I'd say that's terrifying.
Another thought: doesn't this make it possible to frame someone by writing random data to their hard drive?
From the comments (credit to http://www.ktetch.co.uk/p/about-me.html):
"Funny thing about the RIPA act was that in 1999, when the act was first discussed, civil Liberties group Stand decided to show the problem.
They sent an email to the Home Secretary (the minister for law and justice) containing a confession (source http://www.zdnet.com/surveillance-straw-petitioned-on-commer... ). That confession was encrypted. Mr Straw had details to a crime in his posession, in an encypted file, and no way to decrypt it. He was, under the letter of the law, refusing to decrypt information relevent to a crime, and should therefore be charged under RIPA.
Guess who wasn’t charged?
Yes, the law doesn’t actually apply to you is you’re the Home Secretary. Who knew that those in government consider themselves above the laws they inflict on others."
Well, no. The law doesn't say 'if you have encrypted information you have to decrypt it'. It says 'if you have encrypted information you have to decrypt it if the police (or someone else with statutory powers to detain your property) require you to'. The HS wasn't required to.
You can't just email someone an encrypted file and key, snap your fingers, and have them be breaking the law. They have to actually refuse to comply with a notice.
Yes, it's a stupid law, but this stunt doesn't actually show anything.
This is really a terrible analogy for reasons laid out up above. The law says you must do X when asked. You have not been asked to do X, therefore you don't have to do X.
Search for outrage elsewhere.
(It's true that the reasonable ground requirement was removed for certain areas by the Terrorism Act 2000. That provision was held incompatible with Article 8 of the ECHR (our nearest equivalent of your 4th amendment), and has consequently been repealed).
I'd also raise an eyebrow at your implication that the police are generally less prone to misuse of their powers in the US than the UK. I haven't researched it, but my impression was that in practice it's rather the other way round.
What the USA needs to do is to move into the 20th century and for each state to have a single police force with uniform standards - this would save a lot of resource wasted by every city/town having its own police force plus state troopers, sheriffs and what have you
See section 50(3)(b). Also relevant is 53(1) and 53(4).
"This argument is ridiculous, since it’s missing the concept of intent. The Home Secretary clearly had no intent. That’s why he/she wasn’t charged."
EDIT: British common law divides up laws between those requiring intent and those that don't.
The UK law in question does not require intent (mens rea).
nope, can't see any problem with that.
If someone wrote random noise to your hard drive then they couldn't prove these things (and in that scenario it would be a lot easier to frame someone by simply writing some child porn).
Encrypted files are not usually just cyphertext: there tends to be a header file with the file type, and of course there will be associated decryption software on the disk. Time and date stamps may well coincide (e.g. the decryption program was last run at the same time the suspect file was accessed). All of this would help build a case that the suspect had in fact decrypted the data in the past, and therefore could do so again.
As for steganography, they would need some clear evidence that the alleged steganographic data existed. Merely saying "maybe" and a pound will get them a cup of tea.
Well, you'd have to get some child porn to frame someone that way. Random data is much easier to procure.
(3) For the purposes of this section a person shall be taken to have shown that he was not in possession of a key to protected information at a particular time if—
(a)sufficient evidence of that fact is adduced to raise an issue with respect to it; and
(b)the contrary is not proved beyond a reasonable doubt.
... which makes me sad that misinformation is being used to fight a good cause.
There was a case I read about where someoen was using full disk encryption. He said he gave police his password but it didn't work. The judge dismissed the charges because of the difficulty proving that the key produced wasn't correct but that the hard drive was not corrupt, among other things.
But the point is "I gave you my password. I haven't seen the computer in a month while your forensic team was looking it over. Maybe I got it wrong, or maybe your boys screwed it up." That is not refusing to decrypt it. In fact it is very apparently cooperative.
RIPA is objectively flawed legislation, but it definitely doesn't "outlaw encryption" by anything less than a very long stretch of the imagination (as appears in this article).
But it's not all that unusual for the gov't to really "have it in" for someone, but not be able to pin the crime on them, as with Al Capone.
In his case, the government didn't think it could pin the true charges on him, so he was actually convicted on tax charges. The tax code is big, obscure, and no expert agrees on the detailed interpretation, so it's not too hard to find some technicality that will convict anyone.
This encryption thing could easily be misused the same way: they can't prove you're a bad guy, so they trump up some technicality charges just to get you locked up.
You would ahve to go back to the bad old days of the star chamber to find the UK law system doing anything as doddgy as Al Capone (not exactly the USAs Legal systems finest hour)
In the UK, the term "government" refers to the executive branch. Outside that use, it encompasses the legislative, executive and judiciary power of a state. Wikipedia gives the following definition:
Government consists of the legislators, administrators, and arbitrators in the administrative bureaucracy who control a state at a given time, and the system by which they are organized.
Judges are part of that by definition, even if there's some separation from the other components.
I dubt wikipedia edited by a large number of Non UK People woud get the subtle destiction I am making here.
In the United States, we use the term "administration" to refer to an executive, his cabinet, and other associated officials. However, we still recognize the (not-so-subtle) distinction between the administration and the government as a whole; our government, as yours, is divided into three separate branches, and then again into many departments, agencies, committees, circuits, districts, and other subdivisions thereof.
I suppose you mean Silicon Valley, but I live on the East Coast (~3000 miles away). Also, our "tripartite separation" is based on yours, with the President taking the place of the Monarch/Prime Minister, the Congress taking the place of Parliament, and the Judiciary being roughly the same (we even use the same style of law, called common law, whereas most non-English-speaking countries use civil law).
I suppose that explains the eye of newt in the recipes.
And how did that work out for the Guildford four for example?
You are correct. However, suppose you encrypt some data and forget the key, or you store some radio noise in a file, or whatever.
Later, you are accused of a crime. The judge issues a warrant.
The data/noise is now evidence against you. You are presumed guilty, and it is impossible to prove your innocence.
Are you suggesting that the courts would somehow just believe, with no evidence, that it's encrypted data relevant to the case and you're wilfully withholding the keys?
"Being found guilty... regardless of evidence" makes no sense. Part of 'being found guilty of breaking the law' involves the prosecution giving evidence that a jury thinks proves your guilt beyond reasonable doubt (inc. proving that you were in possession of a key, and so that it was actually encrypted data). s.53(3).
Isn't there something like this in the UK? You know... if someone says that you have ilegal encrypted data, they first would have to prove that it is really encrypted data and then that it is ilegal data.
What hasn't been tested in court (afaik) is the refusal to hand over a passphrase that protects the encryption key. If the passphrase exists only in your head, it could be argued that it doesn't exist separate to your will.
It would be like handing over an virtually unbreakable safe and saying "open it".
> It implies you've got a huge cache of it hanging
> around ready to go.
- Somehow they came up with his IP in a sting where a link to a file was posted somewhere. I don't know if this was posted to a kiddie porn forum (or someplace where just hanging out there is enough to make you suspicious) or just someplace like 4chan (where there's a number of people that will click the link out of curiosity).
- He had 'recently' re-installed Windows. They claimed that he had obstructed justice (or some other B.S.) b/c he had destroyed evidence. (Evidence that they couldn't prove even existed, IIRC.)
- He had a single thumbnail of kiddie porn in a browser cache.
I think that he just settled with the Feds, but cases like this stick out in my mind because it makes it seem like we're all riding the razor's edge and could fall into the Federal justice system at any moment for some random, stupid reason.
[ Plus taking down a pedophile is brownie points to local politicians, which may (or may not) be pressuring them about crime statistics. ]
And getting onto the darknet is but a simple download away...
Edit: Link to ent http://www.fourmilab.ch/random/
You could prove the file is encrypted if it is indeed encrypted and you have the passphrase and the program to decrypt it, but outside of that, it's simply not possible to say with any level of confidence that the bits are really encrypted.
BTW, I wrote TCHunt in 2007, a program that attempts to seek out encrypted TrueCrypt volumes and I have a FAQ that covers much of this. Here's the link for anyone interested in reading more about it: http://16s.us/TCHunt/
And, there is usually much more to it than randomish bits in a file on a disk. The government agents usually have other evidence that suggests the person in question is doing illegal things and may have cause to use encryption. Finding actual encrypted data is normally just icing on the cake to them.
This makes this attempt at a law look even sillier.
But the wording was ridiculous, something about any hidden or private meaning in any otherwise innocuous text.
So if you happened to have a book of poetry around the police could compel you to explain the symbolism! Heaven help you if you had a Torah and they asked you to explain any "hidden meanings"
"For the purposes of this section a person shall be taken to have shown that he was not in possession of a key to protected information at a particular time if—
(a) sufficient evidence of that fact is adduced to raise an issue with respect to it; and
(b) the contrary is not proved beyond a reasonable doubt."
In other words, if there's evidence for there to be 'an issue' about whether you actually do have a key (or whether e.g. it's just random noise), it's up to the prosecution to prove beyond reasonable doubt that it is actually data, and you do have the key.
So the flowchart is:
- If the police can prove they have reasonable grounds to believe that something is encrypted data that you have the key to, then
- That raises an evidential presumption that you do have it, which you can rebut by
- adducing evidence that just has to raise an issue about whether you have a key (inc. whether it's encrypted data at all), in which case the police have to
- Prove beyond reasonable doubt that it is encrypted, and you do have the key.
So now, you may actually know what's in that file. Great, no problems (other than the headache of dealing with explaining files in the first place).
The real danger is what if you don't know about the file, either? "I have no clue" is not going to cause reasonable doubt. The problem here is the law starts from a presumed guilt, which is problematic if you are, in fact, innocent.
But it really does come down to how the first clause of the law gets interpreted. Is it reasonably interpreted or not? I have lost faith in any chance of governments sticking to reasonableness when it comes to their threat of terrorism, protecting their "children", etc.
True, but they have to prove they have reasonable grounds for believing, not just that it's encrypted, but also that you have the key to it.
> "I have no clue" is not going to cause reasonable doubt
It doesn't need to cause reasonable doubt, it just has to raise an issue about whether or not you have they key. In which case the police have to prove you do beyond reasonable doubt.
But you are right - it is ambiguous, and that evidential presumption is in danger of being interpreted in a very anti-defendant way.
> I have lost faith in any chance of governments sticking to reasonableness
Thankfully, it's not up to the government to interpret legislation, it's up to the courts. And they have to interpret criminal legislation (a) in favour of the defendant (common law principle), and (b) compatibly with the human rights act.
That second one is powerful, and has resulted in anti-defendant statues being interpreted almost out of all recognition by a court happy to interpret stuff compatibly with the HRA right to a fair trial. See e.g. http://www.guardian.co.uk/uk/2001/may/18/lords.politics .
I know the answer to this is 'easier said that done'. Certainly hardware and OS vendors can't be trusted with this task. Maybe FOSS installers could educate users and optionally create the file? How can we make this happen? I want to wear a t-shirt that says 'random numbers save lives.'
“key”, in relation to any electronic data, means any key, code, password, algorithm or other data the use of which (with or without other keys)—
(a)allows access to the electronic data, or
(b)facilitates the putting of the data into an intelligible form;
-- and --
“protected information” means any electronic data which, without the key to the data—
(a)cannot, or cannot readily, be accessed, or
(b)cannot, or cannot readily, be put into an intelligible form;
At first, I thought the argument in this article was nonsense. However, whilst I'd hope common sense would prevail, the definitions above seem broad enough that a policeman could make one's life difficult for a while.
- we have Tb of data in our detector system that is either truely random (ie part of a Monte Carlo sim) or is essentially random (the detector noise), how do we prove this isn't encrypted.
Oh don't worry, said the nice man from the police computer unit - it's only going to be used against terrorists.
As a rule the UK police tend to have alot of common sence, but they are also human. That all said the whole blackberry encryption affair recently arising due to the riots does highlight further shortcommings.
Still this law was instigated prior to 9/11 and in that you do wonder what it would look like if it was instigated after the event and how it may of looked.
So this argumentation does not strike me so extraordinary. But that does not change the point, that this law really has the possibility to be misused.
Yet 5 minutes after the 9/11 attacks on America the UK suddenly needed a whole raft of laws to intercept all phone calls, hold people without trial, random stop and searches etc.
I had no idea the IRA was this level of threat - a personal threat to the people in power. And the problem was pretty much solved through the long hard slog of getting them round a table talking (http://en.wikipedia.org/wiki/Good_Friday_Agreement).
http://en.wikipedia.org/wiki/Stakeknife is the best example - the guy who was put in charge of finding moles within the IRA had been a British agent for 20 years!
Not that you'd expect any British or Unionist pols to mention this... when they've won, no point in rubbing their opponents' noses in it.
Personaly cost me a job, almost blown up once and had a long walk on day. But we have moved on.
Funny thing is the there was a time I was supposed to go intot he office on saturday to do a upgrade, woke up saturday and had a bit of a hangover so as it made no difference I thought I'll go in Sunday. Was lucky as the office got blown up Saturday so in all respects a hangover saved my life - literaly.
The mortar attack caused me to have a very long walk, on a very snowy day, was alot of fun and fond memories of seeing a london taxi unable to go over a bridge as the road was so snowed/iced up.
I Had a in the bag job all lined up, IRA blew that office up and as such job went up in smoke.
But hey, it's history and can laugh about it now.
We all learn from our mistakes eventualy.
And considering how "comprehensive" it was, I'd say it was already written up and shelved for a crisis like that. I'm not much for the whole conspiracy theory stuff, but that just seems fairly obvious.
Meanwhile, a criminal could easily just store everything on an encrypted microSD card, then eat it if anything goes wrong - the oldest trick in the book still works in the digital age :-D...
Even in the US, with amendments against self-incrimination, if the authorities already know you have encrypted some incriminating data, you can be ordered to hand over the key.
In the Colorado case, the police had intercepted a
telephone conversation in which the defendant, Ramona F.,
acknowledged her ownership of the laptop and alluded to
the existence of incriminating documents in the encrypted
portions of the hard drive.
I conclude that the Fifth Amendment is not implicated by
requiring production of the unencrypted contents of the
Toshiba Satellite M305 laptop computer.
Though you are right that the law in the UK seems very strict. As an international banker I would be weary bringing a master key or encrypted volume into the UK.
Whether they'll be used is another matter. People were asking "what's the difference between a plane that has been crashed into London and a plane that has been shot down over London?", to which the reply is "a plane that is shot down is, effectively, disintegrated and burnt in the air, leaving small fragments to scatter."
It sounds absurd that you have to prove your innocence. It is common principle that who accuses is responsible for proving your guilty. Besides, even in the remote situation where they could prove somehow that a pile of random bits held some confidential data, no one should be acused of not deciphering it to provide proof against himself. It sounds like inquisition :) If you deny having a deal with the devil you die, and if you confess it, you die too.
But that's the thing: you can't prove that.
You're saying: "prove that there does not exist any decryption method or key that will turn this blob into incriminating data."
You can never prove that such a decryption method doesn't exist.
In fact, maybe it does exist? Given a blob of random data and infinite time, couldn't you find a way to "decrypt" that into pre-defined data? (I'm not really sure of that.)
You don't need to prove that it could never be decrypted, you need to provide an alibi and then the prosecution needs to prove beyond a reasonable doubt that your alibi doesn't hold true. Your alibi is your proof.
After all, if you can provide a key to anything, then all you have to do (whether it's encrypted financial documents or random noise) is say, "Yep, it's encrypted, here's the key, it's the text of the Wikipedia page for 'kittens.'"
Prove that's not the correct key. If the onus for producing a key (whether one exists or not) is on the defendant, isn't the onus for proving the validity of the decrypted file on the prosecution?
All this comes back to cases like the one from CA (I think) where the guy who refused to decrypt the evidence that would prove his guilt.
And from another perspective, if you're Bernie Madoff and the evidence that will convict you is encrypted, won't you refuse to decrypt with a smile and take the 2-year punishment (with $500M in the bank) over life for financial fraud (and bankruptcy)?
For any non-trivial encryption method, you'd be brute forcing your way through a bunch of them to find the key that can decrypt the random noise to that message. Typical "20 times longer than the existence of the universe" warnings apply. :)
(a)allows access to the electronic data, or
(b)facilitates the putting of the data into an intelligible form;
These were PGP encrypted filesystems though, not random data.
File headers, existence of cryptography software and manuals, etc might be useful. Admission that the data is encrypted is stronger.
If you deny that there is a hidden volume then they'll just say that you're refusing to decrypt and prosecute you anyway.
Volume one contains hardcore porn, volume two contains bank job plans. Neither can be proved to exist with their keys.
When asked, hand over the porn keys. Plausible deniability.
Better yet, if you do anything with the outer volume without explicitly telling truecrypt about the existence of the inner volume, you will likely corrupt the inner volume and render it unusable anyways.
- The passwords on your bitcoin wallet give you the authority to spend your money.
- Your encrypted signature requires your private key so other's know your message came from you.
So, this law gives the government the ability to impersonate you and consume/use your assets in an unrecoverable way.
While the government might not have the authority to impersonate you or spend your money, they do have the authority to acquire the means to do so. And then all it takes is one dishonest person working for the government to use that information maliciously.
But on the whole, the whole article is scary and slightly unsettling. On the upside I dont live in the UK - But if we were to be traveling through the UK with our encrypted HardDrives, would we be targeted by the law?
Of course, if you have access to the files, you could just XOR the noise with some innocuous documents, and send the result to the police saying it's a one-time-pad.
Never really thought about how terrifying that might be in reality.
What would happen if there is encrypted data on your system but you didn't set the key yourself? For example DRM systems usually work by encrypting data and trying their best to make sure you never acquire the key.
Prevention is better than ranting after it's set in stone.
Eventually the preposterous laws drive those with mobility to simply leave. Follow that to it's logical conclusion; the UK will make it difficult to impossible to leave with your assets intact. Loss of privacy is a just a precursor to loss of private property altogether.
The law as I understand it says that if you've got data (and the context of the law is in focussed primarily on targeting terrorism, child-porn etc) that you've encrypted but refuse to give over the encryption keys to; then if the police then convince a judge that there is valuable evidence in the encrypted data, and you still refuse, then you could ultimately go to prison.
Is this really any different to a digital search warrant?
Sure this law, like many others, could be abused. But I don't see it as anything to get to wound up about.
P.s. what kind of person has a 32GB file of satellite noise to generate random numbers with?!
> Police argue the files "could be child pornography, there could be bomb-making recipes."
Note that he was in prison -serving a sentence- but has since been transferred to a secure mental health hospital where he can be detained under the MHA until he is well.
I don't know if he had an appropriate adult with him at any police interviews. I don't know if he had any legal representation at any time. These are weaknesses in the UK system.
Don't get me wrong I am a hacker and someone who has written lots of crypto code, but i don't see this as an example to support the case against the legislation.
what kind of person has a file of random (or near enough to not be able to tell without 32gb of them) numbers?
Any cryptographer? Many astronomers? Physicists? Better lock them all up!
Now question is - compression can be views as encryption. How does that pan out if you use a non-standard form of compression that does not require a key as the compression formula is the key in itself!
What good does your maneuver do? Now you have to work with that key, and if they really care, they can laboriously type it in. All you've done is tick them off, right?
That all said you can have a trusted friend who lives in another counry maintain your key and vice versa, then things get messy.
Sad part about all this is criminals will find a way to get around the law, and in many cases they will way up the aspect of what charge they would get from the decrypted data compared to a maximum 5 year one and pick the easiest option.
For that matter, if you're in the middle of trial and give them what they asked, but in the most massively inconvenient way you can think of, they'll find you in contempt of court.
Judges are not (usually) stupid.
Judges are not stupid, not the easiest job to get and takes alot of work. They may not be experts in every feild they have to deal with though and in that they depend on expert witness's.
The point being that it is a silly flawed law and the approach I outlined is one which is just as silly, yet still compitulates with the letter of the law fully.
Now if your in a situation were you are having to defend raw random encrypted looking data that is just raw data, then is the onus upon yoruself to prove it's just random data and if not anybody could say its not encyrpted its random data, could they not?
Question is how should the law actualy handle the situation were some data from a criminal activity is encrypted and would requitre 1000 years to brute force? This law was a way to cover those situations. It's not perfect and in many respects is down right offencive. But it's like this - if you have nothing to hide then why should you be made to feel like a criminal. That is the real crux of the matter, though some people may view it entirely differently. Heck a badly spelt/grammer document could be deemed as hiding encrypted data when it is just bad spelling/grammer or it could actualy be encypted/obfiscated data hidden within the document. you just can't tell and that is were it starts to get realy realy messy.
No, but wasting police time is.
The point being that whilst your obligated to provide the key, there is nothing saying how that key is provided and that is another flaw in a flawed law. Though some people are taking it too literaly I suspect.
Until there is a case of this law being used to actualy procecute somebody unfairly and unjustly then it is hard to argue it's flaws, but we all see those flaws and shortcommings, like many things in life. Nothing is perfect.
This is why we have resonable doubt in the UK and innocent until proven guilty. In France they have guilty until proven innocent and such a law as this over there would be alot more painful to defend in that respect. Personaly I like the Scottish system of Innocent until proven Guilty but with the added verdict of not-proven, this covers things were it is not entirely clear that your innocent and there are doubts, though not enough to convict a guilty verdict. That too me is a fairer system on balance.
GCHQ aren't idiots, and would be able to "decrypt" such toy crypto schemes. But, even if they couldn't be bothered to do so the law doesn't require only a key, but either a key or to make the data intelligible.
This is not about some "toy encryption schemes" it is a observation that as this law stands it there is no real way to say what is random and what is encrypted or in the case I point out - compressed. Now the whole argument of making the data intelligible is a completely different argument and gets back to how do you prove random data is actualy just that. You can't.
Good encyption with have entropy akin to random data. Also a compressed file will have the entropy of poorly encypted data.
Data is just that, data. Intelligble data is information and is not data. Big difference and in that any data set is random without meaning/interpritation.
> Now question is - compression can be views as encryption. How does that pan out if you use a non-standard form of compression that does not require a key as the compression formula is the key in itself!
You then ask why I mention GCHQ. I mention GCHQ because they control NTAC (National Technical Assistance Centre) - this is who will attempt to decrypt the data. This will happen in parallel to RIPA notices being issued.
If a person uses a non-standard form of compression and the police are interested there are two actions from police:
1) GCHQ trivially 'break the crypto'
2) A RIPA notice to make the data intelligible is issued, forcing the user to un-compress the data.
> Now the whole argument of making the data intelligible is a completely different argument
No, it really isn't. If you've encrypted it or compressed it or used steganography or used some simple code system to hide data they issue a notice and you have a limited amount of time to make the data intelligible.
> and gets back to how do you prove random data is actualy just that. You can't.
This is a different argument, and is not what you said.