s/forget passphrase for/cause permanent destruction of/ , Re: Letwin wants increased penalties for refusal to decrypt

Mon, 19 Aug 2002 20:29:29 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <Pine.LNX.4.43.0208182221000.391-100000@amaterasu.srvr.nix>,
Kieran <kieran@esperi.demon.co.uk> writes
>On Sun, 18 Aug 2002, Matthew Astley wrote:
>
>> On Sun, Aug 18, 2002 at 08:22:20PM +0100, Peter Fairbrother wrote:
>> > Owen Lewis wrote:
>>
>> > > Letwin should use a better speechwriter.
>> > >
>> > > Fashion it thus.
>> > >
>> > > Plod has (just about) sufficient evidence against X of drug
>> > > trafficking (or whatever gets you 30 years) to get a case before a
>> > > jury. The enciphered contents of X's PC, if disclosed, will turn
>> > > his 50:50 chance in front of a jury into zilch.
>>
>> > [...] Your criminal could defeat conviction by just not writing down
>> > the encrypted information in the first place, or hiding the drive
>> > better.
>>
>> How does encryption of data compare, legally, with irreversible[1]
>> destruction?
>
>Completely different.  You'd have to explain why you encrypted data
>rather than securely deleted it.  The only valid reason IMO is to
>access again.

 This is very naive in security terms.  If you encrypt, your policy
 should be that "I encrypt everything because I have a right to privacy,
 just as I put *ALL* my letters in opaque envelopes: not merely those
 which are of great sensitivity, thus highlighting to be specifically
 targeted."

 Certainly my policy with my circle of regular email correspndents
 is this: EVERYTHING is on auto-encrypt (and you can be sure we have
 directly verified key fingerprints by phone), and the subject line
 is "message", whether it is important or not.

- -- 
   ^-^-^-@@-^-;-^   http://www.xemu.demon.co.uk/
        (..)__u     news:alt.smoking.mooses

       happy as a clam at high tide -. <_" .-._.-.

-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1

iQA/AwUBPWFHGXpGxv7MBb4WEQIdpwCfcVbj0cdLbz9SZtUwm1PYbL9s8JQAoONx
xj7V6gIz8QPCYnEZb4R0Z5uP
=SvCR
-----END PGP SIGNATURE-----