> There is similar legal stance in Canada, UK, Australia, India, Germany, and Brazil to name a few.
There is not a similar stance in the UK. You can be compelled to provide a password. Section 49 of the Regulation of Investigatory Powers Act 200 (RIPA and let that doublespeak sink in a second) allows the police to compel it subject to a warrant from a judge.
The sentence (subject to sentencing guidelines) is up to two years in prison or 5 years for national security / child indecency cases.
You can claim you don't remember/know it as a defence, but in most cases that's not going to be believed by a jury.
In theory once you got out you could be re-served with the notice and face another 2-5 years. Rinse and repeat.
>but in most cases that's not going to be believed by a jury.
Is there are least some argument of reasonability? I have an old Runescape account I would love to be able to get back into, but I don't even remember the email it was tied to, much less the password. I was a kid back then so even the card that paid for membership was my parents. Is there some expectation that the prosecutor has to show the account was accessed in the last X years, or is this effectively a backdoor to keep someone in prison indefinitely?
A jury is gonna believe you forgot the password for an account you haven't accessed in X years. They're not gonna believe, without a lot of evidence, that you forgot the code to the smartphone you use every day.
And that's assuming that the judge even considers it reasonable.
There's no doublespeak there. To regulate just means to make regular. If they make the reprehensible the regular way of doing things then they've still done the job they're nominally supposed to do. They could say all investigations have broad sweeping powers going forward and they would still be regulating investigatory powers.
We want regulation to be for the benefit of all so we attach an emotional meaning to it but nothing about the word says it has to be beneficial.
What happens in the case of plausibly-deniable keys? Say someone has an encrypted drive with a hidden volume, one key decrypts decoy files and one decrypts the true files. If the person gives up the key to the decoy files, is the onus on the prosecution to prove additional keys exist or on the defence to prove they don't?
Not a lawyer but I expect it would be on prosecution to convince a jury that they had failed to make "a disclosure of any key to the protected information that is in his possession"
as per RIPA 2000 Section 50, 2 a)
To do this, they'd likely need some evidence to persuade the jury, beyond reasonable doubt, that the encryption system had such a feature.
Not from the UK and not a lawyer, but if a new warrant was served, then not providing the password would be a new offense and double jeopardy would not apply
There is not a similar stance in the UK. You can be compelled to provide a password. Section 49 of the Regulation of Investigatory Powers Act 200 (RIPA and let that doublespeak sink in a second) allows the police to compel it subject to a warrant from a judge.
The sentence (subject to sentencing guidelines) is up to two years in prison or 5 years for national security / child indecency cases.
You can claim you don't remember/know it as a defence, but in most cases that's not going to be believed by a jury.
In theory once you got out you could be re-served with the notice and face another 2-5 years. Rinse and repeat.