Data encryption is one method used by criminals to avoid
detection, and therefore giving law enforcement agencies access to
keys (which make the data intelligible) is perceived as helping in
the fight against crime. In 1997 the UK government suggested
setting up a network of Trusted Third Parties (TTPs), businesses
that would hold encryption keys. Users of encryption were obliged
under the proposals to deposit keys with one of these TTPs (key
escrow). The TTP would then, in appropriate circumstances, give law
enforcement agencies access to the key.
There were a number of concerns about these proposals. Questions
were asked about the ability of TTPs to keep keys secure. There
were also complaints about greater government surveillance and a
reduction in privacy. Eventually the plans were dropped. Instead, a
more limited form of access to keys was to be implemented under the
Regulation of Investigatory Powers (RIP) Act which was passed last
year.
US Congress cited encryption methods as one reason for the
failure to gain access to information about the plans for the
recent terrorist attacks. There had been speculation that the UK
government would use the climate of increased security following
the US terrorist acts to return to its previous suggestion of a
“key escrow” scheme.
This has proved not to be the case. Instead, the government
intends to press ahead with the implementation of sections of RIP
Act dealing with encryption. This will give law enforcement
officials the power to demand encryption keys in certain cases. The
legislation is scheduled to be implemented by the end of the
year.
