Belfast Project: Jonathan Zittrain on Cryptography for Archives

Professor Jonathan Zittrain had a very interesting op-ed in the Globe recently on lessons of the Belfast Project case for archivists. He suggests the development and use of what he calls “time-capsule cryptography” to protect archives from the subpoena power of a court.

The idea is not just that the material should be encrypted. Encryption alone would not solve the problem, since whoever has the key to decrypt the information would himself be subject to legal compulsion and could be required to disclose the key (assuming that the person holding the key is not himself subject to criminal charges, and thus that there is no constitutional issue about self-incrimination). In time-capsule cryptography, no one has the ability to decrypt the information until a certain condition (e.g., the passage of a certain period of time) has occurred. Alternately, the key could be broken up, so that several people’s fragments of the key would be necessary to decrypt the information, and those people could agree not to reveal their key fragments until a specified condition (e.g., the death of an interviewee) had occurred.

This is a creative and useful idea, though in a case like the Belfast Project it doesn’t really solve the problem. Suppose that A. interviews B., and B. admits to killing C., and suppose that the interview is tape recorded and the tape held by D. It may be that if the interview is encrypted using a method like the methods Zittrain suggests, the tape may be worthless to prosecutors and thus a subpoena to D. may be meaningless. But A. himself is subject to a subpoena, too, and could be compelled to testify to B.’s statements to him. So in a case like the Belfast Project, Zittrain’s idea works only if we assume that A. would refuse to testify even if required by law to do so. I leave it to the reader to decide whether this is a good idea.

24 responses to “Belfast Project: Jonathan Zittrain on Cryptography for Archives”

  1. Alejandro Manevich

    Ted, I am completely appalled by Prof. Zittrain’s article in the Globe. I do not mean to question his qualifications, his scholarship, or his good intentions—but were I unaware of the author, I would have thought his piece was written by someone perched uncomfortably close to the “sovereign citizen” extreme end of libertarian ideology.

    While it is clothed in language of balance and moderation, what Prof. Zittrain advocates is nothing less than citizens deliberately using technological means to defy court orders. Were this placed in the context of civil disobedience against a profoundly unjust state, I would understand the premise, though I would disagree that it has any relevance to the U.S. (or Canada). But that does not appear to be his thesis. Unless I misunderstand him, he proposes that Americans should have be able to put relevant evidence beyond the reach of any court where they think their privacy or other interests are more important.

    Pardon me, but: is this for real? In a functioning democracy, if one believes state action – a court order, a law, an executive act, and so on—is illegitimate, the remedy is to challenge it in court or to seek to curb the state’s power through the democratic process, not simply to refuse to comply. In Canada, and I would think in the U.S. as well, hiding or destroying evidence can be obstruction of justice, and deliberately breaching a court order is grounds for contempt. There are good reasons for that. Having all citizens pick and choose which subpoenas they will comply with is not privacy. It is chaos.

    Beverley McLachlin, now Chief Justice of the Supreme Court of Canada, summed it up pretty well in Canada (Human Rights Commission) v. Taylor, [1990] 3 S.C.R. 892, where she stated:

    If people are free to ignore court orders because they believe that their foundation is unconstitutional, anarchy cannot be far behind. The citizens’ safeguard is in seeking to have illegal orders set aside through the legal process, not in disobeying them.

    I am still shaking my head about this. Is this a fundamental difference between the U.S. and the Canadian legal cultures? Or is Prof. Zittrain really proposing that citizens be able to subvert the rule of law at will, purportedly to defend their individual rights?

    I would strongly encourage you or other readers to straighten me out. What am I missing?


    1. Alex, thanks for the comment. I think everything depends on the timing. If, at the time that I encrypt data in the way Professor Zittrain suggests, I am not subject to any subpoena (and if, to be on the safe side, I don’t have any reason to believe that one is reasonably in prospect), then I’m not disobeying a court order; and if I am compelled to testify, I can truthfully say that I am unable to provide the key to decrypt the data. So what’s the problem? As I note in my post, though, this only gets you so far, because even if I can’t provide the unencrypted data or a key to permit someone else to decrypt it, if I know the underlying facts, I can still be compelled to testify. Then the question becomes one of privilege, and as the Belfast Project case showed, there is no “oral historian’s privilege” that would allow a witness in that situation to refuse to answer questions.

      I don’t think Professor Zittrain is advocating that anyone encrypt data after receiving a subpoena so as to put it beyond the reach of the parties issuing the subpoena. That would be a contempt of court.

      1. Alejandro Manevich

        I certainly give Prof. Zittrain credit for not supporting encryption after having received a court order—that would obviously be a bridge too far. But with all due respect, it smells of sophistry to say that it’s fine as long as the bailiff hasn’t yet knocked on your door. The proposal is that citizens be able to put certain information or documents beyond the reach of courts (or other arm of the state) in anticipation of the possibility that such a demand might be made, and with the expressed intention of frustrating such a demand. Canadian law, and I expect U.S. law as well, has carefully tailored protections for certain categories of information, and that apply irrespective of the presence of any demand for that information: solicitor (i.e. attorney) and client privilege, for example. But none of these protections, to my knowledge, contemplate an individual having unfettered, unilateral power to decide what information or documents are covered.

        Prof. Zattrain’s proposition is akin to having a technologically-enforced “privacy privilege”, if you will, covering whatever the individual wants it to cover. And if a court disagrees, should that individual be allowed to say, terribly sorry, your Honour, my hands are tied? I don’t buy it for a minute—not when the individual tied his own hands ahead of time, on purpose. That would be a new kind of legal chutzpah for the Internet age.


        1. Thanks, Alex. I think that’s an important take on things, but I don’t really agree. The law already accounts for your concern, I think, by imposing obligations on people once there is a reasonable prospect of a subpoena. If I have reason to think a subpoena is on the way, then I can’t flush my documents down the toilet as long as they’re destroyed before I’m actually served with the subpoena. I don’t see a case for extending the obligation beyond that point. I don’t think I have the obligation to keep my private papers “subpoena-ready,” so to speak, just in case.

          1. Alejandro Manevich

            Ted, let me pose the question a different way, as I don’t think there are many apt precedents for this. What other mechanisms exist to protect information from any hypothetical future subpoenas, assuming destruction is not an option?

            The only way that immediately comes to mind is to move it to a jurisdiction where blocking legislation precludes the possibility of obtaining it through letters rogatory. That may offer a useful analogy. I do not have any detailed knowledge of current U.S. law on this, but I understand that at least some of the leading cases have expressed the concern that parties should not be entirely free from sanction where they have made documents inaccessible to the court even if it was done before the litigation had commenced or was reasonably anticipated: see e.g., Societe Internationale v. Rogers, 357 U.S. 197, 204-205 (1958); see also the discussion of the Canadian uranium cartel cases in Thomas Murley’s 1982 Fordham Law Review paper, “Compelling Production of Documents in Violation of Foreign Law”. That would suggest to me that courts have recognized the kind of policy concern that such a cryptographic mechanism would create.


            1. Thanks Alex. I haven’t read the Murley paper, but I think the issue here is quite different from the issue in Rogers. As the court noted there: “[W]e do not view this situation as fully analogous to one where documents required by a production order have ceased to exist or have been taken into the actual possession of a third party not controlled by the party ordered to produce, and without that party’s complicity.” It was within the party’s power to produce the documents in Rogers, though it might suffer a bad consequence if it did so. It’s not within the power of someone who does what Zittrain suggests to produce the documents, which is the whole point of his proposal.

            2. Another thought: by your logic, the common practice of having a “document retention policy” (in reality really a document destruction policy) should be illegal. That can’t be right, I think.

    2. Chris Bray

      The shorter way to express Alejandro Manevich’s argument would be, “All within the state, nothing outside the state, nothing against the state.”

      He writes: “In a functioning democracy, if one believes state action—a court order, a law, an executive act, and so on—is illegitimate, the remedy is to challenge it in court or to seek to curb the state’s power through the democratic process, not simply to refuse to comply.”

      Legal historians call this view of law and the state “legal centralism,” and it’s absurd wherever and however it appears. State-managed order is parallel to, and interwoven with, the order produced by a robust civil society—institutions that operate outside the power of the state. Academic scholarship has a deep and powerful contribution to make to human societies, and that contribution is badly limited if scholarship merely becomes an adjunct to police power—if all sensitive scholarship is simply available to government whenever it wishes to borrow it for the purpose of inflicting punishment on citizens.

      What’s at stake in the case of the Boston College subpoenas is democratic pluralism, a richly layered social order in which many kinds of institutions work well and play a substantial social role. As the state advances into every corner of human activity, civil society becomes thin and brittle. Open the archives to subpoenas, and you effectively close the archives for scholarly purposes.

      No one is stopping the Police Service of Northern Ireland from going out and conducting interviews with former IRA members over the murder of Jean McConville. They have chosen not to do so, and instead intrude into scholarship, securing poor evidence in the criminal justice context while damaging useful material in the context of historical scholarship.

      Only lawyers could look at this absurdly destructive abuse of police power and fret only that it was damaging to the formal processes of state power.

      1. Thanks, Chris. I think both of you are wrong about this. Alex is wrong for the reasons I’ve given: I don’t see any obligation to keep my personal papers in a format that makes them easy to subpoena, though of course I think that once you receive a subpoena you can’t then take steps to put the papers beyond the state’s reach. But I disagree with you, too, insofar as I think that if the documents do exist, and if they are not privileged, then they are discoverable via a subpoena. Your point is that such documents should be privileged, but that issue has already been decided by the courts. And “it is emphatically the province and duty of the judicial department to say what the law is.” In other words, it’s for the courts, not historians, to say what is and is not privileged under the law. If you don’t like the law, write to Congress. Congress can change the law on this, and in fact I think there’s a serious effort underway to get a reporter’s shield law passed. (Though I don’t know that it would cover oral historians!)

        1. Chris Bray


          By that standard, no one authorized Hollywood screenwriters to withhold names of fellow leftists from Joe McCarthy’s Senate committee — they just defied legitimate congressional subpoenas. Civil rights protesters who sat in at segregated Southern lunch counters didn’t have a proper court order permitting them to do that — they just openly broke the law.

          The law, and government, are valid and proper sources of order. So are others. Sometimes it is necessary and entirely proper to refuse to comply with the law.

          In the United States, many academics have simply refused to comply, the choice Alejandro Manevich identifies as being invariably improper. Many pre-Stonewall investigations aimed to identify and imprison people over their sexual behavior — would compliance have been proper while the government was hunting gays and lesbians?

          1. Well, let me give you a quick paraphrase of my legal positivist answer: just because the law is an ass doesn’t mean it’s not the law. Sure, it may be morally right to break the law sometimes, but that doesn’t mean you aren’t breaking the law or that you won’t be punished for breaking the law.

            I agree with you that an independent sphere for scholarship is essential. And you may be right that politically, the PSNI MLAT request in this case was a bad idea. But as I said, if you want folks in Moloney & McIntyre’s position to be protected from subpoenas, take it up with your representatives in Congress.

        2. Chris Bray

          To put it another way, I don’t intend to argue over whether or not archived research materials are or should be legally privileged; I just argue that they shouldn’t be turned over, whether the courts agree or not.

          1. Well, that’s fine. I think you’re just saying that sometimes civil disobedience is morally justified even if not legally justified. Granted.

  2. My partner Dan Lyne pointed out that you could arrange things to avoid the problem identified. Suppose that A. simply puts B. in a room with instructions to turn on the tape recorder and speak his mind. Then a subpoena to A would also be useless, though it’s questionable whether it would make sense for a journalist or an oral historian to organize things this way.

  3. Alejandro Manevich

    Let me try this again. I must be quite off my game today, as I seem to be doing a terrible job of being clear about what I do and don’t object to in Prof. Zittrain’s proposal. I am quite used to being told I am talking out of my hat, but I would prefer it not be on the basis of something I didn’t think I said.

    I do not in any way mean to equate the proposal to having a document destruction policy. What I object to is advocating a mechanism whose sole purpose and effect is to circumvent any potential future legal compulsion to provide information. That was how I understood Prof. Zittrain’s article, anyway. If Prof. Zittrain meant “time capsule cryptography” to be analogous to a document destruction policy, then my criticism would be quite different. It may well be that there are reasons why one might develop and implement a time capsule cryptography scheme that have little or nothing to do with putting information beyond the law’s reach; I profess no particular knowledge about that, and would be happy to have others educate me. But the way it was contextualized in his article indicated to me that his proposal’s focus was on how to ensure that information is immune from any law or court. That doesn’t sound like a generalized document destruction policy to me.

    Nor do I deny the existence of the dilemma that Prof. Zittrain identifies, and I am sorry that I led Mr. Bray to believe that I think otherwise. (As an aside, it does make me smile when non-lawyers throw out the phrase “only a lawyer could …” as if it were an ad hominem attack. Please forgive me if I take the accusation that I think like a lawyer as a rather flattering compliment.) Yes, there is obviously a tension between individual privacy and any number of state or other private interests. However, the question is only partly where the line should be drawn; it’s also about who should draw that line. I may have left the impression that I was talking about the former, when my concern is in fact with the latter. For what it’s worth, my own policy preferences are likely far closer to Mr. Bray’s than he might think. But my preferred solution is to effect those preferences by changing the law, not by prospectively defying it. I agree wholeheartedly with Ted that the law may often be an ass, but it is still the law.

    I have tried—a bit artificially, I admit—to set aside the question of civil disobedience, so Mr. Bray’s criticism of my view on this point is well-taken. It’s a complex question. I guess all I can say is that I don’t believe that the United States in 2014 can be usefully compared, for purposes of this discussion, to the antidemocratic state abuses of 50 or 60 years ago. Others may well disagree, or think me terribly naive, or simply uninformed (I haven’t lived in the U.S. since 1992, so that last one probably has a lot of truth to it). Nonetheless, that’s why I have assumed away that part of the problem by taking as a given the existence of the rule of law. As I understand it, at least from a Canadian perspective, part of the rule of law is that we accept the legitimacy of laws and institutions because they are democratic—they are our creation, not something imposed on us from the outside – and apply equally to all. If I am concerned about increased governmental power to gather what used to be considered private information (and if it matters, I am), I would certainly try to use the democratic process to pass laws imposing controls on that power, and the courts to argue that the use of that power is not justified in a particular circumstance. But adding a cryptographic fortress to that mix, and presenting it as a defence against the potential application of laws we dislike or future court orders we disagree with—that’s where I have to draw the line.


    1. Thanks Alex. I do think that one of the main reasons, if not the main reason, for having a document retention policy is to avoid making documents available to litigation opponents, which is why I noted it, but it’s true that that’s not the sole purpose of such a policy.

    2. Chris Bray

      I appreciate this response, and the detail of your discussion. I don’t mean to describe your thinking as that of a lawyer because I intend an ad hominem attack; rather, I think we’re continuing a discussion I’ve been having with Ted Folkman in which I say, as a historian, that I’m looking at history rather than the law, and Ted says (I’m putting words in his mouth) that he’s looking at the law rather than the history of resistance to the state, or something to that effect. We’re arriving from different precincts.

      But once you arrive at the conclusion that researchers can’t reasonably protect sensitive information from the courts, it’s hard to see any structural way to prevent research from becoming police activity. I’ve been thinking about a recent essay from an oral history researcher in which she said this about the lessons of the Boston College subpoenas:

      “If an interviewee says something incriminating during a testimony, the interviewer has a duty to stop the tape and erase that part from the record. This can put limits on what oral historians can achieve.”

      But is rewinding the tape to avoid disclosure to the police any more or less destruction of evidence in anticipation of a subpoena than burning the tape a year later? And if you can’t do any of that — if you can’t destroy the tape anyhow, any way once a research subject tells you about his or her involvement in an illegal activity — then you can’t do oral history about sensitive topics without becoming a police detective. “Hello, officer? A research subject confessed to me today. I have the tape for you here at the university.”

      There has to be some reasonable way to protect research subjects, or else there can’t be any further research of this kind. Petitioning government for protection from government seems like asking the shark to not eat you, and the point about a “functioning democracy” seems to me to not describe our current situation. When did Americans vote for the NSA to conduct widespread domestic surveillance of electronic communication?

      I can’t accept the premise that we can’t protect research subjects until the moment when government permits us to do so. Researchers have a duty to protect the subjects of their research – to guard the door against all intruders. I don’t see government agreeing to limit its own power.

      1. “But is rewinding the tape to avoid disclosure to the police any more or less destruction of evidence in anticipation of a subpoena than burning the tape a year later? And if you can’t do any of that—if you can’t destroy the tape anyhow, any way once a research subject tells you about his or her involvement in an illegal activity—then you can’t do oral history about sensitive topics without becoming a police detective.”

        Chris, I think your premise is untrue here. You can destroy the tape unless you’re subject to a subpoena, or, I suppose, unless you think you are about to be. It’s not exactly clear when the duty to preserve evidence kicks in, but to take the Belfast Project as an example, it seems clear to me that if McIntyre had erased the tapes years ago, at the time of the interviews, he would have been entirely within his rights insofar as any later subpoena is concerned.

        You might be interested in the crime of misprison of felony: “Whoever, having knowledge of the actual commission of a felony cognizable by a court of the United States, conceals and does not as soon as possible make known the same to some judge or other person in civil or military authority under the United States, shall be fined under this title or imprisoned not more than three years, or both.” You might say, “aha! That’s exactly what I’m talking about!” The good news is that the statute doesn’t mean what it says. Mere knowledge of the crime isn’t enough. The defendant actually has to take active steps to conceal it before he can be guilty of misprison of felony. Would destruction of the tapes long before any subpoena was in prospect count as concealment under the statute? I think not, but I’m not sure.

  4. Ed Moloney

    if ted folkman was advising the brown family when they were considering legal action against the education board of topeka county, kansas in the 1950’s in an effort to end segregation in schools, i suspect his advice would have been ‘don’t do it. the law is against you.’ modern americans’ fear of the law and especially the agencies which enforce it is so unhealthily strong nowadays that if you were to transplant the modern generation back to the 1770’s i doubt whether there would have been a rebellion against british rule. you’d all still be singing ‘god save the queen’ and calling soccer football if it were up to the ted folkmans of this world. sometimes, in fact a lot of the time, you just have to say ‘fuck the law’!!

    1. Ed, the two examples you chose undermine your argument. Take school desegregation. Who went to the courts for relief? The civil rights activists. Who refused to obey the law after the courts had ruled? Segregationists like Gov. Wallace. No lawyer that I know would say that the law never changes or that it’s wrong to try to change the law through the courts or the legislature. I don’t think, for example, that it was wrong for you and Anthony McIntyre to press your claims in the courts, though I think it was easy to predict the outcome.

      Or take the example of the American Revolution. All revolutions are, by their nature, extra-legal in some sense. But the American Revolution was, in the revolutionaries’ eyes, justified by the British government’s denial of their legal rights as British subjects—the Declaration of Independence has a long list of essentially legal complaints against the king. This is why so many of the leading revolutionaries were lawyers.

      I’m frankly surprised you’ve taken the view you have, since one of my main points in this discussion has been to defend Professor Zittrain’s proposal against the view that it’s illegal to keep one’s personal papers in a form that makes them difficult to obtain by subpoena. Surely you agree? Also, your comment seems to suggest that you think I believe that it’s never okay to disobey the law. But I’ve been very explicit about this in my response to Chris Bray: sometimes there may be a moral obligation to disobey the law. I do say that there can never be a legal obligation to disobey the law, but that’s just a tautology.

      1. Alejandro Manevich

        Ted, I think Mr. Moloney may have meant to refer to me, as my position is probably easier to caricature as craven servility towards the State. If that is the case, I feel no great urge to respond in any detail, as I don’t expect it will be particularly helpful.

        That having been said, Mr. Moloney’s assertion about the American Revolution seems quite fair, at least with respect to me: recall that in Canada, we tend to view that part of our shared history rather differently than Americans do.

        1. Don’t be too sure! He’s been calling me names for a long time now. The basic problem with Moloney & McIntyre’s position, in my view—aside from the law—is that they have been quick to recognize fault in everyone except themselves for the Belfast Project fiasco.

          I won’t argue the American Revolution with a Canadian! Ditto for the War of 1812 and the birthplace of basketball.

      2. Chris Bray


        Dred Scott and Homer Plessy went to the courts for relief, is why I don’t regard that route as the only legitimate one to take.

        The long struggle against white supremacy and racist brutality was mostly a struggle against the police, not the struggle of Southern authority against the federal government that came into the picture in the very late years of the story. Bull Connor was a cop.

  5. […] some people do take that view—check out my dialogue with friend of Letters Blogatory Alejandro Manevich for some thoughts, though I note that the […]

Leave a Reply

Your email address will not be published. Required fields are marked *

Thank you for commenting! By submitting a comment, you agree that we can retain your name, your email address, your IP address, and the text of your comment, in order to publish your name and comment on Letters Blogatory, to allow our antispam software to operate, and to ensure compliance with our rules against impersonating other commenters.