R v.Lambert House of Lords and RIP reverse-burden-of-proof

[Owen Lewis]

> -----Original Message-----
> From: ukcrypto-admin@chiark.greenend.org.uk
> [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of Julian T. J.
> Midgley
> Sent: 08 July 2001 11:43
> To: ukcrypto@chiark.greenend.org.uk
> Subject: RE: R v.Lambert House of Lords and RIP reverse-burden-of-proof
>
>
> On Sat, 7 Jul 2001, Owen Lewis wrote:
>
> >
> > It is also clear that if the enciphered container held incriminating
> > material, it would be much in the interest of its owner to
> withhold the key,
> > claiming it to be lost or some such. I can see no way to prevent such a
> > course being taken except to ensure that it is likely to lead
> the owner into
> > a great deal of trouble - albeit perhaps less trouble that he
> would be in if
> > the contents could be read.
> >
> > It is essential with PKC that secret keys be kept securely. It
> is much in
> > the interest of the owner that they are never lost or
> compromised, with the
> > single exception that a 'loss' can thwart a search. It is reasonable
> > therefore to presume that key holders secure their secret keys
> with care.
>
> No it isn't.  The fact of its being sensible (or even necessary, for any
> genuine security) to keep one's keys secure, does not by any stretch of
> anyone's imagination imply that all those who have created secret keys for
> whatever purpose will a) have kept them secure, b) still remember where
> they are, or what the passphrases are.

It's not a case of any key one ever may have created but of keys which
either secure information you continue to store or continue to receive
communications requiring that key to read them. Moreover, for the law to
take effect, there should be good reason (e.g. evidence of criminality) for
the law to be brought into play. The fact remains that it is essential to
secure a secret key that is  the only means of reading a continuing
correspondence or opening a secured store of information.

Actually, it's the analogy is with the complete opposite, i.e. it is to be
presumed that most drivers do neither at any moment and that they will be
committing an offence if they do. You take my point?

> > Nevertheless, keys are lost from time to time; many of us will
> have lost a
> > key at some time or other. Therefore it seems right that a
> court listen to a
> > reasoned explanation as to why a key demanded has not been
> handed over and
> > exercise judgement as to whether the explanation is reasonable in the
> > circumstances.
>
> What does that mean?  "Reasonable in the circumstances?"  -

Just what is says. Each case must turn on its merits. Start at the
beginning. For the law to come into play there must be fair suspicion of one
of three things, being:

	1. The subject of an order has engaged in serious criminal activity.

	2. He associates with and shares information in common with someone so
suspected.

	3. Someone so suspected communicates with him in cipher, using a key which
causes only he to be able to read the information received.

The subject of an order claims to have 'lost' the secret key an cannot
comply. A judge must determine whether he cannot or whether he will not
comply.

>
> 'I typed rm -fr * in the wrong directory by accident, and didn't have any
> backups.  Unfortunately I couldn't recover the data from the disk,
> because by the time I noticed what I'd done, I'd already copied the
> Netscape source on to the machine, unpacked it, and started compiling it'
>
> Sounds reasonable to me (it's not an offence not to have backups).  But it
> could just as easily be a convenient excuse behind which a criminal was
> hiding.  How about trying to prove it?  Well, the presence of the Netscape
> source on the machine corroborates the latter half of the story, but says
> nothing about whether the keys were actually ever on that box.  Impossible
> to prove either way (though fans of STM disk analysis might disagree).

This, I think, is why the law is framed to require the subject of an order
to prove that he could not comply and that the circumstances in which the
key was lost were entirely unrelated to any investigation or service of an
order. Without belabouring the point, there are many circumstances where
that could be should on a straight balance of probability, let alone
reasonable doubt. However, criminal behaviour being what it is, there will
also be many such claims in response to the serving of an order which are
specious.

Consider; if the information you hold is revealed, you will, in all
probability be sentenced to 30 years. Will you hesitate even for a moment to
lose the key?

> I fail to see how anyone can be expected to exercise judgment as to
> whether the excuse proffered is reasonable or not (or, more usefully, I
> believe that anyone (with a modicum of intelligence) can concoct an
> explanation that must be accepted as reasonable since it could quite
> reasonably have occured).

You may indeed so fail. But the fact is that judges exercise continually
such a discriminatory power as an essential part of their duties.

> Therefore, I believe that it is nonsensical to suggest that we gain
> anything by allowing a court to decide whether or not an explanation is
> "reasonable in the circumstances".  Either the court tends towards genuine
> "reasonableness", in which case the criminals win, or it tends towards
> requiring "proof", in which case the innocents lose.  There is no happy
> middle ground.

If you truly believe that, then the remedy lies entirely in your own hands.
Should you choose to use PKC, you must simply ensure that at least one,
preferably two copies of you pass phrase are maintained in
non-electro-magnetic form and where they will be safe. These are additional
to the third you keep in your own (fallible) memory.

It being my turn for an analogy, I claim that not to take some such
precaution is as irresponsible as handling a firearm or a car in an unsafe
manner.

> Even if there is a significant amount of prima facie evidence that the
> accused is engaged in some criminal activity, it is wrong for the court to
> assume that if he claims he no longer has the keys then he is lying.  It
> is quite possible that his dog did eat the floppy that very morning, and
> he should not be convicted of anything because of that misfortune.

The law may say - has said - he can and leaves all ample opportunity to
ensure that they can never have misfortune mistaken for defiance. Absolute
protective arrangements can be made. Those who choose not to do so expose
themselves to a risk of some considerable unpleasantness - and not just at
the hands of a court.

> Surely at the very least the prosecution will need to start by proving
> that at some point you possessed the key, before you can be asked to
> prove that you don't any longer.  Even then, your failure to be able to
> prove that you no longer have it should not be deemed incriminating.  ("I
> lost the floppy in a house move." - might be true, might not be, can
> hardly be proven.)

You would only be able to claim one position and never both. You are in
possession (or not) of encrypted data. If you are, where's the key?

>
> > So what should be the real effect of this on key owners? Surely, it
> > reinforces their natural inclination to assure that their keys are well
> > secured at all times. There is some miniscule part of the
> population who may
> > be placed unfairly at risk because of such law. It seems to me
> that their
> > satisfactory protection should come not from removal of the new
> offence of
> > not surrendering a key but from ensuring that there is a strong
> prima facie
> > case to be made against either the key holder or against some
> person from
> > whom it can be shown he has been in receipt of enciphered information.
>
> Careful.  It would appear from your above that if I am a known criminal,
> and am aware that I am being monitored, I can get my own back on someone
> who has crossed me by sending him some enciphered material (having created
> a key in his name which I later discard).

This is one reason why PGP as 'strong cryptography for the masses' is a
flawed system. You would not be able to do this to me or to many others,
only to those who lay themselves open to this form of abuse.


Owen