Legal compulsion and crypto

Peter Sommer hcorn at cix.co.uk
Sat, 4 Jul 1998 8:28 +0100 (BST) 

This is what English law has to say about seizure of computer evidence:

Police and Criminal Evidence Act, 1984, s 19:

The section as whole deals with powers of seizure in general;  subsection
4 says:

(4) The constable may require any information which is contained in
a computer and is accessible from the premises [ie premises identified in
the warrant under which the seizure is taking place] to be produced in a
form in which it can be taken away and in which it is visible and legible
if he has reasonable grounds for believing -
 (a) that -
    (i) it is evidence in relation to an offence which he is investigating
or any other offence; or
    (ii) it has been obtained in consequence of the commission of an
offence;
  and
  (b) that it is necessary to do so in order to prevent it being
concealed, lost, tampered with or destroyed


The main thought behind the sub-section appears to be overcome the
practical problems of law enforcement personnel faced with a large
non-portable computer system where the data is held on media which they
are unable immediately to read.  These days of course many computers are
portable and use data media which can be easily read by computer forensics
technicians,  and, certainly as far as PCs are concerned, the routine is
to "image" whole disks;  but bear in mind the section was drafted in 1983.

A number of us have been concerned for some time that PACE s 19(4) could
be extended to cover crypto.  It depends partly on what is meant by
"visible and legible": you could argue that once an encrypted file has
been printed out from electronic storage it is visible and legible even
though the only intelligence any would-be reader would derive is that it
was an encrypted file of a certain length last recorded to electronic
storage media on a particular date.  But at that point you could say that
s 19(4) was satisfied and that if Parliament wanted law enforcement to
have more powers it should say so explicitly.  A second argument would say
that forcing some-one to reveal a key would amount to a breach of the
right to silence.  With the exception of the SFO powers under s 2 of the
Financial Services Act this right still exists, even though a defendant's
exercise of that right can now give rise to adverse comment.

However I am not aware of any attempt to use s 19(4) to breach crypto,
even though I have had a number of cases (indeed have some active ones
now) in which defendants have had encrypted files and disks.  But I'd be
very interested to hear of any relevant experiences from people on this
list.


|---->   Peter Sommer   ------------------------------------------->|
|---->   hcorn@cix.co.uk   P.M.Sommer@lse.ac.uk  ------------------>|
|---->   Academic URL:  http://csrc.lse.ac.uk/csrc/pmscv.htm  ----->|
|---->   Commercial URL:  http://www.virtualcity.co.uk  ----------->|