What happens with a subpoena and a system designed to protect itself from you?

Question

After reading about the recent Dropbox issue I'm starting to wonder if they could legally keep their initial promise.

Lets say that you're like Dropbox or Lastpass and you store users' information in such a way that you can't open a user's files. What do you do when you're subpoenaed for a user's files? (I'm looking for answers besides getting a lawyer.) How do you get a user's information when you designed the system so you can't?

Even if you tap the connection looking for their password, that doesn't work if the file is downloaded by the user then decrypted locally.

How would sites like Dropbox or Lastpass respond to a subpoena like this?

@Soumya92 All the dropbox statements were based on what people thought before the incident, which IIRC was Dropbox encrypted files in such a way that they couldn't access your files — TheLQ, Jul 16 '11 at 22:25
@TheLQ, that was a cleverly phrased sentence which made this conclusion likely without actually saying that. They changed it after the incident. — Hendrik Brummermann, Jul 17 '11 at 10:00
@TheLQ, I think your premise is faulty. DropBox employees can access your files that you store on DropBox. — D.W., Jul 18 '11 at 02:11
@D.W. @Hendrik, but there are other services that encrypt locally. I think the question is solid, though the example may be faulty. (Still, it is the most well-known, and thus an easy example. I dont think the details of their service are important here.) — AviD, Jul 18 '11 at 11:13

score 8 · Accepted Answer · edited Oct 25 '11 at 17:38

Lets say that you're like Dropbox or Lastpass and you store users information in such a way that you can't open a users files. What do you do when you're subpoenaed for a user's files?

This is not true for your examples, but let's assume you operate a system in which the encryption is done client side and there is no further authentication.

It's quite likely that instead of a subpoena your servers are seized unless you are seen as a large company for which this would be disproportional.

A subpoena will probably include requests for logs including ip-addresses and usernames. It may include a request for usernames/passwords in some jurisdictions or an alternative access to the account. It may include a backup of the stored information.

You can comply with all of these requests in the scenario. Sure the backup will be useless unless the police get further information or are able to guess the encryption key (e. g. if it is password based).

In any case it is best to get a lawyer to reply. This is especially true if you cannot comply with the request in letter or intention. The lawyer will be able to explain the reasons in the "correct language" and therefore make it less likely that your servers will be seized.

I don't see how anyone who does things the right way would be able to deliver their users' passwords. — tdammers, Oct 25 '11 at 18:06
@tdammers, "the right way" is an interesting concept in cases it violates national law. — Hendrik Brummermann, Oct 25 '11 at 18:58
Did not know that. So basically, French law requires online service providers to introduce vulnerabilities into their systems? — tdammers, Oct 25 '11 at 19:08
As far as I know, the current state is that the service provider need to provide full access. But an alternative way to access the account without revealing the password is accepted. — Hendrik Brummermann, Oct 25 '11 at 19:15

score 5 · Answer 2 · answered Jul 16 '11 at 22:53

Lets say that your like Dropbox or Lastpass and you store users information in such a way that you can't open a users files.

There is only one real way to do this and that is for the user in question to hold and keep the encryption key and manage the encryption/decryption process. This means you need your encryption key on every device you wish to access the content, including any device on which you wish to use the convenience of the web interface, which is in my opinion why content-encrypted mail has failed to take off, since it makes web-mail difficult.

Otherwise, the option for the service provider is to encrypt your content - however, in order to give it back to you, the key must also be present in any delivery mechanism, meaning they might as well not bother.

A big clue as to who holds the encryption keys for your content is: can you access it via the web without supplying any key files? In the case of dropbox, you can make files available for public access, so, they either store these decrypted or else they have the mechanism to access them.

I said there is only one real way - a "fake" way would be to secure the generated key for that users' content with their password. This pushes the problem down the road, since for the duration of the session you either cache that password, its derivative, or the decrypted key for the files. Given this, I doubt it is used.

So I suspect your content (for a generic cloud provider) is either encrypted and stored next to the encryption key, or entirely unencrypted on their servers. Of the two, they do actually have a motivation to use encryption.

How would sites like Dropbox or Lastpass respond to a subpoena like this?

I assume they would hand over anything they had. I suspect this would be your encrypted content and their keys used to decrypt it, but assuming you had encrypted a file locally and not at any point transmitted the key to them, I would expect them to hand over the encrypted file along with everything else and provide evidence that they cannot in fact decrypt it.

What does their encrypting files protect me against?

The question you didn't ask - data stored on hard disks storing your files is, we assume, encrypted. Provided the keys are on a separate disk, throwing the file disk away (failure of a disk in their storage array, for example) ought to mean the content is reasonably protected. So encryption is worth their time, although it does not afford the protection most people imagine.

score 2 · Answer 3 · answered Jul 17 '11 at 10:32

I am not a lawyer, but here is how I understand it from various cases I have been involved in or viewed:

If you are the company subpoena'd for files, and your legal counsel agrees it is valid then you must hand over the files. As @Hendrik says, this is often done just by handing over the servers, as that is an easy way for the other party to get reasonable assurance that information isn't being held back (assuming they get the right servers....)

If the company holds the encryption key then this must be handed over as well.

However...

If the company does not hold the encryption key and all data from customers is encrypted, then all that can be handed over are logs etc, and encrypted files, so I have seen argument on the encrypted files as pointless to send.

score 1 · Answer 4 · 2014-04-30T06:45:53.993

After reading about the recent Dropbox issue I'm starting to wonder if they could legally keep their initial promise.

Lets say that you're like Dropbox or Lastpass and you store users' information in such a way that you can't open a user's files. What do you do when you're subpoenaed for a user's files?

You actually have a precedent for this: Hushmail and Lavabit.

Hushmail is a Canadian company that backdoored their own system to restore access to previously inaccessible files. They wrote a faulty applet to give law enforcement access to the unencrypted mail on the client side (there was a little more to it, but the essence is the client side applet facilitated the egress of data). See Hushmail warns users over law enforcement backdoor and Hushmail Passing PGP Keys to the US Government.

What I don't understand: how the US managed to reach into Canada - the US managed to get the information with only a request (and not a warrant). Perhaps Canada truly believed the arm of the US was that long, and the US would invade like they did in Iraq if Canada/Hushmail did not comply with the request...

Lavabit was within US jurisdiction, and the US government put the company out of business. Though the US was only interested in the Edward Snowden account, the government demanded the keys to spy on all users of the system. See Lavabit Website and How Lavabit Melted Down.

(And if you look deeper into Hushmail, you might be surprised who was running the show...).

score 0 · Answer 5 · answered Apr 30 '14 at 08:57

My answer is merely a question for which I have no answer. Take Lastpass, which promises to encrypt and decrypt files locally, and says it does not have your keys.

How difficult would it be for them to send those keys to their servers? Nobody would notice the difference. They could set it up so that it only happens for those users for which they need to do this. That way it will be kept secret longer. A key is less than 1KB in size, and it can be hidden in other traffic while syncing.

Can the NSA force them to do this and keep it quite for the public? The only guarantee is that once this gets out, all trust is gone and they can close their business. (But not really because most people don't care if it's to fight terror etc.)

What happens with a subpoena and a system designed to protect itself from you?

5 Answers5

Linked