RIP authorisations consultation response - no use of encryption ?

Watching Them, Watching Us watching_them_watching_us at hushmail.com
Sat Nov 7 15:53:27 GMT 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


>Richard Clayton richard at highwayman.com
>Fri Nov 6 14:50:41 GMT 2009

>The consultation response on changing authorisations in RIP is now
>out.

>http://www.homeoffice.gov.uk/documents/cons-2009-ripa/


http://www.homeoffice.gov.uk/documents/cons-2009-ripa/ripa-cons-
response?view=Binary  (292Kb .pdf)


- ---------------

page 13

6.  Are the Government’s other proposed changes in the
Consolidating Orders appropriate?

[...]

  there should be a mandatory requirement for all RIPA
applications, authorisations and material obtained to be encrypted;


[...]

GOVERNMENT’S POSITION

[...]

It would be impractical to require all material obtained through
the use of RIPA to be encrypted. However, it is perfectly
reasonable for members of the public to want reassurance that all
appropriate steps are taken to protect material obtained through
the use of techniques under RIPA. All relevant public authorities
have in place a variety of security measures, including physical
security measures, security procedures, staff vetting and training,
to ensure that material is protected from improper disclosure.

- ----------------

Given the Government data security and privacy disasters of recent
years, is anyone reassured by this "Government Position" ?

The list of security measures "in place" by "all relevant public
authorities" does *not* include "encryption".

This rather implies that they *never* use encryption to protect the
RIPA documentation or end products, in transit or in storage, even
where this is obviously cheap and practical to do.

Why are the Home Office so dead set against normal, professional IT
security procedures ?



regards

Mark

- ----
http://SpyBlog.org.uk -  Spy Blog
blog at spy.org.uk

PGP Public Encryption Key for blog at spy.org.uk:
http://SpyBlog.org.uk/Spy_Blog_PGP_Public_Encryption_Key.pl
PGP Public Encryption Key ID: 0xEB3CF9A8
Fingerprint: 8DBB D4C8 AB0B 3F2A 3548  D252 A736 3503 EB3C F9A8

If you are researching, or writing, or protesting about anything to
do with National Security, or Government spin and secrecy, you
should take some basic precautions:

Hints and Tips for Whistleblowers
http://ht4w.co.uk
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 3.0

wkYEARECAAYFAkr1l/kACgkQUjiF2PgjBMKd1ACfZfTSXmga70Ev+Ugbci00Pwhq3wUA
n2/etMSo/GycYd0MG4epaepo7dmz
=LnPu
-----END PGP SIGNATURE-----

More information about the ukcrypto mailing list