Letter: Official snoopers in cyberspace

Sir: The last government issued in March a consultation paper for proposed legislation on public use of encryption and related matters. We are at risk of allowing bad law to be passed. Time is short as the Government requested responses by the end of May.

The core of the proposals is that for any two unrelated entities to exchange secure electronic communication would require the use of a Trusted Third Party (TTP). These TTPs would hold copies of everyone's encryption keys. At the request of the authorities the TTP would have to supply specified keys within one hour. It is as if all householders had to deposit a key to their house with, say, a local bank (and be charged for the privilege) and the police were allowed to request the keys and gain access to your house at short notice, without any reference to you or any independent legal representation.

How can we be sure that once the authorities have obtained a set of encryption keys these will be used solely for the detection of crime? A law similar to that which governs search warrants would be suitable, so that on presentation of a suitable warrant one is obliged to provide, to the authorities, the plain text of any specified encrypted communications or be held in contempt of the courts.

The proposals have the potential to make secure communication between unrelated parties prohibitively expensive for the vast majority of the public. I welcome the introduction of regulated TTPs, but one does question why the Government feels it is essential to have access to all electronic communications when if I choose to send encrypted material through the traditional postal service no third party has right of access to the plain text.


Ashford, Kent