each activity
within the proscription's scope is an appropriately targeted evil."
Id. The evil targeted here is crime, and the CCA only incidentally
reaches those instances where cryptography is used as one of its
elements. The compelled speech of revealing keys and the existence of
encoded documents is too high a constitutional price to pay for
deterrence and prosecution of the rare occasions that cryptography is
used to further a crime.
C. The CCA Unconstitutionally Burdens Associational Rights
1. The Associational Rights of Members of Socially Disfavored Groups Are
Violated by the CCA.
"Inviolability of privacy in group association may in many circumstances
be indispensable to preservation of freedom of association, particularly
where a group espouses dissident beliefs." NAACP v. Alabama, 357 U.S. at
462 (emphasis added). In NAACP, the Alabama branch of the civil rights
organization had been served with a judicial order commanding them to
produce their membership list as part of an action brought to harass their
organizing activities in the state. With the existence of a key in the
hands of the Government, the type of privacy claimed by the NAACP in their
membership lists would be ephemeral at best. Without even the notice of a
warrant being served, documents lawfully or unlawfully in the hands of
authorities could become instantly useful for any Government purpose,
legitimate or illegitimate. Knowledge of this fact among the membership
and others would have exactly the result that this Court worried about in
NAACP: "induc[ing] members to withdraw from the Association and
dissuad[ing] others from joining it because of fear of exposure of their
beliefs shown through their associations and of the consequences of this
exposure." Id. at 463.
Instead of focusing on the real chilling effect on First Amendment
activity that results from the CCA, the Government chooses to worry
only about the alleged "unacceptable risk to the domestic tranquility
and to the national security of the United States," CCA, 1(c), and the
Thirteenth Circuit follows along without question, slip op. at ____.
Such a docile approach to review of asserted Government purposes
against speech rights is inconsistent with the jurisprudence of this
Court. To offer another example, a group's dissident beliefs and
vague assertions about taking power do not allow the Government to
assume that their goal is in any sense violent action -- the burden is
on the Government to distinguish even the advocacy of violence from
incitement to imminent lawless action. Brandenburg v. Ohio, 395
U.S. 444, 447 (1969). Strong necessity must be shown before the
Government may burden association rights through legislation like the
CCA. No such necessity is presented by the Act itself or by the
Thirteenth Circuit.
2. The CCA's Provisions Are Not Narrowly Tailored To
the Asserted Government Interest in Preventing Crime.
The Government is certainly free to use its market power to restrict
the broad dissemination of unbreakable encryption technology. See
A. Michael Froomkin, The Metaphor Is the Key: Cryptography, the
Clipper Chip, and The Constitution, 143 U.Pa. L. Rev. 709, 793-95
(1995). It is not, however, constitutionally permitted to bar its use
altogether, or to unconstitutionally burden individual association
rights to restrict its use, unless the state action taken were
narrowly tailored to serve compelling Government objectives.
Again, the asserted Government interest in mandating escrow of
encryption keys is the prevention of crime. The CCA is not narrowly
tailored to serve this interest because its conditional ban on
cryptography does not "eliminate[] no more than the exact source of
the 'evil' it seeks to remedy." Frisby, 487 U.S. at 485. It clearly
reaches the associational rights of dissident groups who would protect
their privacy, but who have not committed any crime.
D. The CCA Unconstitutionally Burdens the Right to
Anonymous Speech.
1. Mr. Woodbury's Rights to Anonymous Speech Are
Clearly Before This Court, Even If The Facial Overbreadth Claims Are
Ultimately Rejected.
It is first important to point out that Woodbury's right to anonymous
speech is clearly before this Court even if the overbreadth analysis
under which we have examined other applications of the statute is
ultimately rejected. He has not somehow lost the right to claim this
"since his identity has been known to the police throughout the
investigation." Slip op. at ___. The right of anonymity under the
First Amendment is not only anonymity against the Government, but the
right to communicate ideas anonymously. "[A]n author's decision to
remain anonymous, like other decisions concerning omissions or
additions to the content of a publication, is an aspect of the freedom
of speech protected by the First Amendment." McIntyre v. Ohio
Elections Commission, 115 S.Ct. 1511, 1516 (1995). In both of this
Court's major cases dealing with anonymous speech, the identity of the
person seeking their right vindicated was known to the Government.
See McIntyre; Talley v. California, 362 U.S. 60 (1960). Nor is it
true that "there is no suggestion that [Mr. Woodbury] sought to
communicate anonymously," Slip op. at ____. The encrypted nature of
data sent out over Mr. Woodbury's data telephone line suggests exactly
the opposite. Slip op. at ____. Only a user possessing
Mr. Woodbury's key could decrypt the message sent over line two; he
was thus anonymous to everyone who did not possess his key.
2. The Anonymous Speech Rights of Others are Unconstitutionally Burdened
By the CCA.
In any case, because of the overbreadth claim, we are not wholly
reliant on Woodbury's right to assert that the CCA unconstitutionally
burdens the right to anonymous speech. For the purposes of this
argument, we may in fact assume that Woodbury, or the lawyers or
clients we posited in our third hypothetical above, was actually
communicating anonymously.
The right to anonymous speech has been recognized in both the literary
and political contexts by this Court, most recently in invalidating an
Ohio requirement that flyers intending to influence an election
contain the name and address of the person or organization
distributing them. MacIntyre, supra. The CCA clearly reaches not
only Mr. Woodbury, but also the anonymous pamphleteer who distributes
her work over the Internet, or the recent author of the novel Primary
Colors. The Government may not ban anonymity, or excessively burden
it. Id. Because there is little reason not to extend this right to
the professional realm, it may even cover the lawyer who encrypts her
client memos so that only the client can read them. None of these
people have committed any crime. There is no reason their speech
should be burdened absent strong suspicion.
3. The CCA is Not Narrowly Tailored to the Asserted Government Interest
in Preventing Crime.
For the same reasons articulated in Sections I.A.2 and I.B.2 supra, the
CCA is not narrowly tailored to the Government's asserted interest in
placing speech-dependent limits on cryptography to protect against
potential crimes.
In its efforts to maintain its access to the private lives of individuals
through the medium of the Cryptography Control Act, the Government has
violated Mr. Woodbury's Fourth Amendment rights by establishing a regime
where it may begin searches of private computer files without probable
cause or individual suspicion. Mandatory key escrow is a fundamental part
of the scheme of searching for these digital documents, and as such must be
the considered the starting point of a given search (strangely undertaken
by the object of the search himself). Thus the requirement of filing keys
is unconstitutional absent reason to suspect a particular user. The
Government claims that it may dispense with the probable cause and
individual suspicion requirements under the doctrine governing regulatory
searches; however, as will be shown, this doctrine is wholly inappropriate
for the analysis of the key escrow scheme.
A. Mandatory Key Escrow Constitutes a Search Under the
Guidelines Established By This Court.
This Court has clearly established that a search begins when the
Government first interferes with an individual's legitimate
expectation of privacy. Maryland v. Macon, 472 U.S. 463, 469 (1985);
United States v. Jacobsen, 466 U.S. 109, 113 (1984). Those who
possess encrypted files clearly have such an expectation; indeed, the
right to security in private papers under the Fourth Amendment is
paradigmatic, and users of strong cryptography have openly and
effectively expressed their desire to exercise that right.
Requiring users of encryption to file their keys with the Government
infringes this expectation of privacy in two ways. First, mandatory
key escrow requires that an individual disclose to the Government that
she has something to hide. Under the CCA, the filing of keys is
required only when an individual desires to use cryptography to secure
the contents of his personal files. CCA, 10. Therefore, under the
statutory scheme enacted, keys will be filed only when there are
documents encrypted. Thus the filing of a key serves to inform the
Government that the user has documents she wants kept private or
secure against a search. This infringes the user's expectation of
privacy by directing the Government toward a source of evidence whose
existence the user has a right to keep unknown to the Government. The
discovery of sources of evidence is the classic purpose of a search;
the scheme embodied by the Act falls well within that category.
Furthermore, the CCA does not adequately describe the safeguards which
escrow agencies must use to prevent the unauthorized disclosure of
keys. Private citizens do, admittedly, have an expectation of privacy
in personal information held by the Government. Whalen v. Roe, 429
U.S. 589 (1977) (medical records); Sheets v. Salt Lake County, 45 F.3d
1383 (10th Cir. 1995) (citing Whalen). However, the Court has held
that this privacy may be infringed if the Government does not
sufficiently protect the information it has in its custody. Whalen at
605; Sheets at 1387. While the procedural safeguards established by
the CCA may be sufficient for a regular search (although not for a
regulatory search, as discussed below), the statute remains
unconstitutionally vague as to the physical safeguards for the
critically sensitive information held by escrow agencies. This Court
focused explicitly on physical safeguards in Whalen, looking even at
the wire fence and alarm system surrounding the computers holding
private medical files. Id. at 593-594. Without such safeguards
clearly established, individuals cannot expect their keys to be
adequately protected. Thus the Government violates their expectation
of privacy, and consequently begins a search.
For these reasons, mandatory key escrow qualifies as a Fourth
Amendment search, and therefore is unconstitutional because of its
lack of cause and suspicion. Note that the purpose of the search
initiated with the process of key escrow is not relevant for finding
violations of the Fourth Amendment; a search need not be intended to
produce evidence for criminal prosecutions. Even so, as will be
demonstrated below, this is the hidden purpose of the CCA.
B. The Seizure of Encryption Keys As Required By the CCA
Cannot Be Justified Under the Regulatory Search Exception to the Fourth
Amendment.
The Government and the Thirteenth Circuit have attempted to justify
the warrantless seizure of encryption keys without probable cause or
particularized suspicion by appealing to the narrow regulatory search
exception to the Fourth Amendment developed by this Court in Skinner
v. Railway Labor Executives' Association, 489 U.S. 602 (1989) and
National Treasury Employees Union v. Von Raab, 489 U.S. 656
(1989). However, the regulatory search doctrine as developed in these
cases and their progeny is wholly inappropriate to the use of
encryption, applying only to those who work in particularly hazardous
positions or heavily regulated businesses, or who have consciously
waived a certain level of privacy. Furthermore, while the Thirteenth
Circuit states that the CCA is not intended as a law enforcement
device, it is unquestionable that it will be used for law enforcement
purposes against those persons possessing files encrypted with 64-bit
keys before the passage of the Act. Moreover, the warrant requirement
in the CCA does not in fact provide sufficient protection against the
use of materials seized in a regulatory search in a later criminal
proceeding.
1. The Regulatory Search Doctrine Does Not Apply to
CCA's Search Regime.
a. The Regulatory Search Exception Is Inapplicable to Individuals
Using Encryption Because the CCA Lacks the Appropriate Justification
To Dispense With Individualized Suspicion and Probable Cause.
The Thirteenth Circuit attempts to apply the regulatory search
exception to users of cryptography by claiming that the Government has
"special Governmental needs, beyond the normal need for law
enforcement." Von Raab at 665-66. Judge Mitchell then goes on to
explain how a regulatory seizure of encryption keys is necessary to
combat the efforts of "enemy agents, drug dealers, pornographers,
pedophiles, and organized crime generally." Slip op. at __. As a
preliminary comment, while Judge Mitchell has comprehensively listed
those bogeymen which haunt law enforcement officials, he seems to have
misread Von Raab to read "beyond the normal need of law enforcement"
-- for these outlaws are the standard targets of law enforcement, not
an external concern. As can be seen in the cases that follow and
interpret Skinner and Von Raab, the "special Governmental needs"
discussed in those cases have been uniformly limited to situations 1)
where public safety is immediately and directly at risk, or 2) where
the person searched has voluntarily given up some expectation of
privacy by working in a heavily regulated industry or entering an area
where privacy is commonly acknowledged as reduced. Neither of these
description applies to the defendant, Mr. Woodbury, or to those who
use cryptography in general.
i. Public Safety Is Neither Immediately nor Directly At Risk Because
of the Use of Encryption.
In the cases which have followed Von Raab and Skinner, regulatory
searches have been permitted where those being searched could cause
"great human loss" before a less-intrusive investigative technique
could detect the crime. Skinner at 628. Throughout the federal
circuits this condition has been taken quite literally, with the
result that this justification for a regulatory search applied only
where public safety was immediately and substantially threatened. See
United States v. Ross, 32 F.3d 1411, 1415 (9th Cir. 1994)(passenger on
plane whose luggage was thoroughly searched not in "dangerous or
sensitive position"); Taylor v. O'Grady, 888 F.2d 1189, 1199 (7th
Cir. 1989)(only correctional officers in regular contact with
prisoners, in a position to smuggle drugs or having access to firearms
subject to urine testing); Stanziale v. County of Monmouth, 884
F.Supp. 140, 147 (D.N.J. 1995)("The nexus between the [sanitary]
inspector's misconduct and the potential injury is too attenuated to
justify the removal of...the individualized suspicion requirement.");
Craft v. Pace of South Holland, 803 F.Supp. 1349 (N.D.Ill. 1992)(drug
testing among public transit officials overbroad because applied to
employees not in "safety sensitive" positions); Watson v. Sexton, 755
F.Supp. 583, 589 (S.D.N.Y. 1991)(Gov't officials driving cars: "When
driving is only incidental to other duties that engage no safety
concern, the employee's position is not safety sensitive."); Beattie
v. St. Petersburg Beach, 733 F.Supp. 1455, 1459 n.1
(M.D.Fla. 1990)(although firefighters deal with public safety, they do
not use firearms or use deadly force); cf. Rushton v. Nebraska Pub.
Power Dist., 844 F.2d 562, 567 (8th Cir. 1988)(nuclear powerplant
engineers subject to testing); Dykes v. SEPTA, 68 F.3d 1564, 1567 (3rd
Cir. 1995)(bus driver subject to testing).
The Thirteenth Circuit argues that the use of cryptography presents a
threat to public safety and national security because criminals may
use the privacy thus granted to further their plans. But an encrypted
document is unlikely to be the direct cause of harm, unlike drug or
alcohol abuse; any harmful effects would be too remote temporally and
causally to justify dispensing with the particularized suspicion
requirement. Furthermore, even if cryptography could directly cause
harm, it is hard to conceive how most users, including Mr. Woodbury,
could be seen to be in a safety-sensitive position. Thus, the abstract
threat which the use of cryptography in a criminal enterprise poses
cannot justify a system of regulatory searches.
ii. Users of Cryptography Have Not Voluntarily
Reduced Their Expectations of Privacy By Taking Jobs In a Heavily
Regulated Industry or By Acting In a Sphere Where Privacy Is Reduced.
Courts following Von Raab and Skinner have also held those decisions
to mean that persons choosing to work in a heavily regulated industry
may have a "lessened privacy expectation against the Government's
intrusion." Carelli v. Ginsburg, 956 F.2d 598, 604 (6th Cir. 1992)
(horse racing industry heavily regulated and athletes thus subject to
drug testing). However, cases using the heavily regulated industry
justification have required either a showing of pervasive Government
control, see, e.g., Skinner at 627, Lesser v. Espy, 34 F.3d 1301 (7th
Cir. 1994)(rabbit farm for animal testing labs), or some reason to
expect widespread problems requiring regulation, see Von Raab at 672
(agents having access to illegal drugs and dealing with drug-related
crimes); Carelli at 605 (evidence that drug abuse common in racing
industry); Beattie, 733 F.Supp. at 1459 (firefighting heavily
regulated, but testing inappropriate because record did not show drug
abuse problem).
Similarly, courts have held that individuals may be subject to
regulatory searches when they participate in an activity where privacy
is commonly acknowledged as reduced. In Vernonia School District 47J
v. Acton, 115 S.Ct. 2386 (1995), the Supreme Court held that student
athletes could be subject to drug testing because participation in
school sports indicated a willingness to accept reduced privacy in
locker rooms and with regard to standards of conduct. The Court drew a
parallel to adult participation in heavily regulated industry. Id. at
2393. This justification was also applied recently to regulatory
checks of welfare recipients, S.L., P.W., B.S. v. Whitburn, 67 F.3d
1299 (7th Cir. 1995), as well as the classic examples of entering a
courthouse or passing through an airport metal detector. In all these
cases, individuals took part in public activity where they knew they
were subject to systematic searches.
Neither of the situations described above apply to a user of
cryptography such as the defendant. Woodbury is obviously not an
employee of a heavily regulated industry, at least not with respect to
his private files, and he cannot be said to have participated in an
activity where he knew he was subject to a warrantless
search. Furthermore, the use of telephone lines to transfer encrypted
files cannot be used to bootstrap him into one of these categories. If
that were the case, wiretaps could be used randomly on any telephone
line without a warrant or suspicion, as they clearly cannot. See Katz
v. United States, 389 U.S. 347 (1967). For these reasons, as well as
those stated above discussing the public safety justification, the
regulatory search doctrine is inappropriately applied to a key escrow
scheme.
b. Contrary To the Purpose of a Regulatory Search, the
Terms of the CCA Are Aimed Toward the Gathering of Evidence For Criminal
Prosecutions, Without Adequate Statutory Protection.
The Thirteenth Circuit claims that, according to the requirements of
Von Raab, key escrow "seeks only to aid in the detection [of], and
perhaps also deter, crimes that might otherwise be furthered by the
use of encryption." Slip op. at ___; see Von Raab at 666. But while
this claim is more than suspect with regard to users possessing files
encrypted after the enactment of the CCA, it is plainly untrue with
regard to those persons engaged in criminal activity and possessing
files encrypted prior to the Act's passage. Furthermore, the Act
cannot deter the use of cryptography for those who have already
encrypted their files; the only reason to have such persons file their
keys is so that the Government can have access to the private files
they suspect (if not know) exist. It is unclear how detection of crime
is not intended under the Act to result in criminal prosecution in any
case; if such were not the intent, why would there be an explicit
warrant requirement? Moreover, the system of enforcement of the Act
indicates that it is intended to serve criminal prosecutions. The CCA
contains no provisions for special enforcement of its criminal
prohibitions. Thus, the only situation in which violations will be
detected is in the course of a criminal investigation.[1]
But even if the hidden intent of the Act is ignored, the warrant
requirement does not cure the inappropriate use of decrypted files in
criminal prosecutions. According to Von Raab, evidence acquired
pursuant to a regulatory search "may not be used in a criminal
prosecution...without the [searched person's] consent." Von Raab at
666 (emphasis added). This Court specifically allowed an individual
who is the possible target of prosecution additional protection to
make up for the lack of particularized suspicion or probable cause;
the CCA cannot replace that level of protection with a warrant issued
after the fact.
Accordingly, the regulatory search exception cannot justify the
specific provisions of the Act because they serve an improper purpose
and offer insufficient protection to fall within that exception.
C. The CCA Creates Untenable Paradoxes In the Development
of Legitimate Expectations of Privacy.
The CCA creates a unique constitutional curiosity by attempting to
restrict the means by which a person may attempt to establish a
legitimate expectation of privacy in computer files. Normally
focusing on whether attempts at privacy were successful enough, courts
and legislators have not previously faced the question of whether an
attempt to keep papers private could be too successful. It is
well-established that an expectation of privacy under the Fourth
Amendment depends upon the steps taken to exclude others from object
being searched. Rakas v. Illinois, 439 U.S. 128, 149 (1978). Writing
in his concurrence to Rakas, Justice Powell clarified the holding of
the Court, stating, "In considering the reasonableness of asserted
privacy expectations, the Court has recognized that no single factor
invariably will be determinative. Thus, the Court has examined whether
a person invoking the protection of the Fourth Amendment took normal
precautions to maintain his privacy -- that is, precautions
customarily taken by those seeking privacy." Id. at 152. In the case
of computer files, the traditional method used by those seeking
privacy is encryption.
In most cases of private individuals, it is likely that sub-64-bit key
encryption would be sufficient to protect against likely hackers, be
they outsiders or simply curious children in the household. In that
circumstance, weak encryption resembles the phone booth door in
Katz. But for some, those individuals working with extremely sensitive
information, weak encryption begins to resemble the bathroom stall
door in United States v. White, 890 F.2d 1012 (8th Cir. 1989),
cert. denied, 497 U.S. 1010 (1990) -- the right step to express a
desire for privacy, but not effective enough to develop a legitimate
expectation. It is constantly becoming more cost effective for large
corporations or foreign Governments to crack files encoded under
weaker encryption standards. See Froomkin, supra, at 738 ff. 46 or
those who deal in information interesting to such parties, it is
consequently becoming less reasonable to consider sub-CCA standard
encryption as sufficient to provide everyday security.
This created a conundrum, because Congress realized that for the first
time the steps that were necessary to insure Fourth Amendment
protection could successfully prevent Government searches,
unreasonable or otherwise. The situation came to resemble cases under
the Fifth Amendment, where information was irretrievably locked within
a witness' mind. The drafters of the Act resolved this situation by
interfering with private individuals' development of Fourth Amendment
privacy rights, restricting the use of effective cryptography. The
drafting of the CCA thus created the legal curiosity of this case,
because the only way to resolve their problem, as in Fifth Amendment
cases, was to compel the user to aid in the decryption of the files to
which they desired access. The legitimacy of this action under the
Fourth Amendment has been discussed above. However, as will be seen
below, the Fifth Amendment is designed to complement the Fourth in
precisely these situations and offer relief for a case like
Mr. Woodbury's -- where the Government wants him to assist his own
prosecution.
The CCA attempts to solve the problem of unbreakable encryption by
requiring that a person using cryptography hand over the translation
keys, essentially forcing the user to share his sphere of privacy with
the Government. But this step is unconstitutional under the Fifth
Amendment, in that key escrow is a testimonial act that will
incriminate individuals in the course of a criminal
prosecution. First, the act of handing over translation keys is in all
cases both testimonial and incriminating in and of itself, because it
declares to the Government that the user has something to hide. This
testimony is particularly harmful to persons like Mr. Woodbury, who
are under suspicion for unrelated reasons. Second, mandatory key
escrow is unconstitutional in a wider sense because it forces
Mr. Woodbury and other users who have files suspected by the
Government of being incriminating and which had been encrypted before
the passage of the CCA to acknowledge the existence of, and assert
control over, those files. Third, mandatory key escrow infringes
Mr. Woodbury's right against self-incrimination because it requires
not that he merely reveal, but that he repeat and restate the
incriminating content of private documents.
A. The CCA Compels Users of Cryptography Like Mr. Woodbury
To Admit That They Have Something To Hide Under Circumstances That Could
Lead To a Substantial Risk of Prosecution.
As discussed above, the act of escrow informs the Government that an
individual has something to hide, because the requirement of escrow is
predicated upon actual encryption of files. Note that this is unlike
the situation in Doe v. United States (Doe II), 487 U.S. 201 (1988),
where the defendant was compelled to sign a consent directive
authorizing foreign banks to release account information to the United
States Government. This Court upheld the compelled signing against a
Fifth Amendment challenge on the grounds that the directive,
formulated at the instigation of the court and phrased hypothetically,
did not reveal that there were in fact any such documents in
existence: "Although the executed form allows the Government access to
a potential source of evidence, the directive itself does not point
the Government toward hidden accounts." Id. at 215. In the instant
case, however, it is unreasonable to assume that individuals will go
to the trouble of filing encryption keys if they do not possess
encrypted files; thus the Government is informed by the act that the
user has something to hide.
This information may place the user at substantial risk of criminal
prosecution (as the Thirteenth Circuit would require, citing Marchetti
v. United States, 390 U.S. 39 (1968)). In circumstances such as those
of Mr. Woodbury, where the Government is suspicious of an individual
for separate reasons unrelated to cryptography, the additional
suspicion created by admitting to the Government that files are being
concealed from outsiders could well be enough to cause law enforcement
officials to institute a full-scale investigation or file an
indictment.[2] Enabling the Government to detect
crime in this fashion thus violates the Fifth Amendment by forcing
suspected criminals to signal that they are due greater scrutiny if
not immediate prosecution.
B. Mandatory Key Escrow Violates Mr. Woodbury's Fifth
Amendment Rights By Forcing Him To Acknowledge That He Possesses
Incriminating Files and Controls Those Files.
It is indisputable that many users of encryption, possibly including
the defendant,[3] had been using strong
encryption prior to the passage of the CCA. Mandatory key escrow thus
presents a serious danger to those individuals who are the subject of
criminal investigation, because the Government's demand for keys
compels such users to testify that they are in control of and
responsible for any encrypted files which the Government may already
have in its possession. This compelled testimony is in clear violation
of the Fifth Amendment. In Doe II, 487 U.S. at 209, this Court held
that "the act of production could constitute protected testimonial
communication because...by producing documents in compliance with a
subpoena, the witness would admit that the papers existed, were in his
possession or control, and were authentic." In essence, filing keys
would force a criminal defendant to abandon the defense that the
documents in question were not in fact his, or had been modified. Note
that for these individuals with encrypted documents prior to the
passage of the CCA, key escrow would not merely be potentially
self-incriminating at an unspecified time in the future, but would
actually be incriminating at the time of filing.
C. Forcing a Defendant To File Encryption Keys for Encoded
Documents In The Possession of the Government Incriminates the User By
Forcing Him To Restate and Repeat the Contents of Those Files.
It is unquestioned that "a person may not claim the [Fifth]
Amendment's protections based upon...the contents...of the thing
demanded." Baltimore City Dept. of Social Services v. Bouknight, 493
U.S. 549, 555 (1990). However, the Fifth Amendment does apply if a
person is forced "to restate, repeat or affirm the truth of [its]
contents." United States v. Doe (Doe I), 465 U.S. 605, 612 (1984). The
compelled disclosure of encryption keys when the Government holds
encrypted files requires that a user do just this, restate the
contents of the documents in a form understandable to the
Government. An encrypted document is not a locked strongbox. It does
not in any sense contain or conceal another document understandable to
law enforcement officials. It itself is the only document. When an
escrowed key is used to decode such a document, it is not unlocking a
container, but translating and restating the document for the
Government as if from another language. Thus the disclosure of the key
in effect requires the user to restate and explain the contents of an
incriminating file, if in a condensed way. This is clearly forbidden
by the Fifth Amendment.
To find for the Government in this case is to declare that the cherished
personal liberties constitutionally protected under the prior decisions of
this Court were conditioned upon the existence of State monitoring
techniques sophisticated enough to defeat those personal rights. This
Court must again affirm the protections of speech, association, privacy,
and criminal procedure, assuring that only those who have forfeited their
claim to these rights are forbidden from using strong cryptography. The
CCA is unconstitutional and should thus be struck down. The judgment of
the Thirteenth Circuit should be reversed.
Respectfully Submitted,
Jeffrey P. Hermes
2 It has not been shown that Mr. Woodbury would have been required to
escrow a key before the government had been suspicious of him for other
reasons.
3 Because there is no record, there is no evidence one way or the other
with regard to the date of the encryption of the files at issue in this
case. For educational purposes, the appellant assumes that the documents on
his hard drive were encrypted prior to the passage of the Act (which is at
least a possibility) in order to demonstrate a potential constitutional
weakness in the scope of the Act.
II. THE CRYPTOGRAPHY CONTROL ACT IS UNCONSTITUTIONAL UNDER THE FOURTH
AMENDMENT BECAUSE IT CREATES A SCHEME OF SEARCHES AND SEIZURES WITHOUT
PROBABLE CAUSE OR INDIVIDUAL SUSPICION.
III. THE KEY ESCROW REQUIREMENTS OF THE CCA VIOLATE THE FIFTH AMENDMENT
PRIVILEGE AGAINST SELF-INCRIMINATION OF BOTH THE DEFENDANT, MR. WOODBURY,
AND OTHERS USING EFFECTIVE
ENCRYPTION TECHNIQUES.
CONCLUSION
Christopher M. Kelly
March 13, 1996
1 Incidentally and highly suspiciously, this also enables police to
penalize people such as Mr. Woodbury whom they believe guilty of other
crimes even if they cannot find sufficient evidence to convict for those
crimes, while ignoring those not suspected of other offenses.
Back to CFP Moot Court page
Last updated March 23, 1996
cfp96@mit.edu