UK Police Can Now Demand Encryption Keys

People in the UK who encrypt their data are now obliged by law to give up the encryption keys to law enforcement officials who request it, under part of the Regulation of Investigatory Powers Act 2000 (RIPA). Section 49 of Part III of RIPA compels a person, when served with a notice, to either hand over an encryption key or render the requested material intelligible by authorities. This section of RIPA was included in the original draft of the Act but was not activated, as encryption was considered not widely used enough at the time to be of sufficient concern. If the order comes as part of a terrorism investigation, refusal can earn someone up to five years in jail, and in other cases refusal to comply could get you a two year sentence.

The new law came into effect on October 1, the same day RIPA forced all telecommunications companies to log details about every call and text message sent and received in the UK for a year. The Home Office claims that this move will aid in the investigation of terrorists as well as criminal gangs and paedophiles. "The measures in Part III are intended to ensure that the ability of public authorities to protect the public and the effectiveness of their other statutory powers are not undermined by the use of technologies to protect electronic information," said a spokesman for the Home Office.

View: Full Story on vnunet.com

Report a problem with article
Previous Story

EU Opens In-Depth Probe of IBM's Telelogic Buy

Next Story

Smart DVD/CD Burner 3.0.84

44 Comments

View more comments

actually there is a thing called the constitution it says government or police may not do search and seizures without cause having encrypted data does not count as having cause. thats why the law was written to prevent big brother.

mircleman said,
actually there is a thing called the constitution it says government or police may not do search and seizures without cause having encrypted data does not count as having cause. thats why the law was written to prevent big brother.

That would work so much better as a comment if the UK had a constitution.

toadeater said,
I couldn't decide which one was better.

My, what stereotypical views you have, grandma!

All the better for stereotyping you with, police-girl...

download snowflakes.exe and say "i was downloading a game, but it turned out to be a virus :(" mwahahahaha! (it kills your drive data and can sometimes do physical damage)

what they mean is, the UK police hackers are crap :)

have they not heard of hardware decryption devices maybe they should talk to the FBI

whocares78 said,
what they mean is, the UK police hackers are crap :)

have they not heard of hardware decryption devices maybe they should talk to the FBI


You lack of knowledge about the strength of modern encryption is humourous.

whocares78 said,
what they mean is, the UK police hackers are crap :)

have they not heard of hardware decryption devices maybe they should talk to the FBI

Maybe you should only post if you know what you are talking about.

To be honest if your not up to anything bad why should you worry? Although some of you seem to be worrying about misuse of power and all that, I seriously doubt the Police would just turn up on normal peoples doors and investigate them without a damn good reason to.....

I like the idea of the Police having more powers, maybe it'll help them crackdown on actual crimes more rather than spending all their time doing paperwork, though I doubt it sadly :disappointed:

In my opinion to have social order you need tighter controls (can anyone guess the film? :cheeky: )

I'm so scared ... now the next time I'm under police investigation and a flash drive is called into evidence and my lawyer fails to prove I've actually lost the key, I'm going to have to give them the password or go to jail. :(

Listening to some people - you'd think they have no idea of the law and think you'll be stopped on the streets for carrying a flash drive.

If you want to prove Britain is a police state, there are better laws than this ...

Tell me, how is it any different than the police getting into your home to search for evidence (with a warrant) of course?

But I'll give the obligatory crap post anyway: wez is su luky we get constituten!! yu if tey tri tis wit me i shoooot em up homey! socialism!

RAID 0 said,
Tool.

Of what?

Law & Order?

A copper can't just walk up and demand the key to your flash drive you know, you and it would have to be implicated in a crime.

God bless freedomland.

SimpleRules said,

Of what?

Law & Order?

A copper can't just walk up and demand the key to your flash drive you know, you and it would have to be implicated in a crime.

God bless freedomland.

I'm picking up your sarcasm.

what happens if you have a encrypted file from years ago and they find it and assume you must be a terrorist as you wont give them the password you dont remember.
Thats what concerns me, if you forget the password what the hell can you do other then go to jail.
Its a stupid law as they should just have master keys and then the problem is gone. No one can be incarcerated for having a bad memory.

There is a "forgotten" loop hole, its for the lawyers to duke out.

They won't assume you're a terrorist, they'd need evidence and also they can't just ask for keys in the event of any old crime ...

Master Keys? They'd be subject to less judicial oversite, it would be a bigger privacy invasion and make all encryption for nought.

Wow how many paraniod people do we have here?

This is a great law for cases where a criminal (e.g paedophile, terroist) has encrypted files on their PC that could potentially evidence on their PC. Police are now able to demand the encryption key to easily decrypt it without having to spend time and resources breaking the encryption themselves, unlike before where they were simply able to refuse to give the encryption key if it suited them. Yes, there will be cases where the suspect genuinely doesn't know their encryption password but this law will provide more of an incentive not to withhold it (their encrypted files can usually be decrypted eventually anyway).

Alternatively we could just scrap this law and spend more tax payers money decrypting systems simply becuause of paraniod neowin users who think the law could somehow apply to them if they are law abiding citizens.

Finally, do you really think that the police will have the time or resources to use this law on people who haven't committed any offence? Why not just stop and think about how much the benefits of the law outway the negatives before you go moaning about the country turning into a police state.

I can't help feeling that those who so desperately need to encrypt and not tell the law agencies their key are already in a world of trouble, and so the prospect of another five years in prison seems a little senseless.

if you go to jail for 5 years, yeh PC progress I know, but say you use the most modern encryption now and use a huge huge HUGE key that would take thousands of PCs like 20 years to crack... surely with all technology progression you would be released after 5 years n they would be like "just need to wait about 11 years while we finish bruteforcing your key" haha, now thats an idea for something in a comdey film ;D

haha you people make me laugh, im quite happy for the police to go through my comp, i don't have anything to hard and they aint going to pick random people they will build up a case overtime and then seize a computer, its not a
"oh today im going to takes someones computer and see if they are a terrorist"

its for if they have a logn term investigation and believe someone already to be a terrorist of have recieved inelligence form someone that someone may have somethign on a computer the police should investigate...


i mean how many of you have been to court, i work for the Youth Offending Team and see some of the worst kids of today in court every Monday and Friday and i can tell you now, out court system is very llenient... and they really do work on the system of innocent to proven guilty, if you knew what some kdis got let off, or got away with and even police themselves are lenient... anyway thats jsut my personal experience...

and just so you know, something as small as someone go to court for possesing class c drugs takes over 4 months to hit court for evidences gathering, statements and so on.. and then nearly another month if they plead not guilty...

redmanmark86 said,
i mean how many of you have been to court, i work for the Youth Offending Team and see some of the worst kids of today in court every Monday and Friday and i can tell you now, out court system is very llenient... and they really do work on the system of innocent to proven guilty, if you knew what some kdis got let off, or got away with and even police themselves are lenient... anyway thats jsut my personal experience...

come down here, where the police will arrest you for anything, including pee-ing up a tree in the middle of no-where, come on its better there than on a road or something.

Commenting is disabled on this article.