RIPA s 12(7)
zenadsl6186 at zen.co.uk
Tue Jun 17 14:59:27 BST 2014
On 16/06/14 08:04, Caspar Bowden (lists) wrote:
> On 06/16/14 00:26, Peter Fairbrother wrote:
>> On 12/06/14 12:20, Caspar Bowden (lists) wrote:
>>> ....but a s.49 RIP order can require CSP to produce plaintext (or
>>> key) to
>>> any past (or future) data. If the key isn't available (e.g there is
>>> client-side code) a recipient of a s.49 can be required to give all
>>> co-operation necessary to have a defence.
>> I'm beginning to wonder whether that last is actually true.
>> Most specifically, you can't be forced to ask someone else for keys to
>> which you only have conditional access to.
> don't understand what you mean by "conditional"
Nor do I really, but if you have unconditional access to a key then you
have it in your possession, and thus you have to give it up under a s.49
warrant - so presumably if you only have conditional access, you don't
have it in your possession (and you don't have to give it up).
That's from RIPA ss.58(2):
"References in this Part to a person’s having information (including a
key to protected information) in his possession include references—
(a) to its being in the possession of a person who is under his control
so far as that information is concerned;
(b) to his having an immediate right of access to it, or an immediate
right to have it transmitted or otherwise supplied to him; [...]"
>>> Wonder opinions if this sufficient for UK to (coercively) "do a
>>> Hushmail" ? Or under Intel Services Act, or RIPA Pt.2 ?
>> I'm not sure what you mean here.
> Actually I had forgotten that this case involved server-side extraction
> of key (read above). This is obviously within RIP Pt.3 - I remain
> worried about trying to find combo of UK powers which could coerce a
> client-side attack (e.g. he provider has to inject back-doored
Will get back to you on that one
More information about the ukcrypto