Research On The Ethics And Legality Of Compelled Decryption Orders In Chinese Courts

03 Nov 2025 --
0 Comments

1. Li Case – Fingerprint Unlock Fraud (SPC Guiding Case)

Background:
Li persuaded multiple victims to use fingerprint authentication on their phones, then exploited the situation to commit fraud by accessing banking apps and transferring money while the victims were incapacitated.

Legal Issue:
Whether using someone’s fingerprint to unlock their device without consent constitutes criminal fraud and whether it counts as unlawful access to electronic data.

Court Reasoning:

The court held that fingerprints are part of a person’s private data and using them without consent constitutes unauthorized access.

Li’s actions were intentional, premeditated, and directly led to financial loss.

Conviction was under fraud and illegal control of computer systems.

Significance:
This case illustrates that Chinese courts treat biometric unlocking as equivalent to accessing electronic systems without authorization, highlighting ethical concerns over bodily autonomy and privacy.

2. Zeng Xingliang and Wang Yusheng – Remote Password Change

Background:
The defendants remotely changed the victim’s smartphone login passwords, making the device unusable and causing disruption to the victim’s life.

Legal Issue:
Whether modifying someone else’s device access constitutes a criminal offense, even without physical theft.

Court Reasoning:

The court ruled that smartphones and similar devices are recognized as part of “computer information systems.”

Interfering with their normal functioning (locking, password changes) falls under destruction of computer information systems.

Significance:
This case set a precedent that interference with access (e.g., password changes) is criminalized, establishing that compelled access and its manipulation are legally significant.

3. Drug Trafficking Case – Fingerprint Unlock

Background:
In a 2017 case, suspects refused to provide their phone passwords. Authorities physically pressed the suspects’ fingers on the device to unlock it, allowing access to incriminating data.

Legal Issue:
Is forced biometric unlocking legally permissible under Chinese criminal procedure?

Court Reasoning:

Chinese law does not provide a strong explicit right against self-incrimination.

Authorities are allowed to extract electronic evidence under the 2016 electronic evidence provisions, including unlocking devices using available biometric features.

Court accepted evidence obtained via biometric unlocking as valid.

Significance:
Illustrates the practical approach of courts: biometric coercion is permissible for law enforcement, raising ethical questions on personal rights vs. evidence collection.

4. Illegal Unlocking Service Case – Third-Party Complicity

Background:
A company provided password and device unlocking services. Some clients used the service to access stolen devices or commit fraud.

Legal Issue:
Whether providing unlocking services implicates third parties as criminal accomplices.

Court Reasoning:

If the service provider knowingly assists in criminal activities, they are liable as joint participants in the crime (fraud, theft, or concealment of criminal proceeds).

Even if not directly involved, knowingly enabling illegal access may attract liability for aiding and abetting.

Significance:
Highlights the courts’ strict approach toward facilitating access to encrypted data and the blurred line between legitimate service and criminal complicity.

5. Blockchain Evidence Preservation Case

Background:
A court used blockchain technology to preserve electronic evidence in a criminal dispute, ensuring that digital data could not be altered during litigation.

Legal Issue:
How to preserve integrity of encrypted digital evidence without forcing decryption.

Court Reasoning:

Court accepted blockchain-preserved data as admissible evidence.

By using blockchain, authorities maintained data integrity without compelling suspects to reveal passwords or decrypt files.

Significance:

Demonstrates a privacy-friendly alternative to compelled decryption.

Emphasizes balancing evidence reliability with personal data protection.

6. Case of Unauthorized Remote Access to Smartphone Apps

Background:
A suspect hacked into multiple victims’ smartphones via network exploits, bypassing passwords and accessing personal data and financial accounts.

Legal Issue:
Is remote unauthorized access considered more severe than forced physical unlocking?

Court Reasoning:

Court applied illegal control of computer systems and theft by electronic means statutes.

Emphasized that bypassing security measures without consent constitutes aggravated criminal activity.

Significance:
Reinforces that both forced and remote access to encrypted data are legally recognized as serious offenses, showing the courts’ intent to protect digital privacy and data security.

Summary of Patterns Across Cases

Biometric vs. Password Access: Courts distinguish between fingerprints/face recognition and memorized passwords. Both can be compelled under certain procedures, but ethical concerns are higher for biometrics.

Third-party complicity: Providers of unlocking services may face criminal liability if involved knowingly.

Technological solutions: Blockchain evidence preservation is emerging as a method to avoid forced decryption while maintaining evidentiary integrity.

Criminal scope: Unauthorized access, password manipulation, and device interference are treated seriously under Chinese criminal law.