Court of Appeal ruling on RIPA Part III section 49 notices and
section 53 prosecutions regarding law enforcement access to encryption
keys etc.
Nicholas Bohm
ukcrypto at chiark.greenend.org.uk
Fri, 17 Oct 2008 15:58:55 +0100
Michael Procter wrote:
> On Mon, October 13, 2008 9:52 am, Watching Them, Watching Us wrote:
>> S & Anor, R. v [2008] EWCA Crim 2177 (09 October 2008)
>>
>> http://www.bailii.org/ew/cases/EWCA/Crim/2008/2177.html
>
> Just got round to reading this, and I noticed the following in para 21:
>
> # If however, as for present purposes we are assuming, they contain
> # incriminating material, the fact of the appellants' knowledge of the
> # keys may itself become an incriminating fact.
>
> Does this point the way to being held liable for files encrypted with your
> public key, as you would hold the appropriate key for decryption?
The case has no bearing on responsibility for the content of a file -
it's purely about criminal liability for failing to provide access to
encrypted files.
> Or does it instead point to a defence of 'anyone could have encrypted that
> - it wasn't me guv'?
No, because that doesn't excuse you from decrypting.
> Of course, the entire judgment is based around symmetric ciphers (as far
> as I can see), and maybe I shouldn't read anything else in to it.
It's possibly just about passwords, indeed.
The case is useful for acknowledging explicitly that providing a key
involves admitting that one knows it, which might turn out to be an
incriminating admission (depending on the rest of the circumstances).
The case leaves open the possibility that the implicit making of that
admission might have to be withheld from a jury.
Nicholas
--
Salkyns, Great Canfield, Takeley,
Bishop's Stortford CM22 6SX, UK
Phone 01279 870285 (+44 1279 870285)
Mobile 07715 419728 (+44 7715 419728)
PGP public key ID: 0x899DD7FF. Fingerprint:
5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF