A few days ago I took note of State v. Levie, in which Levie was convicted of solicitation of a child to engage in sexual conduct, which included taking nude photos (Mere Presence of Encryption on PC Relevant to Criminal Acts). Levie had appealed the case in part based on the district judge allowing evidence that a common cryptography program was on Levie's computer.
Prof. Orin Kerr takes issue with the characterization of the case as holding that the presence of a cryptography program is relevant evidence of a crime (Myth of Crypto as a Crime).
Obviously, the idea that using encryption necessarily reflects criminal activity is rather silly; Internet users use encryption all the time for all sorts of legitimate reasons. As many critics of the new decision have noted, it makes no sense to see encryption as inherently linked to crime. But contrary to the blogospheric common wisdom, no court ever said it was. [emphasis in original]
Kerr argues, instead, that the court was using the presence of the cryptography program as evidence that Levie was a sophisticated computer user, which would explain why the police found no child pornography or nude child photos on his computer.
Although the opinion is not clear on this, it's not hard to imagine why the contents of the computer were relevant. The girl had testified that the defendant had put nude pictures of her on his computer, but no pictures were recovered. The defense presumably argued that the lack of pictures showed the niece was lying. The government pointed to the Internet search terms as corroboration, and argued that the lack of photos on the defendant's computer only reflected the fact that he was savvy enough to get rid of the images, hide them, or encrypt them because he knew the police were coming. The evidence of the defendant's careful effort to hide the files and evade law enforcement was the downloaded text of the state statute and the copy of PGP. Not slam-dunk evidence, obviously, but not entirely irrelevant.
That is certainly the argument I would make about the interpretation of this case should the issue rise again, but I'm not sure that is really what is going on. As Kerr notes, "the opinion is not clear on this".
Were there encrypted files on the computer or not? The district judge says, "evidence tends to show that an encrypting capability was employed by the Defendant", but there is no mention of what the evidence might be, other than the presence of PGP on the computer. Were there encrypted files? Were there erased files? Were those erased files encrypted? Any evidence of that nature would end the legal discussion pretty darn quickly. Since it isn't mentioned, we can presume that there wasn't. If you don't have any evidence of actual encryption going on and either erasure or transfer of the encrypted files, it is hard to see how mere presence of a program that "may be included on every Macintosh computer that comes out today" according to the State's own witness is relevant here.
If the presence of PGP simply shows that one is a sophisticated computer user, why mention only PGP? Wouldn't there be other evidence of sophistication? Again, the state's own witness testified that PGP "may be included on every Macintosh computer that comes out today," which wouldn't prove one wit about the user's sophistication, unless one presumes that Macintosh users are, by definition, sophisticated. One wonders how sophisticated this guy was, since he didn't completely wipe his browser.
As for hiding files, PGP is no evidence of that either. PGP encrypts files, it doesn't hide them. If Levie had a "military-grade" disk-erasing program, that would be clearly relevant, but there's nothing like that in the record.
Even if the evidence of PGP was excluded, it doesn't mean Levie goes free. The error wasn't prejudicial, and there was plenty of other evidence to hang a conviction on.