UKC

Self-incrimination

New Topic
This topic has been archived, and won't accept reply postings.
 Indy 04 Jul 2014

Student is jailed for 6 months for refusing to hand over passwords.

“Effectively, the crown’s case is, the only appropriate inference to draw from the defendant’s refusal to disclose the password to allow access to the computer is it would have revealed activity of the type mentioned in the messaging, namely hacking of police, Serious Organised Crime Agency and university websites.”

Is that the end of it or can he be continually re-sentanced after 6 months in jail for again failing to give up the passwords.
Post edited at 18:31
 Chris the Tall 04 Jul 2014
In reply to Indy:

Why doesn't he just say he can't remember his password - hardly an implausible excuse!
Jim C 04 Jul 2014
In reply to Chris the Tall:

> Why doesn't he just say he can't remember his password - hardly an implausible excuse!

Good point, It worked for Rebekah Brooks, for a bright lady, she had a shocking memory.
And of course she was found innocent.
OP Indy 04 Jul 2014
In reply to Chris the Tall:

Because that's 'illegal' as well. It would be for you prove that you'd forgotten it.
 The New NickB 04 Jul 2014
In reply to Indy:

No, it is job of the prosecution to prove beyond reasonable doubt that you are lying.
OP Indy 04 Jul 2014
In reply to The New NickB:

> No, it is job of the prosecution to prove beyond reasonable doubt that you are lying.

I beg to differ..... Under Section 49 of part 3 of RIPA you would be guilty of an offence if you didn't hand over the password or plain text of the encrypted material. That's what the bloke in the OP was sent to prision for.
 The New NickB 04 Jul 2014
In reply to Indy:

You cannot be compelled to provide information you do not have. The prosecution may be able to make a pretty compelling case that you do have that information, but they have to convince a judge/magistrate/jury of that.
Removed User 04 Jul 2014
In reply to Indy:

Good on him for not giving up his passwds!
 JoshOvki 04 Jul 2014
In reply to Removed User:

> Good on him for not giving up his passwds!

I agree! I have several encrypted files and no idea what the passwords are for them, so I would be buggered if they decided to pull me up, despite the folders just containing some old programming work. I could delete them I guess but they are on a harddrive that isn't attached to anything currently.
KevinD 04 Jul 2014
In reply to The New NickB:

> You cannot be compelled to provide information you do not have.

There is a specific offence now of not giving up passwords. So the bar is set rather low. I suspect if you hadnt touched the files for 10 years you would probably be ok but if it was accessed last week it would be a tad trickier to explain.
 The New NickB 04 Jul 2014
In reply to dissonance:

> There is a specific offence now of not giving up passwords. So the bar is set rather low. I suspect if you hadnt touched the files for 10 years you would probably be ok but if it was accessed last week it would be a tad trickier to explain.

Yes, to use the defence of not having the information, it is useful if it is plausible.
Removed User 05 Jul 2014
In reply to dissonance:

This very much depends on how the files are encrypted. If they are inside a truecrypt container for example it's difficult to prove the container even exists, let alone the files inside and when they were last modified.

Some kid got 4 months a few years ago for refusing to hand over his password. http://www.bbc.co.uk/news/uk-england-11479831
 John Kelly 05 Jul 2014
In reply to Removed User:

good link

the investigation was for child sexual exploitation

he could have avoided the sentence by providing the password and proving his innocence

It's concievable that withholding passwords from police investigation could be morally legitimate however in these cases, organised crime and child exploitation, it's not

 John_Hat 05 Jul 2014
In reply to John Kelly:

I do wonder sometimes about this. I have a work PC with absolutely shedloads of company and customer sensitive information on it. Its (unsurprisingly) heavily (and multiply) encrypted.

So Plod turns up, and wants my passwords. I refuse as there's company and customer confidential information on there. I go to prison.

Presumably I would have to go around all my customers and ask them if they minded seriously confidential information being disclosed to the police, who after all are human beings. I doubt they would agree, so it would be choice between my liberty and my job.
 John Kelly 05 Jul 2014
In reply to John_Hat:

that's a really good point and i have no info about how that would work

I'm going to be really naive and suggest that there must be some sort of work around for that situation


 off-duty 05 Jul 2014
In reply to Removed User:

> Good on him for not giving up his passwds!

Why?
KevinD 05 Jul 2014
In reply to John Kelly:

> I'm going to be really naive and suggest that there must be some sort of work around for that situation

I dont believe there is anything in the law to do so. On a related note similar rules apply at customs/border control, although there it is mainly just send you back. Depending on the confidentiality of the data some companies operate a clean computer policy, eg wipe it back to default, when travelling.
 John_Hat 05 Jul 2014
In reply to off-duty:

> Why?

Well my personal view is because we are criminalising remaining silent, and that feels wrong.
New Topic
This topic has been archived, and won't accept reply postings.
Loading Notifications...