17 Feb 2000

By CARL S. KAPLAN

Wrinkle in Mitnick Case Hints at Encryption Battles to Come

little-known legal skirmish in the case of the computer hacker Kevin Mitnick was a preview of similar fights to come as more people use encryption software to protect their files, lawyers who were involved in the case say.

Mitnick left federal prison last week after serving nearly five years for a series of crimes involving computer fraud and wire fraud. But his lawyers say they are still troubled by the judge's answer to a legal question raised early in the case: When federal agents seize encrypted files from a defendant, can they refuse to return them unless the defendant turns over the secret "key" to decode the files?

That digital-age puzzle, which the judge regarded as a novel legal question, arose in Mitnick's case in a circuitous manner, as sometimes happens in criminal trials.

In the course of the government's investigation, federal agents in 1994 and 1995 seized two laptop computers owned by Mitnick, according to Gregory L. Vinson, a lawyer who worked on the Mitnick defense team that was headed by Donald C. Randolph, a veteran criminal defense specialist in Los Angeles.

On the computers' hard drives were approximately nine gigabytes of electronic evidence, Vinson said in an interview. He estimated that of that total, perhaps one gigabyte consisted of encrypted files -- documents that were unintelligible to anyone who did not have a key to decrypt them. Mitnick, of course, had the key.

During the pre-trial discovery phase of the case, the government lawyer, Christopher Painter, an assistant United States attorney in Los Angeles, indicated that as required by the rules governing evidence, he would hand all of the seized files over to the defense -- except the encrypted ones.

That set the stage for a hearing on May 20, 1998, before federal judge Mariana R. Pfaelzer in Los Angeles. Speaking for the defense, Randolph argued that Mitnick was entitled to copies of the seized encrypted files under two legal theories, according to a transcript of the hearing.

First, he contended, under Rule 16 of the Federal Rules of Criminal Procedure, which establish the ground rules for the government's disclosure of evidence to the defendant, the government must allow a defendant to inspect or copy documents that "were obtained from or belong to the defendant." Since the encrypted files belonged to Mitnick, he deserved to get a copy of them, Randolph said.

The defense also argued that the encrypted files might include information that could help Mitnick defend himself. Under the Constitution, the prosecution is obligated to hand over such material to the defense.

Painter replied that because the government could not understand what was in the files, it could not use the files as evidence at trial. He also said that Rule 16 did not apply because the encrypted files in a sense were not "really in our possession," because "we don't know what's there."

But the heart of the government lawyer's argument was that it would be wrong to hand over the files because they could contain the spoils of Mitnick's crimes -- secret information that he illegally acquired from the companies whose computers he hacked into -- or something even more dangerous.

"For all we know, it could be plans to take down a computer system," Painter said at the hearing. "We don't know. And we think it's dangerous to release that, and that's why we don't want to release it. We're not going to use it, certainly, but we think that there's reasons not to release that information."

In considering the matter, Judge Pfaelzer said that it was "clever" of Mitnick to have encrypted the files in such a way that the government could not use them in its own case but Mitnick could access them if given a copy. She asked: "Now, you know, what's the court supposed to do with that position?"

Painter said the situation was akin to Mitnick asking for his coat back and the government not knowing if there was a pistol in the pocket. Judge Pfaelzer agreed, ruling that "this court is not going to order the encryptive material to be given" to Mitnick.

The judge added that if Mitnick would "tell the government how to read" the files, then the government would turn over the files in decrypted form.

Mitnick's lawyers immediately objected to this condition on the grounds that it would force him to waive his Fifth Amendment right against self-incrimination to obtain evidence he needed and that he had a legal right to see. The judge rejected this point and repeated her ruling.

Vinson, the defense lawyer, said in an interview this week that he still thought Judge Pfaelzer's ruling from the bench did not give enough weight to the defense's arguments. He said he was worried that the case might create the impression that the government has no obligation to give back encrypted files that it has been unable to decrypt.

"In ten years, when encryption becomes commonplace for people to use in order to protect their files, whether their files contain financial records, conversations with their spouse or a local drug dealer, the government is going to seize the files in a criminal case, and [government lawyers] will be faced with the same situation as they were in the Mitnick case," Vinson said.

Painter, reached by telephone earlier this week, said both sides in the pre-trial legal battle over Mitnick's encrypted files had strong arguments.

He said he agreed with Vinson that similar disputes may arise in the future as more people encrypt files. But he maintained that no precedent had been set, and that the government's responses would be on a case-by-case basis.

"It could be that in future cases, depending on the circumstances, it would be more appropriate to return [encrypted files] under special procedures," Painter said.

Gerald Lynch, a law professor at Columbia University who is an expert in criminal law and a former federal prosecutor, said in an interview that it was a "panic response" on the part of the court and the government to deny Mitnick access to his files.

"If you think about this reasonably, the answer is that if the government does not have a reasonable basis to contend that something really dangerous [is in the encrypted files], and merely does not know what is in the files and can't decode them, then they should hand them over," he said.

Alan B. Davidson, a staff lawyer who follows encryption developments for the Center for Democracy and Technology, a civil liberties group, said he believed the Mitnick encryption dispute is a precursor to a coming battle in Congress.

As part of a compromise announced this fall by the Clinton administration that loosened export restrictions on strong encryption software, the administration has committed to sending a bill to Congress laying out rules for when the government can get access to encryption keys, Davidson said.

"We are anxiously awaiting the administration's new bill, which will open up a huge debate," he said.

CYBER LAW JOURNAL is published weekly, on Fridays. Click here for a list of links to other columns in the series.