A recent case involving lawmakers who want to access data on the computer of a woman accused of engaging in a mortgage scam in Colorado has opened up a virtual Pandora’s box of legal questions: American courts are currently struggling with whether or not suspects can be forced to show authorities how to access their encrypted information and the repercussions of their ruling could affect Canadian law as well.
The most interesting thing about this case is that it brings to light the disconnect between how we’ve been taught to regard data on our computers and the reality of how digital information is stored and secured. Early on, marketers of digital media had to find ways to bridge consumers’ perceptions of the gap between our offline lives and the digital world that came into being with the advent of computers. Technology marketers had to overcome huge conceptual hurdles in order to present computers to us as something useful, desirable, and easily mastered. There is a reason why computer operating systems such as Windows, and Mac OS have been successful in bringing about widespread adoption of home computing: their language and interface were purposefully developed around metaphors for real world activities and objects, linking them to the practices of every day life. This is why the background of a graphical operating system is called a desktop. We work with files and documents that are kept in folders. Data that we store online is kept in a cloud or locker. Data we no longer wish to keep is sent to a trash can or recycle bin. We refer to Internet usage as traffic occurring in cyberspace. These physical metaphors for what is essentially a bunch of 1s and 0s coded onto a hard disk have made us more willing to purchase and use computers by making an otherwise alien concept seem more familiar. The Colorado case, however, has revealed an unintended side effect of these metaphors. We have come to believe in these symbolic representations of how computers work and what they do to the point where we now face a crisis of understanding.
The conceptual divide around which this current problem is elaborated is based on the metaphors we use to understand digital technology and new media. Common understanding of a computer hard drive imagines it as a physical container holding actual documents. We view encryption as the lock that keeps the box closed. It is this perception that has led prosecutors in Colorado to demand that a suspect be compelled by the court to decrypt her computer in order to permit investigators to “look inside” at her files. Were this metaphor accurate, there would be no problem with demanding a computer be “unlocked” in this way. Courts frequently force suspects to open locked boxes, vaults, or rooms: this isn’t terribly new or controversial. The case in Colorado, however, throws legal precedent into question because while computers have traditionally been conceived of as physical containers, they aren’t: in reality when we encrypt files, we are transforming them into something else, not storing them. What is actually being done on computers is a translation of the operator’s language into binary code, with encryption further translating that code into ciphertext. So instead of being locked away, your files are converted to a foreign language that only certain people can read. When you enter your password to decrypt those files, they are translated for you and you are able to then read them. It is this disconnect between perception and reality that is at the heart of the controversy in the Colorado case.
If computers are not storage space, but rather storage media, then they have more in common with the paper on which physical files are written than with the filing cabinets or lockboxes in which they are stored. The content of a file is ultimately a language and encryption passwords are the Rosetta Stone to that language. If such is the reality, then demanding a suspect decrypt her files is like forcing her to translate an unknown language, and this is where application of the law becomes problematic. Consider the situation if the defendant had kept her records written by hand on a piece of paper in a language the authorities could not read. Could a court really force her to translate that information for the benefit of prosecutors? Lawyers for the woman in Colorado argue that authorities cannot force a suspect to translate information for them because this challenges an individual’s right to not incriminate oneself. In Canada we also have similar laws that protect us against being compelled to speak out against ourselves, so a challenge of this kind could prove a watershed moment for digital law. At stake is how the law understands the way digital media works as well as individuals’ protections under Section 11 of the Charter of Rights and Freedoms which protects citizens from being compelled to be a witness in proceedings against themselves.
Regardless of the outcome, this case demonstrates the need for citizens and lawmakers to question our epistemological positions regarding the intersections of technology and everyday life.
Questions for Consideration
Take a moment to think of the ways in which our interactions with digital technology are mediated through metaphors for the physical world. Certainly these metaphors render the otherwise strange workings of digital technology more familiar, but do they come with a price?
How do you feel about the legal entanglements around encryption and our conceptions of it?