Microsoft denies this, which I tend to believe, but I know people who claim that it’s true. At the very least, it raises some interesting 4th amendment issues.
Let’s begin with why the backdoor issue arises.
Vista incorporates a feature called BitLocker Drive Encryption. BitLocker, which “is included in the Enterprise and Ultimate editions of Vista,” encrypts data on a computer. BitLocker Drive Encryption, Wikipedia. “By default it uses the AES encryption algorithm in CBC mode with a 128 bit key, combined with the Elephant diffuser for additional security.” BitLocker Drive Encryption, Wikipedia. According to Microsoft, it prevents unauthorized users from gaining access to data contained on a computer: “with BitLocker all user and system files are encrypted including the swap and hibernation files.” BitLocker, Microsoft.
Users’ ability to encrypt all the files on their computer obviously poses problems for law enforcement officers who want to search a computer for evidence of a crime. But as some have noted, BitLocker should not pose problems for law enforcement in two instances:
- One is if the computer is running; as one source notes, “forensic tools can access the encrypted volume of a running system just like any other program”. Simson Garfunkel, Drive Encryption: Two Tales, Technology Review. If the computer is running, the encryption key has already been entered into the computer, so the encryption is not an issue.
- The other instance in which BitLocker won’t pose problems for law enforcement is when people haven’t bothered to use it.
Notwithstanding all this, BitLocker will still probably raise issues for law enforcement. One is how officers should proceed when they arrive to execute a computer search and the computer is running; the officers can presumably conduct a forensic analysis of the computer and thereby avoid BitLocker’s encryption, but that remains to be seen. I am not going to address that issue here. What I want to examine is the legality (or illegality) of including a backdoor on the Vista system to let law enforcement bypass encryption that has been installed on a system and that is in effect because the system has been shut down.
We will assume, for the purposes of analysis only (which means this is all purely hypothetical), that Microsoft incorporates a backdoor that lets law enforcement bypass Vista encryption. For the purposes of analysis, we will also assume that officers arrive at John Doe’s home with a warrant to search his computer for evidence of a crime (child pornography, terrorism, murder, take your pick). He lets them in, takes them to the computer, the computer is not running and they quickly find out he has implemented BitLocker. Now, BitLocker can be implemented several ways, one of which involves storing the BitLocker encryption key on a USB drive; the USB drive must be inserted into the computer for it to boot. The officers ask Doe for the USB drive they need to boot the computer; he refuses to give it to them, says he “threw it away.”
Absent a Vista backdoor, they have two and only two options at this point: They can use a grand jury subpoena or other means to “compel” Doe to surrender the key (assuming he lied when he said he threw it away), but to do this they probably will have to give him immunity for the act of handing it over. As I explained in an earlier post, immunity lets the government override his Fifth Amendment privilege, which Doe will assert as the basis for refusing to turn over the key. Doe will say, in effect, that by turning the key over he would be forced to be a witness against himself in violation of his Fifth Amendment privilege against self-incrimination.
Unfortunately, giving Doe immunity for the act of handing over the USB drive probably means they will not be able to prosecute him, since the effect of the immunity is to bar the government from using his act of handing over the drive and any evidence derived, directly or indirectly, from that act against him in a criminal prosecution. Since the evidence, if any, found on the hard drive would derive from the act of handing over the USB drive, they would be giving up the opportunity to prosecute him. The other option is to break the encryption which, I believe, would be very difficult to do.
What if, hypothetically, Microsoft had created a backdoor in Vista that would let law enforcement bypass BitLocker encryption and access the data on Doe’s computer? If Microsoft were to do this, could law enforcement then use the backdoor without violating the 4th amendment?
I don’t know of any criminal cases in which this issue has arisen. It came up last year when Michael Crooker sued Compaq (now HP) for false advertising. Crooker claimed he bought a Compaq laptop because it was advertised as having a feature – DriveLock – that secured data on its hard drive. The FBI, which had a warrant to search Crooker’s laptop, apparently found some way around the DriveLock security. In his lawsuit, Crooker claimed they used a backdoor provided by Compaq (HP). Crooker’s suit was ultimately dismissed, for whatever reason, and is irrelevant to this discussion anyway, since it did not raise any constitutional claims.
In the Doe case, the officers have a warrant to search Doe’s computer, and that allows them to access the data it contains. They, however, need outside help to access that data. There are state and federal statutes that let law enforcement obtain help from private citizens to execute search warrants; police, for example, have always needed help from phone company employees to tap landline telephone calls. The government would probably argue that the officers’ using the backdoor Microsoft installed on the system is no different from officers’ obtaining the assistance of telephone company employees to tap telephone calls. The warrant gives the officers the constitutional authority to obtain the evidence (here, the content of the calls); the telephone company employees are simply helping them to implement that authority.
The defense would argue that law enforcement’s using our hypothetical Vista backdoor to access the data on Doe’s encrypted computer is different from the scenario I outline above. How is it different? Well, one difference goes to the issue Crooker raised in his lawsuit: Doe, the defense would argue, specifically purchased a computer with Vista in order to be able to use BitLocker to secure his data from any- and every-one, including law enforcement. Doe, the defense would say, believed he could rely on the technology he purchased from Microsoft to protect his data because (in our hypothetical) he had no reason to know there was a backdoor.
The defense would then argue that by (hypothetically) installing the backdoor, Microsoft became an agent of law enforcement. As I’ve noted before, a private party can become a law enforcement agent, which means the private party’s conduct must comply with the 4th amendment. To become a law enforcement agent, the private party must act with the purpose of assisting law enforcement (which we have here) and law enforcement must encourage the party’s engaging in conduct that assists law enforcement (which we also have here). If, then, Microsoft were to install a Vista backdoor and let law enforcement use it, Microsoft would be a law enforcement agent, at least with regard to BitLocker overrides.
The government, again, would say there’s no problem here, that the same rationale used to get phone companies to tap calls applies, i.e., the search warrant justifies what law enforcement does and what Microsoft-as-hypothetical-agent-of-law-enforcement does. Somehow, though, that just doesn’t seem right to me.
It seems to me that here Microsoft is acting like a bailor, i.e., someone who has custody of another person’s property and who is legally obligated to keep it secure. Airlines are bailors for our luggage; banks are bailors for the things we put in our safe-deposit boxes, etc. Microsoft is not technically a bailor because Doe has not given his data to Microsoft to hold and keep secure. But the relationship is analogous to a bailor-bailee relationship in that Microsoft has, at least implicitly, assumed some responsibility for keeping Doe’s computer data secure. Doe, after all, bought a Vista-equipped computer because he wanted the protection provided by BitLocker; he had no idea Microsoft could and would nullify that protection when asked to do so by law enforcement.
In a sense, what Microsoft is doing in our hypothetical is consenting to the search of Doe’s computer. Doe says “no” to the officers, Microsoft says “go ahead.” If we think of the hypothetical BitLocker backdoor as a type of consent, and if we analogize Microsoft to a bailor, then the consent would not be valid for 4th amendment purposes. There’s a federal case from the 8th Circuit Court of Appeals, United States v. James, 353 F.3d 606 (2003), in which James left disks in a sealed envelope with a friend. Federal agents asked the friend to open the envelope so they could search the disks, and the friend did. The Eighth Circuit held that this violated the 4th amendment because while the friend had lawful custody of the disks, he did not have the constitutional authority to consent to the opening of the package and to the search of the disks. Seems to me Doe could make a similar argument as to the hypothetical backdoor in Vista.
All of this will probably never come up for BitLocker, since Microsoft vehemently denies putting a backdoor in Vista (and I tend to believe them). But that does not mean law will never have to confront the problem of backdoors.