In response to industry and media pressure, the Home Office is
introducing some amendments to the Regulation of Investigatory
Powers Bill. According to reports, the government is restricting
the level of internet communication that can be obtained without a
warrant.
The new law will still enable the security forces to demand the
keys to encrypted data, but the government has apparently now
stated that the usual procedure will be to obtain a plain text
printout of the material in question. It remains to be seen how
this constitutes a significant change.
The existing wording of the Bill, which has caused much
controversy, states that a person required to disclose a key can
instead provide the encrypted data in an intelligible form.
Accordingly, the key need not be surrendered unless, according to
the Bill in its present form, the person demanding the key
considers a plain text print out of the data insufficient. The
detail of the proposed amendments is not yet clear, but the new
announcement on plain-text versions would seem to be an
insignificant variation on the existing Bill.
The Home Office has also said that company directors will now be
informed if encryption keys are demanded and that decryption
notices will always say who has authorised them, to calm fears of
fake notices. Again, this latter proposal may seem an ambiguous
concession; the original wording of the Bill made no suggestion
that notices would be in any way anonymous.
The Bill is being debated today in the House of Lords.
