RIPA s 12(7)

Peter Fairbrother zenadsl6186 at
Sat Jun 14 21:49:26 BST 2014

On 12/06/14 12:20, Caspar Bowden (lists) wrote:
> On 06/12/14 08:43, Peter Sommer wrote:
>> ..
>> GMail or any of the non-UK webmail service providers could however
>> embed encryption into their offerings but the UK government would not
>> be able to force them to introduce an interception capability;  it
>> would have to be done by agreement.
> ..but a s.49 RIP order can require CSP to produce plaintext (or key) to
> any past (or future) data. If the key isn't available (e.g there is
> client-side code) a recipient of a s.49 can be required to give all
> co-operation necessary to have a defence.

Not entirely.

RIPA subsection 49(2) "If any person with the appropriate permission 
under Schedule 2 believes, on reasonable grounds—

(a)that a key to the protected information is in the possession of any 
person, [and ...]"

he can issue a notice which can require more cooperation than the use of 
the key. However if it is unreasonable for him to so believe then no 
such notice can be issued.

The first time, maybe the cops would get away with it - but afterwards, 
when it is known that no relevant key is in the possession of the ISP, 
then no notice can be issued - even if it is known that the ISP could 
otherwise provide plaintext.

-- Peter F

> Wonder opinions if this sufficient for UK to (coercively) "do a
> Hushmail" ? Or under Intel Services Act, or RIPA Pt.2 ?
> CB

More information about the ukcrypto mailing list