NACDL Fourth Amendment Center: Compelled Decryption Primer:
The Supreme Court recognized in Riley v. California that cell phones are unlike other types of physical objects. 134 S.Ct. 2473 (2014). Instead, the Court held, they are minicomputers that contain the most intimate details of life. Due to their immense storage capacity, combined with the many distinct types of private data they contain, the Court held that the Fourth Amendment requires law enforcement to get a warrant to search a cell phone, even incident to arrest.
But if a device is locked or encrypted, can law enforcement compel a suspect to unlock or decrypt it? This primer outlines the state of the law on compelled decryption and offers a guide for defense lawyers on this important emerging issue.
The majority of Americans now own several devices that are encrypted until unlocked by a passcode or biometric mechanism. A passcode can be a secret number, pattern, or alphanumeric password. Biometric locks may use a fingerprint or face scan. These locks serve to make their contents inaccessible and unreadable until unlocked and decrypted by an authorized user.
While the lawfulness of a device search is a Fourth Amendment issue, the Fifth Amendment privilege against self-incrimination is the central safeguard against compelled decryption. To successfully assert this right, the act of decryption must be compelled, incriminating, and “testimonial.” While the first two requirements are often easily met, the key question is whether decryption is testimonial.