Suramya's Blog : Welcome to my crazy life…

October 11, 2007

UK Police Can Now Demand Encryption Keys

Filed under: Computer Security,News/Articles — Suramya @ 12:18 PM

Under a new law that went into effect this month, it is now a crime to refuse to turn a decryption key over to the police. So lets say you have an encrypted file on your computer and you are traveling through UK, if the cops feel like it they can force you to hand over the decryption key. If you don’t comply you face a 5 year sentence in jail if the investigation relates to terrorism or national security, or up to two years in jail in other cases.

But what they don’t seem to have considered is that sometimes people do forget passwords and keys. Back in 2003 I went through a phase where I started encrypted all my data backups (MySQL database dumps etc) using PGP for a couple of months, which was all well and good. Then I had to upgrade my OS so I formated my computer managing to loose the decryption key which was stored in my PGP keyring. I do have a physical copy of the key but thats sitting in one of the boxes in storage. So if I went to UK and they asked me for the key I can’t give it to them because I really don’t have it. But if I tell them that I will end up in jail for 2 years if the judge refuses to believe me.

So I think I am staying away from UK for the time being.

Thanks to Schneier on Security for the news.

More information available at The Register

– Suramya

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment

Powered by WordPress