
Back doors, black boxes and #IPAct technical capability regulations - bahjoite
http://www.cyberleagle.com/2017/05/back-doors-black-boxes-and-ipact.html
======
bahjoite
Some interesting passages:-

> The new IPAct communications data requirements, however, include a paragraph
> under which a technical capability notice could require a provider to
> install a government-provided 'black box': "10\. To install and maintain any
> apparatus provided to the operator by or on behalf of the Secretary of State
> for the purpose of enabling the operator to obtain or disclose
> communications data, including by providing and maintaining any apparatus,
> systems or other facilities or services necessary to install and maintain
> any apparatus so provided".

> A technical capability notice would also be able to require the operator to
> "consider" the obligations and requirements imposed by any technical
> capability notice when designing or developing new telecommunications
> services or telecommunications systems.

> The most controversial aspect of technical capability notices throughout the
> passage of the Bill was whether the obligation to remove encryption could be
> used to prevent use of end to end encryption. The proposed IP Act
> regulations say (for interception):"8\. To provide and maintain the
> capability to disclose, where practicable, the content of communications or
> secondary data in an intelligible form and to remove electronic protection
> applied by or on behalf of the telecommunications operator to the
> communications or data, or to permit the person to whom the warrant is
> addressed to remove such electronic protection".

> For a technical capability notice the central concept is technical
> feasibility. Clearly it is not technically feasible for an operator who
> provides its users with true end-to-end encryption facilities to remove the
> encryption, since it has no decryption key.

