Re: withold password, go to jail

[David Farber <dave () farber net>]

Begin forwarded message:

From: Nicholas Bohm <nbohm () ernest net>
Date: August 12, 2009 5:53:48 AM EDT
To: dave () farber net
Subject: Re: [IP] withold password, go to jail
Reply-To: nbohm () ernest net

Dave Farber wrote:
> Begin forwarded message:
>
> > From: David Magda <dmagda () ee ryerson ca>
> > Date: August 11, 2009 12:21:41 PDT
> > To: David Farber <dave () farber net>
> > Subject: withold password, go to jail
> >
> > For IP?
> >
> > "The Register" is reporting that two people in the UK have been  
> > convicted
> > under Section 49 of the Regulation of Investigatory Powers Act  
> > (RIPA),
> > Part III:
> >
> > > Two people have been successfully prosecuted for refusing to provide
> > > authorities with their encryption keys, resulting in landmark  
> > > convictions
> > > that may have carried jail sentences of up to five years. [...]
> > >
> > > Sir Christopher [Rose] reported that all of the [fifteen] section 49
> > > notices served over the year--including the two that resulted in
> > > convictions--were in "counter terrorism, child indecency and  
> > > domestic
> > > extremism" cases.
> >
> > http://www.theregister.co.uk/2009/08/11/ripa_iii_figures/
> >
> > It may be prudent to follow Bruce Schneier's advice and create a  
> > random
> > key on a USB stick and mail it someone else, so you can honestly  
> > say you
> > don't know the key:
> >
> > > There's another solution, one that works with whole-disk encryption
> > > products like PGP Disk (I'm on PGP's advisory board), TrueCrypt, and
> > > BitLocker: Encrypt the data to a key you don't know.
> >
> > http://www.schneier.com/essay-279.html
> >
> > Any legal scholars around? If you don't know the pass phrase to your
> > encrypted data, but do know where the key file is, can you  
> > withhold /that/
> > information from the police?

In the UK the answer is that you cannot withhold that information  
without committing an offence.

See section 50 of the Regulation of Investigatory Powers Act 2000:

(8) Where, in a case in which a disclosure requirement in respect of  
any protected information is imposed on any person by a section 49  
notice-

      (a) that person has been in possession of the key to that  
information but is no longer in possession of it,

      (b) if he had continued to have the key in his possession, he  
would have been required by virtue of the giving of the notice to  
disclose it, and

      (c) he is in possession, at a relevant time, of information to  
which subsection (9) applies,

the effect of imposing that disclosure requirement on that person is  
that he shall be required, in accordance with the notice imposing the  
requirement, to disclose all such information to which subsection (9)  
applies as is in his possession and as he may be required, in  
accordance with that notice, to disclose by the person to whom he  
would have been required to disclose the key.

(9) This subsection applies to any information that would facilitate  
the obtaining or discovery of the key or the putting of the protected  
information into an intelligible form.

Nicholas Bohm
--
Salkyns, Great Canfield, Takeley,
Bishop's Stortford CM22 6SX, UK

Phone  01279 870285    (+44 1279 870285)
Mobile  07715 419728    (+44 7715 419728)

PGP public key ID: 0x899DD7FF  Fingerprint:
5248 1320 B42E 84FC 1E8B  A9E6 0912 AE66 899D D7FF




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com