Law Enforcement Access to Encrypted Data: Legislative Responses and the Charter
45 Pages Posted: 25 Feb 2019 Last revised: 4 Apr 2019
Date Written: 2017
In our digital age, encryption represents both a tremendous social benefit and a significant threat to public safety. While it provides the confidence and trust essential for digital communications and transactions, wrongdoers can also use it to shield incriminating evidence from law enforcement, potentially in perpetuity. There are two main legal reforms that have been proposed to address this conundrum: requiring encryption providers to give police “exceptional access” to decrypted data, and empowering police to compel individuals decrypt their own data. This article evaluates each of these alternatives in the context of policy and constitutional law. We conclude that exceptional access, though very likely constitutional, creates too great a risk of data insecurity to justify its benefits to law enforcement and public safety. Compelled decryption, in contrast, would provide at least a partial solution without unduly compromising data security. And while it would inevitably attract constitutional scrutiny, it could be readily designed to comply with the Charter. By requiring warrants to compel users to decrypt and giving evidentiary immunity to the act of decryption, our proposal would prevent inquisitorial fishing expeditions yet allow the decrypted information itself to be used for investigative and prosecutorial purposes.
Suggested Citation: Suggested Citation