disclosure of crypto keys

[David Swarbrick]

In message <199902020005.AAA21179@server.eternity.org>, Adam Back
<aba@dcs.ex.ac.uk> writes
>
>Nicholas Bohm writes:
>> At 07:34 PM 2/1/1999 +0000, David Swarbrick wrote:
>> >We already have the answer. The Police and Criminal Evidence Act allows
>> >a constable to require the handing over of files in 'legible' form.
>> 
>> It allows a constable to require, but provides no penalty for failure to
>> comply.  
>
>Ah that's good news indeed.  So we can hand over a PGP dump.  It's not
>legible to them but that's their problem.  If one handed over a note
>book written in or hand written notes in code, similarly it would be
>their problem.
>
>I think this sounds very reasonable.  Absent certain obligations
>(eg. financial accounting requirments to keep records for x years,
>etc) I see no special reason why one should be required to keep ones
>correspondence in a form which is useful to the police -- I keep
>information for my own use, not for the use of hostile third parties.
>
>If I am presumed innocent, why would I be required to keep information
>in a form useful to law enforcement agents.  The `law', and especially
>some over-zealous law enforcement type's view of it, includes all
>manner of things which I personally might not think morally right or
>even sane!  I think it unreasonable that one should be deputised to
>keep a wire tap log on oneself.
>
>> >I do not think anyone now argues for more than access to plain text. The
>> >context might require holding of private keys, but the concern is not to
>> >get your key, but the text.
>
>I think if it's in ciphertext you shouldn't have any obligation to
>hand over the key.  A better metaphor for discussing ciphertext would
>be to consider it a note to oneself which happens to lack context
>making it readily understandable to a third party.  You are not
>obliged to explain what it means.  Therefore I would argue you are not
>obliged to provide the key.
>
I think you cannot have read the paragraph you quoted. I doubt they will
want your key (well ok they might _want_ it). I anticipate that we will
get a beefed up version (with penalty) of the old PACE provision. They
will say "We have reason to believe that this file represents
information we have a right to see. Dec-crypt it or face a penalty. If
you want to argue, do it in court'

There will be difficulties, contradictions, and conundrums, but none
enough to stop it being imposed, and, I think, effective.

-- 
David Swarbrick, Solicitor. Brighouse, West Yorkshire.
Tel: +44(0)1484 722531 Fax: +44(0)1484 716617
e-mail david@swarb.demon.co.uk 
http://www.swarb.co.uk/ (Office) http://www.swarb.demon.co.uk/ (Home)
Home of the law-index to 8800+ cases - 'damn fine webbery"