RIP Act Part III

From ORG Wiki

Jump to: navigation, search

Report of the Interception of Communications Commissioner for 2008 Presented to Parliament by the Prime Minister pursuant to section 58(6) of the Regulation of Investigatory Powers Act 2000 Ordered by the House of Commons to be printed 21 July 2009.

Contents

[edit] What is it?

Gives the power to police forces to ask for the disclosure of encryption keys, or force suspects to decrypt encrypted data. A person instructed to disclose keys can be prevented from telling anyone else about it, except an attorney.

RIP Act Part III gives Law Enforcement the power to serve notices requiring that encrypted material be "put into an intelligible form" (or as everyone else would say, decrypted). Under some circumstances the notices can require that encryption keys are handed over. After the Home Office consultation on a Code of Practice for its operation, it came into force in October 2007. See: Draft SI in force 1 October 2007 and
Code of Practice - Part III: investigation of electronic data protected by encryption etc commentary

[edit] Executive Summary

RIPA was came into force in 2000, but Part 3 was only came into force in 2007 after a consultation. The consultation received the same negative comments during the consultation that the legislation received when first brought before the commons, but this time with less press coverage. There are concerns that the legislation will have negative effects on business, plus objections from encryption experts that it will fail to achieve its objective while introducing new problems.

There is very little encryption and what the police do find, they can usually defeat using password guessing software.

It's worth scanning Regulation of Investigatory Powers Act before reading in depth about part III.

The government had held back from bringing Part 3 into effect for five years, but Liam Byrne (brand new) Home Office minister of state promised Parliament that he would activate Part 3 after a consultation.

Simon Watkin (home office) "Public consultation on draft codes of practice for both Part I Chapter II and Part III of RIPA will open in the week commencing 5 June."

The return of the Crypto Wars.

Part 3 of RIP Act gives the police powers to order the disclosure of encryption keys, or force suspects to decrypt encrypted data. Anyone who refuses to hand over a key to the police would face up to two years' imprisonment. Under current anti-terrorism legislation, terrorist suspects now face up to five years for withholding keys.

Bob Spink MP (Mole Valley) (Con) brought forward a motion to increasing the sentence up to ten years for suspected paedophiles because for a paedophile the alternative penalty, if the information was turned over, would often be five years or more and, frequently, having to go on the sex offenders list. The government said they liked the idea and that it was time to activate Part 3 of the act but that there should be a consultation first, Bob Spink agreed and withdrew the motion.

From the Home Office FAQ on RIPA "The measures in Part III are intended to ensure that the ability of public authorities to protect the public and the effectiveness of their other statutory powers are not undermined by the use of technologies to protect electronic information."

[edit] Problems and Concerns

Your average individual could easily come into problems because they had lost a key: how do you prove to the police that you do not have the key and you can not decrypt the data?

In the worse case situation someone accidentally emails you an encrypted message that you do not possess the key to decrypt. The police then arrest you and instruct you under part 3 of the RIP bill to decrypt the message and hand over the key. You are unable to do this as you do not have the key so now you face a 3 year jail sentence as you can not prove the negative that you do not have the key.

For banks the most controversial part is not the requirement to decrypt encrypted data, but that the police can require that the keys used to do the encryption are handed over. Authorities tracking the movement of terrorist funds could demand the encryption keys in use by a bank through which those funds might be moving, thereby laying bare that bank's files on everything from financial transactions to user data.

A London School of Economics report, commissioned by the Confederation of British Industry, estimated that the law will cost UK industry £46bn over the next five years as businesses move their electronic dealings offshore, and new ventures go elsewhere in search of a more secure trading environment.

Simon Davies, visiting fellow at the London School of Economics, said

"The main issue is the loss of trust in international business dealings. If an overseas partner can't guarantee a high level of security, it simply won't do business with the UK."

The economic impact of the regulation of investigatory powers bill An independent report prepared for the British Chambers of Commerce.

The argument is, at heart that only a complete clueless security officer would ever permit a multi-national financial institution to keep their master keys in the UK. Hence security jobs -- looking after those master keys -- will migrate elsewhere and hence, eventually, so will the rest of the HQ staff; with a consequent effect on the UK economy.

Richard Clayton a security expert from Cambridge University

"The notion that international bankers would be wary of bringing master keys into UK if they could be seized as part of legitimate police operations, or by a corrupt chief constable, has quite a lot of traction," ... "With the appropriate paperwork, keys can be seized. If you're an international banker you'll plonk your headquarters in Zurich."

June 08, 2006 the draft code of practice has come out.

Peter Fairbrother

"This isn't a Code of Practice - it's just a repetition of RIPA in different words."
"It is, as ever, almost impossible to prove ‘beyond a reasonable doubt’ that some random-looking data is in fact ciphertext, and then prove that the accused actually has the key for it, and that he has refused a proper order to divulge it,"

Richard Clayton

"The Home Office appear sensitive to the suggestion that every financial institution will remove their keys (and hence a lot of jobs) from the country,"
"There is a brand new safeguard in that the head of the Financial Services Authority must now countersign requests. But this only applies to "financial services" and not to, say, a company like Ebay, or a British competitor."
"It gets worse. There is a brand new suggestion that demanding keys might become commonplace — when there might otherwise be doubt as to whether a decryption has been done correctly. This means that instead of asking for keys being highly exceptional, as parliament clearly intended, it will in fact become common," said Clayton.

Analyses a variety of bad scenarios by Dr C. H. Lindsey

Nicholas Bohm

But doesn't the availability of plausible deniability products like TrueCrypt render all this moot? (Not to mention MOOT.) The prosecution cannot prove that there are keys they have not been given, provided they are given at least one.

[edit] Are these powers really needed?

wtwu of Spy Blog points out Last year's annual reports mandated under RIPA, by both the the then Interception Commissioner Sir Swinton Thomas and the then Intelligence Services Commissioner Lord Brown of Eaton-under-Heywood both contained this identical paragraph:

"However, the use of information security and encryption products by terrorist and criminal suspects is not, as I understand, as widespread as had been expected when RIPA was approved by Parliament in the year 2000. Equally the Government's investment in the National Technical Assistance Centre - a Home Office managed facility to undertake complex data processing - is enabling law enforcement agencies to understand, as far as necessary, protected electronic data."

See Report of the Intelligence Services Commissioner for 2004 - Lord Brown of Eaton-under-Heywood and Report of the Interception Commissioner for 2004 by the Rt.Hon. Sir Swinton Thomas.

[edit] Background

There was a mini-debate in the Commons on the 10 May 2006 about changing the sentence for RIP Part III offences when the encrypted material. House of Commons debate Wednesday, 10 May 2006

Sir Paul Beresford (Mole Valley) (Con)

Many of the images are in the form of videos or DVDs or are on computers. Increasingly, they are kept on remote storage. Some of the computers that the police collect have no hard drives at all. They are driven or initiated by a disk and the information is stored remotely. Increasingly, the information is hidden by encryption. We used to have simple encryption, but we have moved to 128 bit and, even more, to 256 bit encryption. The software is freely available on the internet and relatively easy to use. Essentially, it is unbreakable.
The other thing that particularly alarms me is that Vista, which is the replacement for Windows OS, is due out generally next year. Once that system is on board the security is such that, when the computer is turned off, it automatically encrypts all the information on it so that when the police collect the computer and turn it on, they cannot break through the encryption. Some information can be destroyed, preventing access by the police. The police clearly need access for obvious reasons. They need to seek evidence against individuals and, frequently - -- because offenders sometimes work in packs or groups -- against others. In a way, perhaps it is even more important that the police can identify the children in the photographs and movies. Once those children have been located, it is possible to seek care and counselling for them to try to bring them back into a normal life. There is some evidence that abused children go on to become abusers themselves.
The new clause deals with encrypted data found on computers and storage in cases where the police believe that the encrypted data contains abusive images of children. It does not create any new offence or scheme, but rather amends the sentencing regime under section 53 of the Regulation of Investigatory Powers Act 2000, which is commonly known as RIPA. Part III requires a person to comply with a notice issued by the police to hand over the encryption key for protected data. The penalty for a breach is two years, but that is ludicrous for a paedophile because the alternative penalty, if the information was turned over, would often be five years or more and, frequently, having to go on the sex offenders list. Accordingly, it is unlikely that an offender who has indecent and abusive photographs of children on his computer would comply with the notice. To achieve compliance, we need to step up the penalty, so I suggest that such offenders should be liable for up to 10 years' imprisonment, which is the penalty for contravening section 1 of the Protection of Children Act 1978 -- there is thinking and a link behind the idea.
The new clause would simply raise the sentence if a court was satisfied that it was more than likely that the majority of the encrypted data consisted of indecent photographs of children. I suggest that the civil burden is permissible because the offence would be not possessing the photographs of children, which would be punished separately, but the failure to hand over the key. The higher sentence would apply only when one of two thresholds was passed: first, that the computer had non- encrypted indecent photos of children or a child on it, as an indication; or, secondly, that the person had been previously convicted of an offence contrary to section 1 of the Protection of Children Act 1978 or section 160 of the Criminal Justice Act 1988.

Liam Byrne Home Office minister

The use of encryption is, as the Hon. Member for Mole Valley pointed out, proliferating. Encryption products are more widely available and are integrated as security features in standard operating systems, so the Government have concluded that it is now right to implement the provisions of part 3 of RIPA, including section 53, which is not presently in force.
The threat to public safety posed by terrorist use of encryption technology was recognised in section 15 of the Terrorism Act 2006, which increased the maximum penalty for the section 53 offence to five years in a national security case. The Government will therefore publish for consultation a draft statutory code of practice for the investigation of protected electronic data and the exercise of powers in part 3 of RIPA.
We have previously given an undertaking to bring forward proposals in line with new clause 2 in the context of consulting on the implementation of part 3, and we shall shortly begin those consultations. We remain very sympathetic to what the new clause is designed to do, but we want to allow an opportunity for public consideration and comment on the proposals first, before implementing any legislative changes.

[edit] History

See Crypto Wars.

In September 2003, Home Secretary David Blunkett announced wide-ranging extensions to the list of those entitled to see information collected under the RIPA. The list now includes job centres, local councils, and the Chief Inspector of Schools. Civil rights and privacy campaigners have dubbed these extensions a "snoopers' charter".


[edit] Links

[edit] People

Richard Clayton, Computer Laboratory, University of Cambridge was the first person to point out that the Minister has now promised Parliament that he will turn on Part III of RIP after a Real Soon Now consultation. He is also quoted in Tom Espiner's ZDNet UK article and in many articles since.

Professor Ross Anderson, chairman of the Federation for Information Policy if it involves encryption and you have not talked to Ross you have not done your homework. Ross Anderson on Wikipedia

Simon Watkins, Covert Investigations Policy Team, Home Office, simon.watkins@homeoffice.gsi.gov.uk

[edit] Documents

[edit] News

2009-02-11 - Telegraph - Councils to be given power to snoop on calls and emails
Author: Tom Whitehead
Summary: Towns halls, along with police, security services and other public bodies will be able to view "communications" details of any one suspected of crime. But critics fear the move will simply pave the way for authorities to spy on millions of citizens and taxpayers. The power is contained in a new statutory order quietly laid before parliament yesterday.
2008-12-16 - ZDNet - Home Office to review DNA database, RIPA
Author: David Meyer
Summary: The Home Office will conduct a review of the Regulation of Investigatory Powers Act early next year, home secretary Jacqui Smith announced on Tuesday. Smith told members of Intellect, the UK IT-trade association, that the purpose of the review would be to bring RIPA powers "in line with tests of safeguards, openness, proportionality and common sense". Proposed revisions of RIPA could affect which public authorities can use the act's powers, and "[raise] the bar for how those powers are authorised, and who authorises their use".
2008-07-23 - Kable - Communications data requests top half million
Summary: Public authorities made 519,260 requests for communications data in 2007, an annualised increase of more than a half. The figure was published in the annual report of the interception of communications commissioner Sir Paul Kennedy. In the last nine months of 2006, he said that 253,557 requests for communications data were made of communication service providers, and last year's figure was 54% higher on an annualised basis.
2008-01-24 - OUT-LAW - RIPA could be challenged on human rights
Summary: The Government's new powers to force the handover of encryption keys could be vulnerable to a legal challenge under the Human Rights Act's guarantee to a fair trial. People who refuse keys or passwords face up to five years in jail. The Regulation of Investigatory Powers Act (RIPA) was changed last autumn to allow police to force people to hand over passwords or keys to encrypted data. Refusal to do so is a criminal offence carrying a penalty of two years in jail, or up to five years if the issue concerns national security. One criminal law specialist has told technology law podcast OUT-LAW Radio that the law could be challenged under the Human Rights Act, though he also warned that such a challenge could fail under legal tests set out by the European Court of Justice (ECJ).
2007-11-14 - The Register - Animal rights activist hit with RIPA key decrypt demand
Author: John Leyden
Summary: Section Three of the Regulation of Investigatory Powers Act (RIPA) came into force at the start in October 2007, seven years after the original legislation passed through parliament. Intended primarily to deal with terror suspects, it allows police to demand encryption keys or provide a clear text transcript of encrypted text. ... The contentious measure, introduced after years of consultation, was sold to Parliament as a necessary tool for law enforcement in the fight against organised crime and terrorism. But an animal rights activist is one of the first people at the receiving end of a notice to give up encryption keys. Her computer was seized by police in May, and she has been given 12 days to hand over a pass-phrase to unlock encrypted data held on the drive - or face the consequences.
2007-10-03 - The Register - UK police can now force you to reveal decryption keys
Summary: Users of encryption technology can no longer refuse to reveal keys to UK authorities after amendments to the powers of the state to intercept communications took effect on Monday (Oct 1). The Regulation of Investigatory Powers Act (RIPA) has had a clause activated which allows a person to be compelled to reveal a decryption key. Refusal can earn someone a five-year jail term. Part III of RIPA was in the original Act but was not activated. The Home Office said last year that it had not implemented the provision because encryption had not been as popular as quickly as it had predicted. It launched a consultation which culminated in Part III being made active on 1st October. The measure has been criticised by civil liberties activists and security experts who say that the move erodes privacy and could lead a person to be forced to incriminate themselves.
2007-10-02 - The Enquirer - UK coppers empowered to demand your encryption keys
Author: Nick Farrell
Summary: All you data is now belong to the plod. FROM today it is a crime to refuse to decrypt data for coppers investigating a crime. Under part three, Section 49 of the Regulation of Investigatory Powers Act (RIPA) if Inspector Knacker of the Yard knocks on your door and wants to have a snuffle on your hard drive and finds a blob of encrypted code he can make you decode it. If you refuse, and the copper is investigating acts of terrorism, you could be eating five years of porridge at her Majesty's Pleasure. If it just happens to be an ordinary crime that the copper is investigating you could be up for two years jailtime.
2007-10-01 - ars technica - UK can now demand data decryption on penalty of jail time
Author: Ken Fisher
Summary: New laws going into effect today in the United Kingdom make it a crime to refuse to decrypt almost any encrypted data requested by authorities as part of a criminal or terror investigation. Individuals who are believed to have the cryptographic keys necessary for such decryption will face up to 5 years in prison for failing to comply with police or military orders to hand over either the cryptographic keys, or the data in a decrypted form. Part 3, Section 49 of the Regulation of Investigatory Powers Act (RIPA) includes provisions for the decryption requirements, which are applied differently based on the kind of investigation underway. As we reported last year, the five-year imprisonment penalty is reserved for cases involving anti-terrorism efforts. All other failures to comply can be met with a maximum two-year sentence.
2007-07-19 - PC Pro - Laptop searches "unconstitutionally invasive"
Author: Stewart Mitchell
Summary: If the police raided your home and demanded access to your hard drive they'd need a warrant, but beyond your four walls it's open season on your data. A recent US case in which Customs officials rifled through a teacher's laptop has highlighted that authorities have a different view of laptop data privacy than their citizens. "Our laptop computers contain vast amounts of personal information about our lives. You may do your banking on your computer or send email to your doctor about health concerns," says Electronic Freedom Frontier lawyer Lee Tien. "Travellers shouldn't be subjected to unconstitutionally invasive searches of their laptops and other electronic devices just because they're crossing the border." ... "The European Court of Human Rights has warned several times that member states should be 'particularly vigilant where the authorities are empowered to order and effect searches without a judicial warrant'. UK powers seem to fall short of this requirement if applied to searching laptops for information." The obvious solution for anyone worried about police officers rifling through their data is to encrypt files, but this could lead to more serious repercussions - even imprisonment. Politicians are keen to push through the controversial Part III of the Regulation of Investigatory Powers Act (RIPA), which could demand data decryption. "There's currently no obligation to decrypt," says Richard Carter, resident security expert at Cambridge University. "There are provisions for this in RIPA, but they've never been brought into force, mainly because there were flaws that the City of London campaigned against."
2007-07-10 - Computing - Encryption key laws could soon be activated
Summary: Legislation to force the release of software encryption keys could be activated soon, according to new Home Secretary Jacqui Smith. The Regulation of Investigatory Powers Act (RIPA) provides police and security services with the power to require the production of keys, with a maximum prison sentence of up to five years. The power was included in the legislation five years ago but has not yet been activated. In response to a question in the Commons from Conservative MP Sir Paul Beresford, Smith said a review is underway and a decision will be made soon. ‘I understand that we are looking at that specific matter to bring it forward,’ she said. Beresford said that paedophiles often encrypt material so the police cannot gain access to it. ‘The police have been waiting about five years for the statutory instrument relating to encryption and the RIPA act. When will they get it?’ he said.
2006-08-20 - zone-h - Getting Spied the European Way
Author: Massimo Cotrozzi
Summary: While the US are secretly undergoing eavesdropping activities over national and international communications (considered unconstitutional by a federal judge some days ago), including in depth analysis of financial transactions (all transactions, because "it's difficult to determine which ones are related to terrorism, just take the whole bunch and do it yourself), the UK police have asked the activation of Part 3 of the Regulation of Investigatory Powers Act provoking a big reactions from experts and associations, in an attempt to investigate upon a huge amount of computers that have been seized and lie waiting to be examined with their hard drive encrypted.....
2006-08-16 - ZDNet - RIPA could cause new wave of cyber attacks
Author: Steve Ranger
Summary: Security expert warns that malware could lead to mayhem through 'virus ate my password' claims or innocent users being targeted. The introduction of legislation to crack down on criminals using encryption to hide their tracks could also leave users open to new forms of electronic attacks, according to one expert.
2006-08-16 - IT Week - Ripa law may expose firms to blackmail
Author: James Murray
Summary: Proposed changes to the Regulation of Investigatory Powers Act (Ripa) giving police powers to make suspects produce "intelligible" copies of encrypted computer files could make firms vulnerable to new forms of electronic attacks, experts warned this week.
2006-08-16 - The Register - Ex-peer still seething over ID Cards and RIPA
Author: Mark Ballard
Summary: Andrew Phillips joined a debate at the Scrambling for Safety conference this week about outstanding elements of the controversial Regulation of Investigatory Powers Act (RIPA), which amongst other things will give authorities the right to intercept electronic communications and decrypt encrypted data. RIPA was the first piece of legislation he saw when he joined the Lords in 1998, and he was still debating its loose ends in the weeks before he resigned his seat last month.
2006-08-15 - ZDNet - Why you should care about the RIP Act
Author: Graeme Wearden
Summary: With police officers poised to get the power to seize encryption keys, how will this affect you and your business?
2006-08-15 - ZDNet - Turning the tide against RIPA
Summary: Proper handling of encrypted evidence shouldn't mean throwing away the key. After six years on the shelf, the controversial Part III of the Regulation of Investigatory Powers (RIP) Act is about to be activated. This would make it illegal to fail to produce encryption keys on demand: should the suspect be unable to do so, they would have to prove that this is because they could not rather than they would not.
2006-08-15 - BBC - Police decryption powers 'flawed'
Summary: The government faces criticism over plans to give police powers to make suspects produce readable copies of encrypted computer evidence.
2006-08-15 - Slashdot - Backlash Against British Encryption Law
Summary: The BBC is reporting on some backlash against the British Regulation of Investigatory Powers Act (RIPA) that came into force in 2000, which makes it a criminal act to refuse to decrypt files on a computer. Not surprisingly, the bugaboos of child p0rnography and terrorism, while unquestionably heinous, are being used to justify a law which does little to protect against either. Lord Phillips of Sudbury is quoted 'You do not secure the liberty of our country and value of our democracy by undermining them, that's the road to hell.
Note: Although the law was passed in 2000 it still has not come into force yet as it needs to be in acted by parliament.
2006-08-14 - The Register - Public debate on electronic snooping
Summary: Privacy campaigners have have called a public meeting to discuss laws drafted to give police access to peoples' encrypted data and communications records.
2006-06-15 - Spy Blog - RIPA news - more officials to be added to the list of authorised snoopers and Sir Charles Mantell appointed as a Surveillance Commissioner
Summary: This Monday 19th June, the House of Lords is set to rubber stamp a couple of Draft Statutory Instruments relating to the Regulation of Investigatory Powers Act 2000. The Draft Statutory Instruments adds about a dozen new types of official to the list people who are authorised to request Communications Traffic Data i.e. itemised phone bills, subscriber details, internet log files etc.
2006-06-12 - The Times - Punishing silence
Summary: Child s e x offenders should not be allowed to hide behind their computer. Punishing silence is a dangerous concept and should be rejected in all but severe cases. But the consultation paper circulated by the Home Office sets out the hurdles, designed to protect the innocent, which prosecutors would have to jump.
2006-06-09 - Spy Blog - RIPA Part III consultation
Author: wtwu
Summary: The Home Office has published, with as little fanfare as possible (paper published on Tuesday, press release only on Friday), the threatened public consultation on RIPA Part III - after a delay of over 6 years!
2006-06-08 - ZDNet - Government wants your view on encryption keys
Author: Tom Espiner
Summary: The Government has launched a public consultation into a draft code of practice for a controversial UK law that critics have said could alienate big business and IT professionals.
2006-05-23 - Computer Weekly - RIP revival could cause IT headaches
Author: Cliff Saran
Summary: The government has revived plans to give the police powers to demand encryption keys from individuals and businesses. Home office minister Liam Byrne told parliament that the Home Office intended to enforce measures in the Regulation of Investigatory Powers (RIP) Act that require disclosure.
2006-05-22 - IT Week - Legal changes may turn IT staff into criminals
Author: James Murray
Summary: Proposed changes to the Regulation of Investigatory Powers Act (RIPA) and Computer Misuse Act (CMA) could inadvertently criminalise many IT professionals, legal and security experts have warned. Aslo mentions
2006-05-22 - bit-tech.net - Brit Spooks want your crypto keys
Author: Wil Harris
Summary: Consultation has begun on the introduction of a law that will allow the Police to force suspects to release the keys to decode encrypted communications. Part Three of the Regulation of Investigatory Powers Act allows suspects to be thrown in the clink for two years if they refuse to hand over keys that would allow the decryption of dodgy-looking communications.
2006-05-22 - RISK OS News - ROS app could scupper encryption law
Author: Chris Williams
Summary: Birmingham University's Dr Nat Queen said: "This attack on personal privacy can be defeated by programs that provide plausible deniability. I for one will never hand over encryption keys or encrypted data which I don't want anyone else to see."
2006-05-19 - Infoshop News - UK: Government to force handover of encryption keys
Author: Arch Stanton
Summary: Businesses and individuals may soon have to release their encryption keys to the police or face imprisonment, when Part 3 of the RIP Act comes into effect.
2006-05-19 - ZDNet UK - Anger over encryption key seizure threat
Author: Graeme Wearden
Summary: More then 600 people took part in a poll on ZDNet UK, which asked whether they supported the government's plans. Nearly 90 percent said they opposed the idea, with eight percent saying they were unconvinced and just two percent backing the government.
2006-05-19 - The Register - Government wants encryption key offence in force
Author: OUT-LAW.COM
Summary: The government plans to bring into force a controversial power that can require the disclosure of an encryption key on pain of five years' imprisonment. The power has lain dormant for six years; but its time has come, Home Office Minister Liam Byrne said.
2006-05-19 - Spy Blog - RIPA Part 3 - "UK Crypto wars" debate to resume?
Summary: We would advise anyone interested in strong Cryptography to lobby the Minister of State for Policing, Security and Community Safety and Members of Parliament before the Home Office publishes its Draft Code of Practice.There is every danger that the Home Office will seek to "publicly consult" only with "stakeholders" such as the vested interests of the Government , Police and Intelligence Agencies, and to pretend that their views are somehow balanced by the vested commercial interests of large Telecommunications and Internet Service Provider companies.
2006-05-18 - IT Week - Government gets tough on encryption
Author: Matt Chapman
Summary: The UK government is finally ready to pass the third section of the 2000 Regulation of Investigatory Powers Act, which will make it a crime not to disclose computer security keys if requested to do so by law enforcement agencies.
2006-05-18 - ars technica - UK wants power to demand encryption keys
Author: Peter Pollack
Summary: Note that much of the controversy surrounding Part 3 has to do with the fact that it doesn't force users to decrypt, but actually allows police to request the master key for encrypted files. Anyone who refuses to comply with the request can be imprisoned for up to two years. In a terrorism investigation, that penalty can be increased up to five years of jail time.
2006-05-18 - ZDNet UK - Government to force handover of encryption keys
Author: Tom Espiner
Summary: The UK Government is preparing to give the police the authority to force organisations and individuals to disclose encryption keys, a move which has outraged some security and civil rights experts.
2006-05-18 - Slashdot - UK Government Wants Private Encryption Keys
Summary: "Businesses and individuals in Britain may soon have to give their encryption keys to the police or face imprisonment. The UK government has said it will bring in the new powers to address a rise in the use of encryption by criminals and terrorists."
2003-11-06 - ZDNet UK - Parliament 'didn't understand RIP Act'
Author: Graeme Wearden
Summary: Peers have expressed their alarm about government attempts to widen the scope of the Regulation of Investigatory Powers Act, claiming the passing of the original law was 'a nightmare'
2001-04-04 - ZDNet UK - Government backtracks on encryption enquiry
Author: Wendy McAuliffe
Summary: Despite accepting its own taskforce recommendation two weeks ago, the Home Office now says there will be no independent enquiry into the effects of the controversial RIP Act
2000-10-24 - Guardian - The RIP Act
Author: Julian Glover and Patrick Barkham
Summary: What is the RIP Act? Why is it so controversial? What are the key areas of controversy? Will the act compromise e-commerce? What do other countries do?
2000-07-14 - Financial Times - RIP, R.I.P.
Summary: "....the best way of dealing with this misconceived piece of legislation would still be to scrap it....The danger is that the only criminals caught by the new RIP powers will be stupid and technologically illiterate...The RIP bill will make the UK the sole G8 economy to allow state access to decryption keys."
200-06-14 - vnunet - RIP Bill will 'cost UK economy £46 billion'
Author: Joe Devo
Summary: The government has been warned that it risks costing the UK economy £46 billion over the next five years unless it makes substantial changes to its Regulation of Investigatory Powers Bill.

See the FIPR RIP Information Centre for many more press stories back in 2000.

Retrieved from "http://wiki.openrightsgroup.org/wiki/RIP_Act_Part_III"
Personal tools