[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: COE Recommendation No. R (95) 13




>How about this:
>________________________________________________________________________
>9. Subject to legal privileges or protection, most legal systems permit
>investigating authorities to order persons to hand over objects under
>their control that are required to serve as evidence. In a parallel
>fashion, provisions should be made for the power to order persons to
>submit any specified data under their control in a computer system in the
>form required by the investigating authority.
>________________________________________________________________________

>Is this 'what we would want'? It clearly means that one can be ordered
>to reveal the password to encrypted data and punished by law if one
>refuses. Suppose they suspect you of being a child pornographer and
>get a court order to search your encrypted system. You know you are
>innocent. Is it acceptable to put you in jail for not giving them access
>to your encrypted, very personal diary (in which you describe in detail
>your sexual encounters with the wife of the Chief of Police)?

Well if you want to eliminate all search and seisure powers of the courts
then that is a valid point to make. The point of the directive though
is to point out to the legislatures that they have to consider their
position on this one.

I'm not particularly keen on the idea that we should hope that the 
legislatures let this type of change happen by default. They are not 
going to do that, they may let things slide but they then are more
likely to do something reactionary when they realise they have been
had. And that reaction is likely to be anal.


>_______________________________________________________________________
>14. Measures should be considered to minimise the negative effects of the
>use of cryptography on the investigation of criminal offenses, without
>affecting its legitimate use more than is strictly necessary.
>_______________________________________________________________________

>Is this really just a toothless statement to give to the French?

Parse it carefully, its implications depend heavily on the interpretation
of "legitimate use" and "strictly necessary". 

Point is that it is not a directive to implement a Euro-Clipper program
which is what various spin doctors were claiming. The deputy director of the
NSA tried to use it as evidence to support his claim that other countries
are following the US position.

Mind you I may be wrong about the French. Someone suggested today that
they would prefer there to be no debate on crypto because they don't
want people to find out what they are up to.


		Phill


	Phill