Stories
Slash Boxes
Comments

SoylentNews is people

posted by chromas on Monday November 22 2021, @02:30AM   Printer-friendly
from the wink dept.

Police Can’t Demand You Reveal Your Phone Passcode and Then Tell a Jury You Refused:

The Utah Supreme Court is the latest stop in EFF’s roving campaign to establish your Fifth Amendment right to refuse to provide your password to law enforcement. Yesterday, along with the ACLU, we filed an amicus brief in State v. Valdez, arguing that the constitutional privilege against self-incrimination prevents the police from forcing suspects to reveal the contents of their minds. That includes revealing a memorized passcode or directly entering the passcode to unlock a device.

In Valdez, the defendant was charged with kidnapping his ex-girlfriend after arranging a meeting under false pretenses. During his arrest, police found a cell phone in Valdez’s pocket that they wanted to search for evidence that he set up the meeting, but Valdez refused to tell them the passcode. Unlike many other cases raising these issues, however, the police didn’t bother seeking a court order to compel Valdez to reveal his passcode. Instead, during trial, the prosecution offered testimony and argument about his refusal. The defense argued that this violated the defendant’s Fifth Amendment right to remain silent, which also prevents the state from commenting on his silence. The court of appeals agreed, and now the state has appealed to the Utah Supreme Court.

As we write in the brief:

The State cannot compel a suspect to recall and share information that exists only in his mind. The realities of the digital age only magnify the concerns that animate the Fifth Amendment’s protections. In accordance with these principles, the Court of Appeals held that communicating a memorized passcode is testimonial, and thus the State’s use at trial of Mr. Valdez’s refusal to do so violated his privilege against self-incrimination. Despite the modern technological context, this case turns on one of the most fundamental protections in our constitutional system: an accused person’s ability to exercise his Fifth Amendment rights without having his silence used against him. The Court of Appeals’ decision below rightly rejected the State’s circumvention of this protection. This Court should uphold that decision and extend that protection to all Utahns.

Protecting these fundamental rights is only more important as we also fight to keep automated surveillance that would compromise our security and privacy off our devices. We’ll await a decision on this important issue from the Utah Supreme Court.

Put the $5 wrench away, corporal.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by edIII on Monday November 22 2021, @07:47PM (2 children)

    by edIII (791) on Monday November 22 2021, @07:47PM (#1198649)

    I don't have a cellphone either in that sense. I have a burner phone that I swap out regularly. My VOIP phone number points towards an Asterisk instance that then, when appropriate, patches my burner phone into the connection.

    In terms of apps, location tracking, Internet usage, etc. my burner phone has none. I use it only to communicate back and forth with my Asterisk instance, and nothing else.

    2FA with phones is fucking retarded, whether it is voice or SMS, so I use the burner phone for neither. On occasion when something absolutely demanded it, I used a burner phone for it and then threw away the burner phone afterwards. Lately, my VOIP line is fully capable of SMS communication so when I need SMS for some reason, I can still use it.

    Whatever modern government functions you are thinking of, don't exist in my neck of the woods.

    --
    Technically, lunchtime is at any moment. It's just a wave function.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 1, Insightful) by Anonymous Coward on Monday November 22 2021, @08:19PM (1 child)

    by Anonymous Coward on Monday November 22 2021, @08:19PM (#1198663)

    I love you and these comments (or you for these comments) but I find that... it is incredibly challenging to find anyone that believes me that 2FA with phones is as dumb as you say it is.

    I am afraid that convenience is the enemy, and things are secure because someone else says so, and I am weird and must have something mental going on for not accepting this secure method into the future.

    • (Score: 2) by edIII on Wednesday November 24 2021, @07:30PM

      by edIII (791) on Wednesday November 24 2021, @07:30PM (#1199301)

      Yeah, I know it's hard for people to forgo the convenience of 2FA on their phones. That is until they lose all their cryptocurrency holdings and have their bank accounts drained out.

      I find it funny that they ignore the news articles with Senators being shown how easy it is to hijack phones in the USA. How everybody forgot about the scandal of the SS7 protocol having no security. They don't realize if it is so easy for them to port their phone numbers between carriers in an afternoon, might it not be that easy for criminals to do it? Then you have TV shows and movies showing it done on a regular basis.

      I know of at least a few people now that are believers. Small circle of businessmen, all fairly affluent, all having diversified financial holdings. One of them, the "crypto genius", used his phone for 2FA and held his cryptocurrency in an online wallet. Whether it was targeted, or just opportunity, criminals somehow hacked his phone. I still don't know if it was a port out attack, or sim jacking, but either way the phone was pwned as they say. Since the phone was the 2FA device, and there was a plethora of financial apps on it, the financial ass raping commenced vigorously and without even the common courtesy of a reach-around.

      Today, these same small circle of businessmen listen to me as if I'm the messiah delivering information from God. Funny is all it took was for the one of them to be brutally destroyed huh? Oh, there was the belief that the authorities would straighten it all out. LOL. It's been quite some time, and the authorities haven't done dick and none of the stolen monies have been returned. I was asked if I could somehow get it all back, and I had to explain that it was extremely unlikely.

      Before, you never heard such whining when I spoke to them about hardware 2FA keys like Yubico and using them to secure their websites and businesses. It was so much harder than a simple password, and they would never get clients to go along with it. The users would rebel. After, it's like the coolest thing they've ever seen. They plug it in to the computer and press a contact and their secure password is entered into in the system. Their 2FA TOTP codes shown to them on a secured device instead of a phone. They fucking love it now.

      What you need to do is not proselytize to them with the technical details of it all, but show them the dead bodies. Show them a happy businessman plowing through blonde pussy, living on the golf course, eating in high end restaurants, smoking the dankest of dank, and then in the next minute losing their multi-million dollar home, failing on payments for their expensive Teslas, and ending up in a small apartment lamenting about how they used to have it all.

      --
      Technically, lunchtime is at any moment. It's just a wave function.