Electronic Telegraph, Issue 1380, Saturday 6 March 1999 Police Want Keys to Decode Private E-Mail By Robert Uhlig, Technology Correspondent The Government was accused yesterday of rushing through legislation that could allow it unprecedented powers to access and decrypt any person's private e-mail, inspect digital communications, and investigate data stored on their computers. Stephen Byers, the Trade Secretary, and Jack Straw, the Home Secretary, proposed legislation that will make it an offence not to decipher confidential material on demand during a police inquiry. Industry has three weeks to respond to their proposals, published as part of a consultation document on electronic commerce, which asks for help from industry in setting up a secure legal framework for trading on the Internet and via electronic links. Mr Byers said a Bill on electronic commerce, encompassing new encryption and data-policing proposals, will be published after Easter. In the hope of making Britain the world centre for electronic commerce, the Department of Trade and Industry wants to introduce legislation that will end the days of people using pen and paper to make contracts. "Developing trust on-line, building public confidence in electronic signatures and clarifying their legal status are essential if we are to promote electronic commerce," Mr Byers said. "Encryption is vital to this way of supporting electronic signatures as well as protecting the confidentiality of documents." However, the Home Office is concerned that encryption poses a serious threat to the police's ability to intercept and read stored and communicated communications sent between criminals and terrorists. "As, increasingly, such data becomes encrypted, agencies need access to the keys to unlock any material they lawfully obtain," Mr Byers said. "We therefore intend to give those agencies legal powers to obtain encryption keys, under properly authorised procedures and on a case by case basis, wherever they are held." The Government has faced an uphill battle with proposals for laws to govern digital signatures and the use of encryption software to keep digital data confidential. Other countries, notably America and France, have backed down on proposals that would allow them access to their citizens' private communications. Soon after the election, the Government rescinded a manifesto pledge not to require companies and individuals to use key-escrow, a system requiring decryption keys to be deposited with a third party. The consultation paper proposes a voluntary licensing scheme for businesses which provide electronic signature services, but industry and academia are concerned that any attempt to force individuals and companies to deposit their encryption keys with the authorities will undermine public confidence in electronic commerce. Yesterday Michael Wills, a trade minister responsible for key-escrow policy, said the idea was on hold, but "not dead and buried". He added that it was up to industry, which has lobbied hard against key-escrow, to come up with alternatives. John Wadham, the director of the human rights group Liberty, said: "I'm glad the Prime Minister realises that compulsory key-escrow is not an acceptable solution. It's like suggesting that the police should be able to steam open your mail after you've put it in the post box." The law at present allows the police or other authorities to intercept telephone calls or other digital transmissions. But any digital data can be encrypted using computer software, making it almost impossible to read without the correct key, which will be known only to the sender or recipient of the message. The Government wants to secure the right to demand someone's key, if it intercepts an encrypted message that it thinks is illegal or is being used for illegal purposes. Responding to the paper, the Law Society warned the Government not to regulate electronic transactions differently from the rest of business. Copyright of Telegraph Group Limited 1999.
