I blogged a lot about this topic a few years ago when the Boucher case was pending; although an appeal was filed in that case in the First Circuit, the appeal was dropped so the appellate court never decided it. In any event, several readers point me to a new decision on the topic, United States v. Fricosu, out of the District of Colorado.

Based on a quick read of the opinion, the legal analysis in the Fricosu opinion is not a model of clarity. But it strikes me as a replay of the district court decision in Boucher: The Court ends up ordering the defendant to decrypt the hard drive, but only because the court made a factual finding that in this specific case, the government already knew the information that could be incriminating — and as a result, was a “foregone conclusion” that dissipated the Fifth Amendment privilege.

If I’m reading Fricosu correctly, the Court is not saying that there is no Fifth Amendment privilege against being forced to divulge a password. Rather, the Court is saying that the Fifth Amendment privilege can’t be asserted in a specific case where it is known based on the facts of the case that the computer belongs to the suspect and the suspect knows the password. Because the only incriminating message of being forced to decrypt the password — that the suspect has control over the computer — is already known, it is a “foregone conclusion” and the Fifth Amendment privilege cannot block the government’s application.

UPDATE: A reader asks what happens if a person refuses to comply with the order or claims to have forgotten the password. Here’s the Second Circuit’s summary of the law in In re Weiss, 703 F.2d 653 (2d. Cir. 1983):