Updated version of the CR&CL(UK) letter to the House of Lords (GAK related)

Yaman Akdeniz lawya at lucs-01.novell.leeds.ac.uk
Thu, 29 Jun 2000 12:36:40 +0000 

UPDATE: 

Cyber-Rights & Cyber-Liberties (UK), A Further Open Letter to the 
House of Lords concerning the Regulation of Investigatory Powers 
Bill, 29 June, 2000, at http://www.cyber-rights.org/reports/hl-let2.htm 

This is an updated version of the 27 June letter to the House of Lords 
as on 26 June, 2000 (the day we wrote to the House of Lords), the 
Government introduced a series of amendments in the House of Lords 
in an effort to reduce opposition to this legislation. Since these 
amendments were introduced after we first raised our concerns with 
the House of Lords, this letter repeats our earlier input but with the 
addition of comments on the extent to which the Government 
amendments allay our fears. 

The new sections are in bold and italic text on the web version which 
is at: http://www.cyber-rights.org/reports/hl-let2.htm

We state in the updated version of our letter to members of the House 
of Lords that:

Prior to the changes introduced by the Government the position on 
Government Access to Keys ("GAK") within the Regulation of 
Investigatory Powers Bill was that:

a number of authorities could seize keys or passwords;

at the discretion of these authorities, decrypted text might be 
acceptable in place of a key.

The position with the newly announced Government amendments is:

a number of authorities can obtain access to protected information in 
intelligible form;

at the discretion of those authorities, they can seize keys or passwords.

It can hence be seen that the Government amendments are essentially 
cosmetic – they have left GAK powers essentially unchanged and this 
means that that most of the concerns that such powers create remain.

2. Human Rights Concerns

2.1 The Reversal of the Burden of Proof
The Government has proposed changes that provide a considerable 
degree of comfort on this issue – the burden of proof is now more 
clearly on the prosecution to show that a key holder can comply with 
a notice to provide a key but refuses to do so. 

2.2 Self-Incrimination
The new clauses offer no comfort here of any kind.

2.3 The Safety, Security and Privacy of Honest Key Owners
GAK powers still exist and there are no proposals from the 
Government to strengthen the inadequate commitment within the 
legislation to the protection of seized keys. In consequence the impact 
on trust and confidence is unchanged. While GAK powers remain, 
confidence in the safety and security of the Internet in the UK is 
certain to suffer; moreover, confidence in the validity of digital 
signatures will be put in doubt and these factors in combination will 
undermine UK E-commerce aspirations. This is a very serious 
ongoing concern. (See amendments 139, 139WA, 139XA, 139YA, 
139ZA, and 139A in relation to Clause 46 of the RIP Bill) 

3. A Proportionate and Effective Response?
We remain convinced that there are far more effective ways of 
countering criminal misuse of the Internet. 

4. Conclusions
Even with the proposed changes, we conclude that the RIP Bill 
remains seriously deficient. 

GAK powers remain intact and the new clauses have not changed the 
inadequate commitment to the protection of seized keys in any way. 
This means that the personal and business keys on which the safety 
and security of the Internet depend are still at serious potential risk. 
This in turn will continue to undermine confidence in the UK as an 
Internet and e-commerce friendly country.

We see nothing in the Government’s amendments that changes our 
fundamental objection to the introduction of GAK powers for which 
the Government has failed to provide any sound justification. In our 
view the GAK powers in this Bill are seriously flawed and should be 
rejected by the House of Lords. It simply makes no sense to seriously 
curtail the rights of all honest personal and business users of the 
Internet while achieving nothing of significant value in the fight against 
criminal misuse.

Mr. Yaman Akdeniz, Director of Cyber-Rights & Cyber-Liberties 
(UK),
CyberLaw Research Unit, Centre for Criminal Justice Studies,
University of Leeds, Leeds, LS2 9JT, 
Tel: +44 (0) 498 865116, Fax: +44 (0) 7092199011 
E-mail: lawya@cyber-rights.org

Dr. Brian Gladman, Technology Policy Advisor, Cyber-Rights & 
Cyber-Liberties (UK)
Worcester, UK
E-mail: brg@cyber-rights.org

Mr. Nicholas Bohm, E-Commerce Policy Adviser, Cyber-Rights & 
Cyber-Liberties (UK); Member of the Law Society’s Working Party 
on Electronic Commerce
Salkyns, Great Canfield, Takeley,
Bishop’s Stortford CM22 6SX, 
Tel: +44 (0) 1279 871272, Fax: +44 (0) 1279 870215
E-mail: nbohm@cyber-rights.org