Legal Analysis: Encryption and the Fifth Amendment
Fifth Amendment encryption rights have become crucial in the digital age. This analysis examines when courts can compel you to decrypt your phone, laptop, or hard drive. Learn how the foregone conclusion doctrine affects your constitutional protection against self-incrimination, and discover what five landmark federal cases reveal about protecting your encrypted devices from government access.
Fifth Amendment Encryption Overview
Fifth Amendment encryption is a critical constitutional issue in the digital age. In the case of In re a Residence in Aptos, Calif., 2018 U.S. Dist. LEXIS 45827 (N.D. Cal. Mar. 20, 2018), the court addressed the issue of whether the Fifth Amendment privilege against self-incrimination bars the government from compelling an individual to decrypt and provide access to encrypted devices.
The court ruled that the “foregone conclusion” doctrine applied, meaning the government already knew the defendant possessed the devices and knew the passwords, thus negating any Fifth Amendment concerns. This article explores this case in detail and examines five other federal court cases that have addressed similar issues regarding encryption and the Fifth Amendment.
Law enforcement officials have likened the new encryption to “a house that can’t be searched, or a car trunk that could never be opened.” Devlin Barrett and Danny Yadron, “New Level of Smartphone Encryption Alarms Law Enforcement,” The Wall Street Journal, September 22, 2014.
Case Background: In re a Residence in Aptos, Calif.
In this case, law enforcement seized an encrypted iPhone, Alienware laptop, and Transcend 1TB external hard drive from the defendant, Mr. Spencer. Despite extensive efforts, the FBI was unable to decrypt the devices. The government applied for an order under the All Writs Act, 28 U.S.C. § 1651, to compel Mr. Spencer to provide the passwords. The court held that the Fifth Amendment did not bar the order because the government had established that Mr. Spencer’s knowledge of the passwords was a “foregone conclusion.”
Prior Warrant Extensions and Failed FBI Decryption Efforts
The government had previously obtained two warrant extensions due to the encryption challenges. FBI Special Agents Hadley and Marceau documented their unsuccessful decryption efforts. The court ultimately ruled that the foregone conclusion doctrine applied, allowing the government to compel Mr. Spencer to decrypt the devices.
The Fifth Amendment and Encryption
The Fifth Amendment protects individuals from being compelled to testify against themselves. However, courts have ruled that this protection does not extend to the production of physical evidence, such as passwords, if the government can demonstrate that the existence and location of the evidence are already known. This principle is known as the foregone conclusion doctrine.
Where the Fifth Amendment and Technology Cross Paths:
“[L]aw enforcement’s investigative capabilities may be outpaced by the speed of technological change, preventing investigators from accessing certain information they may otherwise be authorized to obtain. Specifically, law enforcement officials cite strong, end-to-end encryption, or what they have called warrant-proof encryption, as preventing lawful access to certain data. Companies employing such strong encryption have stressed they do not hold encryption keys. This means they may not be readily able to unlock, or decrypt, the devices or communications—not even for law enforcement presenting an authorized search warrant or wiretap order.” Law Enforcement and Technology: The “Lawful Access” Debate, Cong. Rsch. Serv., IF11769, at 2 (Jan. 16, 2024), https://www.congress.gov/crs-product/IF11769.
Key Legal Precedents
Several federal court cases have addressed the intersection of encryption and the Fifth Amendment. Below are five notable cases:
1. United States v. Apple MacPro Computer, 851 F.3d 238 (3d Cir. 2017)
In this case, the Third Circuit held that the foregone conclusion doctrine applies to compelled decryption. The court ruled that if the government can demonstrate with “reasonable particularity” that the defendant knows the password, the Fifth Amendment is not implicated. The court emphasized that the act of providing a password does not constitute testimonial communication if the government already knows the defendant possesses the password.
2. In re Grand Jury Subpoena Duces Tecum Dated Mar. 25, 2011, 670 F.3d 1335 (11th Cir. 2012)
The Eleventh Circuit applied the foregone conclusion doctrine in a case involving encrypted data. The court ruled that the government could compel decryption if it could show independent knowledge of the existence and location of the data. This case reinforced the principle that the Fifth Amendment does not protect against the production of physical evidence when the government’s knowledge renders the defendant’s testimony a foregone conclusion.
3. United States v. Fricosu, 841 F. Supp. 2d 1232 (D. Colo. 2012)
In this case, the district court compelled the defendant to decrypt a laptop. The court ruled that the Fifth Amendment did not apply because the government had established that the defendant was the sole user of the laptop and knew the password. The court emphasized that the act of decryption did not constitute testimonial communication under the Fifth Amendment.
4. In re Grand Jury Subpoena, Dated Apr. 18, 2003, 383 F.3d 905 (9th Cir. 2004)
The Ninth Circuit applied the foregone conclusion doctrine in a case involving encrypted files. The court ruled that the government could compel decryption if it could demonstrate independent knowledge of the files’ existence and location. This case established the standard of “reasonable particularity” for the government’s knowledge.
5. United States v. Sideman & Bancroft, LLP, 704 F.3d 1197 (9th Cir. 2013)
In this case, the Ninth Circuit reiterated the importance of the foregone conclusion doctrine in the context of encrypted data. The court ruled that the government could compel decryption if it could show with reasonable particularity that the defendant knew the password and possessed the encrypted data.
Several federal district court decisions within the Ninth Circuit that squarely involve law enforcement’s inability (or difficulty) in accessing encrypted devices and the resulting legal issues (Rule 16, Fourth/Fifth Amendment, All Writs Act, etc.):
squarely involve encrypted hard drives protected by whole‑disk / volume encryption (TrueCrypt or VeraCrypt), with the court’s treatment of the encryption issue:
In Re Grand Jury Subpoena Duces Tecum, 670 F.3d 1335 (11th Cir. 2012) (the Eleventh Circuit “TrueCrypt” case) Multiple laptops and external hard drives were seized; forensic examiners could tell the drives had been encrypted with TrueCrypt and could see only random‑looking data, but “were unable to recover any data” because of the encryption. The government subpoenaed Doe to produce the “unencrypted contents” of the drives. The Eleventh Circuit held that compelling Doe to decrypt and produce the contents would be a testimonial act protected by the Fifth Amendment, and that the government had not satisfied the foregone‑conclusion doctrine because it could not show with reasonable particularity what, if anything, was on the encrypted volumes. The civil‑contempt order was reversed.
United States v. Search, No. 3:17-mj-70656 (N.D. Cal. Mar 20, 2018) – VeraCrypt‑encrypted laptop and external drive Agents seized an Alienware laptop and a Transcend 1TB external hard drive, both protected by VeraCrypt; the FBI “tried and failed to bypass the VeraCrypt software” and confirmed that VeraCrypt had no developer backdoor, leaving the government unable to access large encrypted partitions. Proceeding under the All Writs Act, the government sought an order compelling Spencer to decrypt three devices (including these drives). The court granted the application, holding that Spencer’s knowledge of the passwords and his control over the devices and their contents was a foregone conclusion, so the Fifth Amendment privilege was not implicated by a decryption order.
United States v. A 2TB HITACHI HARD DRIVE SERIAL NUMBER YFGNBBTA AND LABELED HD-2, No. 1:18-mj-00307 (M.D.N.C. May 10, 2019) – VeraCrypt full‑disk encryption Investigators seized a 2TB Hitachi hard drive (“the Device”) that Burns had encrypted with VeraCrypt; extensive attempts by law enforcement and a forensic lab could not decrypt it. The government moved under the All Writs Act to compel Burns to produce the Device in an unencrypted state. The court found that Burns had admitted downloading and storing child pornography on the encrypted drive and that the record established the existence, location, and his control of the data with sufficient particularity. Applying the foregone‑conclusion doctrine, the court held the Fifth Amendment did not bar compelling decryption and granted the application, ordering Burns to decrypt the VeraCrypt‑encrypted drive.
United States v. Keith Novak, 2017 U.S. App. LEXIS 14654 (8th Cir. 2017) – TrueCrypt‑encrypted external hard drive. In a child‑pornography prosecution, agents seized Novak’s laptop and an external hard drive. Encryption software made the files on the drive “difficult to detect and view” until agents discovered that the drive contained a TrueCrypt‑encrypted volume. The FBI’s cryptographic unit eventually identified the password and, inside the encrypted volume, found thousands of files in alphabetized folders, including a folder containing hundreds of child‑pornography images and videos. On appeal, Novak argued lack of knowledge of the encrypted content and blamed others; the Eighth Circuit affirmed his conviction, upholding (among other things) a willful‑blindness instruction premised in part on his use of TrueCrypt and his technical sophistication.
United States v. Mejia, No. 3:25-cr-00981 (S.D. Cal. Jul 25, 2025) The government seized the defendant’s iPhone but could not access the encrypted contents despite efforts to decrypt it. The court held that because the government had “no knowledge of or access to the encrypted data,” that data was not within its “possession, custody, or control” for Rule 16(a)(1)(E) purposes and denied the defendant’s motion to inspect the encrypted contents.
United States v. Andrade, No. 3:20-cr-00249 (N.D. Cal. May 10, 2024)
The government seized Trezor cryptocurrency hardware wallets that belonged to the defendant and argued it could not provide access because they were encrypted without the password. The court rejected that position under Rule 16, holding the wallets were in the government’s “possession, custody, or control” and ordered the government to provide the defendant access to the encrypted wallets, noting the government could, if it wished, separately move to compel the password.
United States v. Kopankov, No. 3:19-cr-00178 (N.D. Cal. May 11, 2023) An iPhone was seized pursuant to a warrant; multiple forensic labs initially “were unable to unlock the device.” The FBI then ran a long‑term “brute force” attack and, years later, succeeded in obtaining the passcode and used GrayKey to extract ~22 GB of data. The court held that continuing the brute‑force unlocking and extraction after the warrant’s time limits had expired was an unconstitutional search, and suppressed the phone data.
United States v. Sullivan, No. 1:17-cr-00104 (D. Haw. Sep 4, 2020) Investigators extracted some data from “iPhone #1,” but a large portion remained in an encrypted partition that could not be analyzed without the passcode. The IRS “never had access to the passcode” and thus was “not able to analyze the data” in the encrypted portion; the defendant declined to provide the passcode. The court relied on this posture in rejecting a due‑process‑based sanctions motion, while recognizing the defendant could not be compelled to provide the passcode and simultaneously claim the information was unavailable.
Agents seized multiple devices, including an iPhone 7, an Alienware laptop, and a Transcend external drive, several of which were “encrypted in whole or in part.” The FBI was unable to bypass VeraCrypt encryption on the laptop and external drive and could not access large volumes of data. On the government’s All Writs Act application, the court granted an order compelling the defendant to decrypt the devices, holding under the “foregone conclusion” doctrine that the testimonial aspects of decryption did not implicate the Fifth Amendment. United States v. Search, No. 3:17-mj-70656 (N.D. Cal. Mar 20, 2018).
In re Residence in Oakland, Cal., 354 F. Supp. 3d 1010 (N.D. Cal. 2019) The government sought a warrant authorizing agents to compel “any individual” present at a residence to apply biometric features (finger, thumb, face, iris) to unlock seized digital devices. The court denied the application as overbroad and held that using a biometric to unlock an encrypted device is testimonial: it functions like a passcode and “concedes that the phone was in the possession and control of the suspect,” thus implicating the Fifth Amendment. The court rejected reliance on the foregone‑conclusion doctrine and emphasized that the government’s difficulty accessing encrypted phones does not justify infringing the privilege against self‑incrimination.
United States v. White Google Pixel 3 XL cellphone in a black Incipio case, No. 1:19-mj-10441 (D. Idaho Jul 26, 2019) After seizing a locked Pixel phone that could be opened only by passcode or fingerprint, the government sought a warrant authorizing officers to press the suspect’s fingers on the sensor to unlock it. A magistrate judge denied the application on Fifth Amendment grounds; on review, the district court reversed, holding that compelling a fingerprint to unlock the encrypted phone was a non‑testimonial seizure of a physical characteristic and did not violate the Fifth Amendment, even though it was sought precisely because officers could not otherwise access the encrypted contents.
United States v. Shaw, No. 3:15-cr-00227 (D. Or. Mar 1, 2016) The government executed a warrant on several computer hard drives that were all encrypted; because the defendant refused to decrypt them, the government “has been unable to access the data located on the drives” and did not know whether they contained child pornography. The court refused to order the defendant to decrypt the drives, recognizing the potential Fifth Amendment problem of forcing him to choose between decryption and his right against self‑incrimination, but did order that defense counsel and an expert be given “reasonable access” to examine the encrypted drives at a government facility.
e.
Conclusion
The issue of encryption and the Fifth Amendment continues to evolve as courts grapple with the balance between individual rights and law enforcement needs. The foregone conclusion doctrine has emerged as a key legal principle in these cases, allowing courts to compel decryption when the government can demonstrate independent knowledge of the evidence. As technology advances, courts will likely face new challenges in applying these principles to emerging forms of encryption and data protection.
