Interesting People mailing list archives
Re: withold password, go to jail
From: David Farber <dave () farber net>
Date: Wed, 12 Aug 2009 18:26:52 -0400
Begin forwarded message: From: Nicholas Bohm <nbohm () ernest net> Date: August 12, 2009 5:53:48 AM EDT To: dave () farber net Subject: Re: [IP] withold password, go to jail Reply-To: nbohm () ernest net Dave Farber wrote:
Begin forwarded message:From: David Magda <dmagda () ee ryerson ca> Date: August 11, 2009 12:21:41 PDT To: David Farber <dave () farber net> Subject: withold password, go to jail For IP?"The Register" is reporting that two people in the UK have been convicted under Section 49 of the Regulation of Investigatory Powers Act (RIPA),Part III:Two people have been successfully prosecuted for refusing to provideauthorities with their encryption keys, resulting in landmark convictionsthat may have carried jail sentences of up to five years. [...] Sir Christopher [Rose] reported that all of the [fifteen] section 49 notices served over the year--including the two that resulted inconvictions--were in "counter terrorism, child indecency and domesticextremism" cases.http://www.theregister.co.uk/2009/08/11/ripa_iii_figures/It may be prudent to follow Bruce Schneier's advice and create a random key on a USB stick and mail it someone else, so you can honestly say youdon't know the key:There's another solution, one that works with whole-disk encryption products like PGP Disk (I'm on PGP's advisory board), TrueCrypt, and BitLocker: Encrypt the data to a key you don't know.http://www.schneier.com/essay-279.html Any legal scholars around? If you don't know the pass phrase to yourencrypted data, but do know where the key file is, can you withhold /that/information from the police?
In the UK the answer is that you cannot withhold that information without committing an offence.
See section 50 of the Regulation of Investigatory Powers Act 2000:(8) Where, in a case in which a disclosure requirement in respect of any protected information is imposed on any person by a section 49 notice-
(a) that person has been in possession of the key to that information but is no longer in possession of it,
(b) if he had continued to have the key in his possession, he would have been required by virtue of the giving of the notice to disclose it, and
(c) he is in possession, at a relevant time, of information to which subsection (9) applies,
the effect of imposing that disclosure requirement on that person is that he shall be required, in accordance with the notice imposing the requirement, to disclose all such information to which subsection (9) applies as is in his possession and as he may be required, in accordance with that notice, to disclose by the person to whom he would have been required to disclose the key.
(9) This subsection applies to any information that would facilitate the obtaining or discovery of the key or the putting of the protected information into an intelligible form.
Nicholas Bohm -- Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 870285 (+44 1279 870285) Mobile 07715 419728 (+44 7715 419728) PGP public key ID: 0x899DD7FF Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- withold password, go to jail Dave Farber (Aug 11)
- <Possible follow-ups>
- Re: withold password, go to jail David Farber (Aug 12)