[2132] in cryptography@c2.net mail archive
FW: UK Crypto Ban?
daemon@ATHENA.MIT.EDU (Trei, Peter)
Thu Feb 12 19:19:51 1998
From: "Trei, Peter" <ptrei@securitydynamics.com>
To: "'cryptography@c2.net'" <cryptography@c2.net>
Date: Thu, 12 Feb 1998 09:28:33 -0500
Forwarded from cypherpunks.
> -----Original Message-----
> From: John Young [SMTP:jya@pipeline.com]
> Sent: Wednesday, February 11, 1998 7:20 PM
> To: cypherpunks@toad.com
> Subject: UK Crypto Ban?
>
> From: Campaign Against Censorship of the Internet
> <cacib@liberty.org.uk>
> To: ukcrypto@maillist.ox.ac.uk
> Date: Tue, 10 Feb 1998 18:18:28 +0100
> Subject: Key escrow announcement
>
>
> A source who is a lobbyist in a non-computer sector has just called me
> to say that Margaret Beckett will be announcing a (compulsory?) key
> escrow program next Tuesday.
>
> So far I don't have independent confirmation, although Nigel Hickson
> recently said here that he was expecting an announcement "soon".
>
> Here's hoping we can get it out before the gvt machine controls the
> spin.
>
> Regards,
>
> Malcolm Hutty.
>
> -----------------------------------------------------------------
> Campaign Against Censorship Tel: 0171 589 4500
> of the Internet in Britain Fax: 0171 589 4522
> e-mail: cacib@liberty.org.uk
> Say NO to Censorship Web: http://www.liberty.org.uk/cacib
>
> ----------
>
> Date: Wed, 11 Feb 1998 23:57:32 +0000
> To: ukcrypto@maillist.ox.ac.uk
> From: T Bruce Tober <octobersdad@reporters.net>
> Subject: More rumours?
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
>
> Free Life Commentary
> Editor: Sean Gabb
> Issue Number Ten
> Tuesday 10th February 1998, 11:20pm
>
> ==========================
> "Over himself, over his own mind and body,
> the individual is sovereign"
> (J.S. Mill, On Liberty, 1859)
> ==========================
>
> Next Week's British Encryption Ban
> by Sean Gabb
>
> Earlier this evening, I was given confidential information by someone
> close to a British Cabinet Minister. I am not in the habit of
> speaking
> to such people, let alone having them leak state secrets to me. But
> that is what happened. In publishing what I heard, I am now risking a
> prosecution under the Official Secrets Acts - or, more likely, being
> made to look ridiculous if what I predict does not happen. These
> risks
> being accepted, here is the leak.
>
> Next Tuesday, the 17th February 1998, the Department of Trade and
> Industry will announce plans to outlaw the use of strong encryption
> software within the United Kingdom. We are to be encouraged - and
> ultimately forced - to encrypt our e-mail only in ways that will allow
> the authorities to read it.
>
> My source was vague about the details of the scheme, saying that they
> had not yet been circulated to the full Cabinet. But I imagine that
> it
> will be more or less a reprint of the Conservative Government's public
> consultation paper of March 1997. This came to nothing because of the
> change of Government, and it was even hoped that Labour would have a
> more liberal policy on Internet regulation. However, Margaret
> Beckett,
> the Minister now responsible for trade and industrial policy, is
> neither
> bright nor forceful; and she was early captured by the officials who
> in
> theory are supposed to do her bidding. If next Tuesday's consultation
> paper differs at all from the last one, it will be only in matters of
> small detail and presentation. For this reason, it is probably safe
> to
> take the last paper as a guide to what we can expect.
>
> The Government will propose creating a network of what are called
> Trusted Third Parties, or TTPs. These are to be organisations
> licensed
> to provide encryption services to the public - that is, software,
> consultancy and other support. Because they have been licensed by the
> State, we are to be encouraged to believe that they really are
> trustworthy - that they are not distributing bad encryption software,
> or
> robbing their clients in other ways. But just in case we decide not
> to
> believe any of this, it will be made illegal for any unlicensed person
> to offer encryption services. Here, it is worth quoting from last
> year's consultation paper:
>
> The legislation will prohibit an organisation from offering or
> providing encryption services to the UK public without a licence.
> Prohibition will be irrespective of whether a charge is made for such
> services. The offering of encryption services to the UK public (for
> example via the Internet) by an unlicensed TTP outside of the UK will
> also be prohibited. For this purpose, it may be necessary to place
> restrictions on the advertising and marketing of such services to the
> public.
>
> Enacted into law, this would make it illegal for me to copy encryption
> software from my hard disk for a friend, and for computer magazines to
> include it on their free cover disks. It would also allow a strict
> supervision of the material and the links given access to by British
> sites on the World Wide Web.
>
> The paper never clarifies why we need TTPs in the first place, or why
> -
> their need granted - they can only be trusted if licensed by the
> State.
> But it does say a lot about law enforcement and national security.
> Or,
> to be more accurate, it does say a lot in the usual code about the
> need
> to fill in any last potholes on the road to a British police state.
>
> Starting with the Interception of Communications Act 1985, the British
> State has given itself powers of surveillance that a Third World
> dictator might envy. It can tap our phones on the word of a Minister.
> It can burgle our homes and leave recording devices behind on the word
> of a senior policeman. It can trawl through and inspect any records
> on
> us held by any organisation. It can do all this without our
> knowledge,
> and without any effective system of appeal and redress. The relevant
> laws are careful to describe the permissions for this as "warrants".
> But they really are no more than what in France before the Revolution
> were called Lettres du Cachet - things that our ancestors boasted did
> not and could not exist in the freer air of England.
>
> The spread of personal computers seemed likely at first to extend the
> scope of surveillance still further. This had until then been limited
> by cost. For all the theoretical risks, sending letters in sealed
> envelopes through the post has always been reasonably secure: the
> costs
> of interception can only be justified in exceptional cases. For the
> same reason, most private papers are safe. But the routing of an
> increasing amount of mail through the Internet promised to bring down
> the costs of surveillance to the point where everyone could be
> watched.
> The storage of records on computers connected to the Internet promised
> to make it possible for the authorities to spy on people by remote
> control.
>
> The problem is the development of strong encryption software like pgp,
> and its growing popularity among millions of ordinary people who,
> though
> not criminals, have a strong regard for privacy. It allows us to keep
> our e-mail and private records secret to all but the most determined
> and
> expensive attacks. It gives to us the benefits of instant
> communication
> and mass data storage, but keeps the authorities - despite their new
> powers of surveillance - no better informed than in the old days of
> due
> process and envelope steaming.
>
> Therefore all the talk of Trusted Third Parties. The terms of their
> licences will require them to sell encryption software with keys that
> cannot be modified by their clients, and to collect and store copies
> of
> these keys for handing over to the authorities. Last year's document
> is
> full of promises about "strict safeguards" and the like. But the
> reality is this:
>
> The legislation will provide that the Secretary of State may issue
> a
> warrant requiring a TTP to disclose private encryption keys... or a
> body
> covered by that warrant.
>
> No mention of judicial involvement at the time, or judicial review
> afterwards - just more police state commands.
>
> We can ignore anything the Government parrots next week about law
> enforcement and national security - or, for that matter, child
> pornography and complex fraud. These really are just code words. If
> I
> were a criminal, or a terrorist, or a foreign spy, the last encryption
> software I would use would come from a Trusted Third Party. Strong
> encryption packages are available all over the Internet, or can pass
> from hand to hand on a single floppy disk. Nor would I worry much
> about
> laws against the transmission of data encrypted with unlicensed
> software. There are ways of keeping the authorities from even knowing
> that an Internet message contains encrypted data.
>
> Somewhere, I have an early version of a program called Steganography,
> created by Romana Machado. This takes an encrypted text and merges it
> into a graphics file. My version produces a visible degradation of
> picture quality. Almost certainly, the newer releases have solved
> this
> problem. Assuming I had them, and were sufficiently unpatriotic -
> neither applies in my case, let me add - I could e-mail this country's
> battle plans straight off to Saddam Hussain merged invisibly into a
> picture of my dog. GCHQ would never notice until the Scud missiles
> began landing on Cheltenham.
>
> No - the encryption ban will be aimed at us, the honest public. We
> are
> the people who tend to respect the law - or at least to be afraid of
> it
> enough to comply in most cases. It is our privacy that is to be
> stripped away. It is we who are to become like Winston Smith, living
> for every moment when the telescreens are not monitoring our facial
> expressions.
>
> Why this is desired I cannot say. But we are living though an age of
> withering trust in the common people. In this country, we are not
> trusted to possess guns for our self-defence - or indeed to carry
> carpet
> knives locked inside our cars. We are not trusted to choose and
> administer our own medicines, or to bring up our own children in the
> manner of our choice, or to decide whether or not oxtail soup might be
> bad for us. Plugging in the telescreens is only a logical next step.
>
> Normally, when I write on these issues, I work myself into a frenzy of
> pessimism. At the moment, though, I feel rather optimistic. Next
> Tuesday's proposals will cause an uproar. This will not come from the
> so-called civil liberties groups like Liberty - excepting a few small
> bodies like the Libertarian Alliance, they have all been taken over by
> New Labour apparatchiks who can be trusted to keep their mouths shut.
> It will come from the big business interests.
>
> British Telecom is the third or fourth largest telecommunications
> company in the world. If operates in more than 40 markets, often
> needing to provide its clients with very secure networks. In the City
> of London there are more representative offices of foreign banks than
> in
> the rest of the European Union combined. These have a taste for
> confidentiality. There are many other large interests - all paying
> billions in taxes, all likely to be very hostile to any scheme that
> will
> make them appear less useful to foreign clients. We have a Labour
> Government that still needs to establish itself in the public mind as
> a
> party friendly to business. These facts can surely be trusted to
> ensure
> the dropping of a scheme that would not merely turn the country into a
> full police state, but also do the greatest damage to British business
> since nationalisation.
>
> Or so I hope.
> ==========================
> Free Life Commentary is an independent journal of comment, published
> on
> the Internet. To receive regular issues, send
> e-mail to Sean Gabb at old.whig@virgin.net
>
> Issues are archived at
>
> <http://freespace.virgin.net/old.whig/>
>
> Contact Address: 25 Chapter Chambers,
> Esterbrooke Street,
> London, SW1P 4NN;
> Telephone: 0181 858 0841
>
> If you like Free Life Commentary, you may also care to subscribe to my
> longer, hard copy journal, Free Life, subscription details for which
> can
> be obtained by writing to me at the above address.
>
> ==========================
> Legal Notice: Though using the name Free Life, this journal is owned
> by
> me and not by the Libertarian Alliance, which in consequence bears no
> liability of whatever kind for the contents.
> - --
> Sean Gabb | "Over himself, over his own
> |
> E-mail: old.whig@virgin.net | mind and body, the
> individual|
> <http://freespace.virgin.net/old.whig/> | is sovereign"
> |
> Mobile Number: 0956 472199 | J.S. Mill, On Liberty, 1859
> |
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 5.0i for non-commercial use
> Charset: noconv
>
> iQCVAwUBNOI4cDzmzFmU9IJVAQFOFAQAlLgKRAM6wTztCSVvUAAUY/g8k0iOKCGY
> 4s8O7c+axQUcf3e3RTxKbIPqoIeb81uIcKwv86havRuUsm2r2OHADuRBlWT7VgrR
> RKKCuuvrF19G4/hLTn7094NqUvnp5LAZpKOX7ITYQC/grQL8gnkd/xvpj55Z9oek
> idz0EU18xJo=
> =cNRU
> -----END PGP SIGNATURE-----
>
>
>
> tbt --
> --
> |Bruce Tober, octobersdad@reporters.net, Birmingham, England
> +44-121-242-3832|
> | Freelance PhotoJournalist - IT, Business, The Arts and lots
> more |
> |pgp key ID 0x94F48255. Website -
> http://www.homeusers.prestel.co.uk/crecon/ |
