Oh no really I understand the implications and everything... but let's say you do forget the password, what can they do realistically? It seems highly immoral to throw you in jail because you forgot a password.
Now let's say you're in the middle of a murder case, and it is about to be thrown away because of lack of evidence. So they ask you to provide the key to your encrypted drive, but you've forgotten the key... So now do you go to jail on a life in prison sentence because of it? Do they let you go? Do they keep you in prison while they try to decrypt it which might take millions of years?
I can always say "I forgot, this whole ordeal has affected me psychologically and I can't seem to recall the key because of it". Then what happens? I go to jail for 4 months? Which might be a total injustice since there's a possibility it's actually true. Or maybe it's a loophole for a crook because he might have had to serve life in prison, and now he's only doing 4 months thanks to encryption.
A judge can easily send you to jail if there's proof you did something. The same way your girlfriend can easily send you packing because she has proof you cheated. The question is, can you send your girlfriend packing for cheating if you have no proof? If you have no proof then you're sending her packing because of an idea on your head (not real fact and you might be wrong), which is hardly fair and will probably be looked at with contempt and frowned upon by peers (read the rest of the world). Now can the state send you to jail because it thinks that you have child porn on your hard drive, without ever proving you have it?
What happens then when the state has the power to lock you up without proof?
<i>I understand the implications and everything</i>
I don't think you do.
<i>I can always say "I forgot[...]" Then what happens? I go to jail for 4 months?</i>
No, you go to jail for a few months and then they take you back to court to see if your memory has improved. If you don't have the key or if you produce a key that doesn't reveal the data they wanted it to, you go back to jail for longer.
If you can't produce the data the state demands, either because it isn't there or never existed, or because you really forgot, then you can stay in jail the rest of your life.
That is the purpose, goal, and implication that so-called law enforcement wished for and got from data investigation rules.
I said realistically. From what I've seen this "lost my password" is in the US a non issue, and in the UK it warrants a few months of jail time (treated as a misdemeanor depending on the severity of the charges). In any case, it's almost impossible to prove intent in cases like this. It can't be treated as obstruction of justice because the drives were not encrypted after the fact. And intent can't be proven, so at max you get a misdemeanor charge, fines and a year in jail (using us law as a basis for time served).
I'm pretty sure that there is a limit to the amount of time you can spend in jail for that (only a few months), at least for criminal cases.
I remember reading about a guy who was basically given an indefinite jail sentence in a civil case because the judge didn't believe that he really lost all his money is poor investments.
However I remember that the article highlighted the distinction between criminal and civil cases.
Now let's say you're in the middle of a murder case, and it is about to be thrown away because of lack of evidence. So they ask you to provide the key to your encrypted drive, but you've forgotten the key... So now do you go to jail on a life in prison sentence because of it? Do they let you go? Do they keep you in prison while they try to decrypt it which might take millions of years?
I can always say "I forgot, this whole ordeal has affected me psychologically and I can't seem to recall the key because of it". Then what happens? I go to jail for 4 months? Which might be a total injustice since there's a possibility it's actually true. Or maybe it's a loophole for a crook because he might have had to serve life in prison, and now he's only doing 4 months thanks to encryption.
A judge can easily send you to jail if there's proof you did something. The same way your girlfriend can easily send you packing because she has proof you cheated. The question is, can you send your girlfriend packing for cheating if you have no proof? If you have no proof then you're sending her packing because of an idea on your head (not real fact and you might be wrong), which is hardly fair and will probably be looked at with contempt and frowned upon by peers (read the rest of the world). Now can the state send you to jail because it thinks that you have child porn on your hard drive, without ever proving you have it?
What happens then when the state has the power to lock you up without proof?