Last month, a New Jersey police officer who was under investigation for leaking information about a drug investigation filed a petition for certiorari asking the Supreme Court to decide whether the Fifth Amendment’s protection against self-incrimination prohibits the government from compelling an individual to unlock a cell phone. The appeal is of a 2020 Supreme Court of New Jersey decision, Andrews v. New Jersey, which held that police officers could require defendants to disclose smartphone passcodes. This blog post seeks to briefly explain what is at issue in these so-called compelled decryption cases, provide an overview of the existing case law, and discuss what might come next at the high court.
The Fifth Amendment protects people from being forced to incriminate themselves and applies when the government compels testimony that uses the contents of the defendant’s own mind to communicate some statement of fact. While the privilege often does not extend to the production of real or physical evidence, such as a blood or handwriting sample, certain acts of production can be testimonial and therefore are covered by the Fifth Amendment. For instance, a suspect’s production of certain documents in response to a subpoena may be compelled testimony when doing so would admit such evidence existed, was under his or her control, or was authentic. Accordingly, to avoid having such evidence be deemed privileged, the government must show that it already knows this evidence exists and is within the suspect’s possession (this is known as the “foregone conclusion” doctrine).
Existing Supreme Court precedent in compelled decryption cases has left open two questions: (1) Do electronic passcodes have testimonial value, making them subject to Fifth Amendment protections? (2) If so, does the foregone conclusion doctrine apply, and how?
Lower Courts Are Divided
Courts have generally agreed that unlocking a device or providing a passcode is testimonial. But courts have disagreed on whether and when the foregone conclusion doctrine applies and how it fits in with other constitutional protections, such as the Fourth Amendment’s guarantee of due process. In short, existing compelled decryption law “is a mess.”
A threshold issue is whether to treat compelled disclosure—requiring a defendant to disclose his or her password to the government—differently than compelled entry—requiring a defendant to enter his or her password without disclosing it. There is some agreement, at least among scholars, that compelled disclosure is “pure testimony,” and that requiring disclosure would violate the Fifth Amendment.
With respect to compelled entry, one view—first adopted by the Massachusetts Supreme Judicial Court—is that the only implicit testimony at issue is whether the defendant knows the password. Accordingly, if the government can prove that it already knows the defendant knows the password, there is no testimony at issue, and it can require the defendant to enter the password and unlock the device under the foregone conclusion doctrine. Berkeley Law Professor Orin Kerr has advocated this view, arguing that ubiquitous encryption has shifted the balance of power from the state to the citizen and that, “[t]o he extent the doctrine is unclear, courts should interpret the Fifth Amendment so that the technology does not dramatically shift the balance of power too much against the public interest in investigating crime.”
Alternatively, some courts, such as the Supreme Court of Indiana, have found that unlocking a device implies additional testimony: admitting an ability to control the device and its contents. As such, to satisfy the Fifth Amendment, the government must make an additional showing, often including what incriminating information is contained on the device. University of Arkansas School of Law Professor Laurent Sacharoff disagrees with Kerr regarding the balance of interests. According to Sacharoff, once the government can unlock a device, it has access to a host of information that, but for developments in technology, it would not otherwise have access to. Sacharoff argues that requiring the government to articulate the information it seeks on a device is more analogous to foregone conclusion analysis in the context of actual document production.
The Andrews court adopted the first view, requiring the government to simply prove the defendant knew the passcode, and but then it went a step further. It did not differentiate between compelled disclosure and compelled entry. According to Sacharoff, doing so is an error as it “compels ordinary, pure testimony that has nothing to do with the act-of-production cases and therefore does not even trigger the foregone conclusion exception.”
Finally, to make matters more confusing, courts may also treat biometric decryption, or decryption through mechanisms like facial recognition and thumb print reading, differently. And most recently, the Utah Supreme Court has held the foregone conclusion doctrine doesn’t apply in compelled decryption cases at all.
An Originalist Take?
Despite the developing divides, the Supreme Court has punted on the issue so far. Last fall, the Court denied cert in Pennsylvania v. Davis, which would have addressed how the Fifth Amendment and the foregone conclusion doctrine apply to producing a password to unlock an encrypted computer. However, Justice Amy Coney Barrett has since joined the Court.
Justices Thomas and Gorsuch have expressed interest in applying the original public meaning of the Fifth Amendment with respect to compelled decryption rather than following the more recent line of cases. Justice Barrett, too, is a self-described originalist. Last month, Professor Kerr published a piece in the Harvard Law Review examining the original understanding of the Fifth Amendment and the privilege against self-incrimination. The article examines the 1807 treason trial of Aaron Burr, where the government asked Burr’s private secretary to disclose whether he knew the cipher to an encrypted letter that Burr sent to a co-conspirator.
After an in depth analysis of the Burr Trial, the legal authorities relied upon, and Chief Justice Marshall’s opinion, Kerr provides three takeaways that the Supreme Court may consider in its analysis. Kerr concludes that when disclosing a password is not incriminating, it is not protected by the Fifth Amendment (such as when law enforcement seeks a password from a non-defendant third party). He also concludes that when the government is seeking contraband rather than evidence (e.g., child pornography), disclosing a password is not protected by Fifth Amendment.
Finally, and perhaps most relevant, Kerr concludes that there are two analogies available with respect to forced password entry. Compelled entry did not occur at the time of Burr. According to Kerr, “[i]f compelled entry is treated as akin to compelled production, then it may be barred by the Fifth Amendment. If compelled entry is treated as akin to admitting knowledge of the password, then the rules for compelled entry should match those for compelled disclosure of the password.”
Professor Sacharoff submitted an amicus brief that also discusses how the Court may reject the act-of-production analogy the lower courts have adopted in favor of a first principles approach. Doing so, he argues, would allow the Court to harmonize its treatment of compelled entry and compelled disclosure and ensure that both are protected by the Fifth Amendment’s protection against self-incrimination.
The issue of compelled decryption is thorny, and lower courts have reached different conclusions. If the Supreme Court takes up Andrews, it may be able to resolve some of the conflicts across jurisdictions by using either a foregone conclusion or an originalist approach.