12 October 1999
Date: Mon, 11 Oct 1999 18:14:12 +0100
To: ukcrypto@maillist.ox.ac.uk
From: David Swarbrick <david@swarb.freeuk.com>
Subject: Re: Gazette
From the gazette
Issue 6 October 1999
After several false starts, the draft Electronic Communications Bill was published in July. The stated intent is to promote electronic commerce; more quietly stated is that of defending law-enforcement, and interception capabilities. The Bill divides the two, and forlornly hopes that the pursuance of one aim will not defeat the other. Part III of the Bill provides the mechanisms for law enforcement to recover text in files which may be encrypted, or otherwise unintelligible. This is not about obtaining information, but about how it can be read once obtained.
Encryption transforms, or scrambles, information so that it is accessible only by an authorised person. These proposals cannot be understood without rehearsing something of modern encryption.
In the beginning there was private (or single) key encryption. The sender and recipient first share a key. The key is used by the one to scramble, and by the other to unscramble the text. The need to share this secret severely limits its usefulness; privacy can only be achieved within small groups who already trust each other, such as drug smugglers, terrorists and so forth.
Public(or dual) key encryption was invented in the 1970s. The key is now split in two parts. One part is designated a public key and is published widely. The other is a private key, and kept absolutely private. To send a private message, the individual finds the other person’s public key, and encrypts the message with it. That person knows that only someone with the other’s private key can now read it.
By a wonderful piece of logic, if the person uses his or her private key to encrypt the message, rather than the other person’s public key, then the other person must use the first person’s public key to unscramble it. The other can then be quite sure that only somebody knowing the first person’s private key can have encrypted it, and that it has not been altered. In other words, the document has been digitally signed.
The secret has moved away from the message to the recipient. No secret is now shared between us other than the message. The exact same technology underpins all electronic commerce, and makes privacy a practical possibility. Governments welcome the first use, and fear the second, but no legislation can return this genie to the bottle.
It is only the absolute secrecy of private keys which drives both privacy and electronic commerce. This was the heart of the difficulties with earlier proposals, which provided in some way for such private keys to be available to law-enforcement. As assets come more and more to be digital, the real value of private keys will rise quickly, and the risks from compromise will rise with it. Interception of a telephone call destroys privacy in one conversation. The recovery of a private key allows the new possessor of the key perfectly, and untraceably, to impersonate the true owner in all his electronic actions. This may be in correspondence, in dealing with electronic funds, or in the signing or alteration of documents.
The Bill has two main provisions to support law enforcement. Clause 10 allows an officer to serve a notice requiring somebody to decrypt a file. Failure to comply is an offence punishable with two years imprisonment. The following apply:
The notice may relate to a file which does not yet exist.The officer need not show that the file can be decrypted, or that it contains anything in which he has any proper interest.
He usually needs no judicial authority, only that of a police superintendent.
He need not be investigating any crime.
He needs no reasonable cause to believe that the recipient can decrypt it, he asserts that it ‘appears to him’ that he can.
He can insist that the private key be handed over, rather than plain text.
Notices will usually be served on an innocent person; not a suspect ‘presumed innocent’, but someone not suspected of anything by the officer.
Who will receive such notices? For telephone interceptions, small numbers of warrants are served on experienced officers within communications companies. Here, a separate notice is needed for each recipient of the suspect’s communications, since only they can decrypt the files. It is as if one warrant were requested for every telephone number called by a suspect. The officer may find himself serving many notices, on ordinary individuals and businesses, on people not suspected of wrong-doing, and with no technical expertise.
The compromise of a private key multiplies itself in effect. Desiring to read the e-mail of one suspect, the privacy of each correspondent is compromised, and in turn, the privacy of everyone who sends e-mails, using the public key, to the persons served. We can only guess the numbers, but if, for example, 50 notices are served on one suspect’s correspondents, and each correspondent receives encrypted mail from a hundred others, then the privacy of five thousand people is threatened. The recovery of such e-mails is easy, ridiculously so. With the key, all material sent to the person served, by whomever, can be read.
Just because the recipients are people who may act unpredictably, clause 13 of the Bill allows a clause 10 notice, to require the recipient to ‘keep secret the giving of the notice, its contents and the things done in pursuance of it’. Breach, ‘tipping off’, is punishable with five years imprisonment. If he does tell anyone, that person is also infected with the same duty. The secrecy is absolute, save only that the recipient may speak to a lawyer. He may not mention the notice to a partner, child, or parent, employer, customer, co-worker or client. His lawyer, alone, may mention it to a court or tribunal. How this may be put forward in court, what use a court can make of it, and what consequential disclosures can follow, is quite unclear.
Imagine receiving a notice early one morning. An individual gives over his or her private key. Returning to bed, that person is asked ‘Who was that dear?’ The deceit starts; silence is not an option. An employee may not tell his employer that the company’s confidentiality protection disappeared that morning. A business may not tell its customers that the promise of respect for privacy implicit in the publication of its public key, no longer holds.
A person served must dissemble as necessary. Losses which follow, in family, employment, business, or professional life, must be suffered without mention of the notice. He offered privacy to those who wrote to him, and is cruelly and remorselessly punished for this hubris.
Distribution of a public key promises privacy. The issue of a new public key, a very public, and unexplained change, may warn others of the compromise of the existing key. Is this tipping off? The officer may want to read future communications. Since he needs to make sure the key is not changed, I can see it being argued that it does constitute tipping off.
We only know that many notices will be given; that the recipients will not, generally, be suspects; and that a person who promises secrecy may not deliver it. Who can we trust? These clauses will entirely undermine confidence in electronic communications. They will create divisions, distrust and disharmony within families, within companies, and between businesses and their clients.
The Bill establishes a tribunal to award compensation. The tribunal is to be the exclusive remedy for losses suffered as a result of the receipt of a notice. However, claims can only be made if they are, or should have been, authorised by the secretary of state. The rest must add to their silence the absence of compensation. If a person can complain, that person’s own lawyer may not appear before the tribunal, but he or she must choose an approved lawyer who presents the case in secret. The complainant may be given a summary of the evidence along with some of the decision (schedule 2). This tribunal is modelled on the Interception of Communications Act Tribunal, which has not yet, in 14 years, upheld a complaint.
The Bill promises a code of practice. No word has been given as to what it will include, but these powers are so overwhelming, that it is improper to leave their limitation to a code of practice. How does this fit in the new era of human rights? The Bill has a standard form ‘human rights compliance’ certificate, but this looks rather shame-faced.
Convention rights are in general limited for the prevention of crime, for national security, and otherwise. Under this Bill, notices need no such purpose, and a police superintendent, or judge, has no basis for refusing authority for a notice. In contrast, under the Police and Criminal Evidence Act, an officer seeking a search-warrant, must demonstrate that he is investigating a serious crime, and explain why he expects to find relevant evidence.
There may be a breach of the article 10 right ‘to hold opinions and to receive and impart information and ideas without interference by public authority’. What would be the outcry, if such powers were also available against those receiving letters in envelopes, rather than on postcards? The government also seeks power to monitor a high proportion of Internet calls. This Bill will discourage use of encryption, and so restrict the free exchange of ideas, and also remove the most obvious way for users of e-mail to protect themselves from fraud.
Article 6, the right to a fair trial, is breached. The forced decryption of a communication may breach the right against self-incrimination. The question is whether this requirement is asking the suspect to accede to a search or to make a statement. A suspect will be obliged to provide evidence, which may be used against him. The decryption of a message involves creating a computer file, a new object, which would then be used against the suspect. The situation may differ according to whether the suspect or the officer decrypts the file. The right against self-incrimination is not an explicit part of the convention, but it is implicit.
The rules anticipated for the tribunal breach the same right because the independence of the tribunal is itself questionable. The complainant does not have free choice of a representative, neither the hearing nor the judgment is to be public, and evidence may be withheld from him. For once, the Bill attempts to justify these restrictions by reference to purposes. However it then specifically includes purposes economic well-being which are not permitted under the article and makes them of general application, not for special circumstances as the article requires. These interferences with a fair trial go well beyond those permitted under the article.
Clause 10 infringes the right to a fair trial by reversing the burden of proof. The officer asserts that it appeared to him that a defendant could make a file intelligible, that the notice was authorised, served, and not complied with. A defendant who cannot decrypt it, must show that he cannot, he must prove a negative. The prosecution’s burden is a formality, the defendant’s is an impossibility. See Attorney-General of Hong Kong v Lee Kwong-Kut [1993] AC 951 which confirms that such provisions do shift the burden of proof.
Article 8 gives the right to privacy of correspondence. Since the Bill makes no attempt to justify infringement of the right by reference to any purpose, these clauses must fail. The article 8 right to family life may also be threatened. The Bill will create situations where one family member possibly a child may be placed in an impossible and frightening situation, but be unable to discuss it. He may have to lie to other family members. If large numbers of notices are indeed issued, distrust of anybody and everybody will become a first rule of life inside the family and without. If we use e-mail more, and choose to use encryption, trust within families might be undermined.
This applies more substantially in commerce. A business trading on the Internet, and publishing a key, invites others to approach it in confidence. If that key has been used by many other correspondents, the assumption must be that it is compromised. Can this promote good practice, and trust in electronic commerce?
Last, and most fantastically, someone complaining about a notice under the Human Rights Act, must, of course, disclose the notice, and so commit an offence. Can he get advice? Clause 13 (5) suggests that his lawyer might have a defence for disclosing the notice to a court, but clause 13 (6) specifically disapplies that protection to legal advice given in furtherance of a crime, which is where we began. The words are simple, each on their own, but their combined logic itself seems cruel and unusual punishment.
_________________
David Swarbrick is a committee member of the northern group of the Society for Computers and Law and is a sole practitioner with West Yorkshire-based firm Swarbrick & Co
-
David Swarbrick, Solicitor 01484 722531
david@swarb.freeuk.com
www.swarb.co.uk
IP / IT Law and Contracts.
Home of the law-index of 9900+ uk case summaries.
The Law Society regulates us in the conduct of investment business.