You are here:
AustLII >>
Databases >>
Privacy Law and Policy Reporter >>
1996 >>
[1996] PrivLawPRpr 35
Database Search
| Name Search
| Recent Articles
| Noteup
| LawCite
| Help
Greenleaf, Graham --- "The scrmable to develop encryption rules" [1996] PrivLawPRpr 35; (1996) 3(3) Privacy Law & Policy Reporter 54
The scramble to develop encryption rules
Graham Greenleaf
As
outlined in last month's special issue of PLPR on encryption and privacy, the
outlined in last month's special issue of PLPR on
encryption and privacy, the
technologically advanced countries of the world are scrambling to develop
defensible policies on encryption
which will balance interests of personal and
business privacy on the one hand, and law enforcement and national security
needs on
the other. Some recent developments in Australia and the UK are noted
in this article.
Australia -- too many cooks?
At
least seven different enquiries currently underway in Australia touch on the
development of encryption
policies. Most visible is probably the
AUSTRAC-chaired inquiry into the law enforcement implications of electronic
commerce (details
below). Austel's Law Enforcement Access Committee (LEAC) is
looking at the telecommunications interception aspects. The Online Services
Task Force of the Attorney-General's Criminal Law Division, the Wallace review
of the financial system, an inter-Department committee
headed by the Tax
Office, and an electronic counterfeiting study involving Tax, Customs and A-Gs,
all include encryption issues in
their ambit. Last, but probably not least, is
a review being carried out by an adviser to the Attorney-General's Department,
a former
senior national security officer. In addition, Standards Australia,
Australia Post and others are developing public key infrastructure
proposals.
From all of this, some coherent government policy is supposed to emerge.
Another
player which is likely to put its hat in the ring on encryption policy - and
privacy and censorship policies - is the Information
Policy Advisory Council
(IPAC), foreshadowed (under the name `Information Policy Task Force' - IPTF) in
the Coalition's `Australia
Online' policy (see 3 PLPR 1) as a `standing
advisory committee' supported by a secretariat in the Department of
Communications and the Arts, to replace Labor's
National Information Services
Council (NISC). IPAC is to be chaired by Terry Cutler, and the other
appointments will be announced
soon (see Communications Minister Alston's
INTIAA speech at http://www.dca.gov.au/speeches/intiaa.html). Some interesting
turf disputes between DoCA and A-Gs may well emerge.
AUSTRAC's Electronic Commerce Task Force
The
Australian Transaction Reports and Analysis Centre (AUSTRAC) has been asked by
the Commonwealth Law Enforcement Board (CLEB --
see http://www.nla.gov.au/cleb/
if unfamiliar) to head an Electronic Commerce Task Force (ECTF) to investigate
electronic commerce issues of concern to Commonwealth
Law Enforcement. It is to
report by November 1996. It is to cover e-cash, smart cards and other forms
of `cyberspayments', both domestically
and internationally. ECTF's Steering
Committee is made of law enforcement agency representatives, who are to invite
privacy, banking,
consumer, industry, government and other groups to
participate in working parties.
Ford on crypto policy
Peter
Ford, First Assistant Secretary, Security Division, in Commonwealth
Attorney-General's gives some interesting insights in the
current thinking from
that direction in `Information Security, Censorship and Privacy', a paper
presented to an AiC Conference in
June 1996 (available at
http://www.anu.edu.au/people/Roger.Clarke/II/Ford960619.html). The paper is
most interesting in its discussion of the options available to law enforcement
and other agencies in the event of
strong encryption being widely available in
the absence of any compulsory `key escrow' (`trusted third party' or `TTP')
schemes.
It discusses legislative options to encourage wide use of trusted
third parties (which are therefore easier to serve with warrants
but maintain
covert operations), and suggests (rather ingenuously, perhaps) that a
compulsory TTP licensing scheme would `offer better
consumer protection'. It
also discusses possible amendments to laws concerning evidence,
self-incrimination, warrants etc to facilitate
investigations and prosecutions
in such an environment.
On
10 June 1996 the UK Government announced that it would legislate to licence
anyone who provided `encryption services to the public'
- `Trusted Third
Parties' (TTPs). The proposal in full is appended, extracted from the
Government's `Paper On Regulatory Intent Concerning
Use Of Encryption On Public
Networks'. Significant features of the proposal are that, although any
activities by `third parties'
will be licensed, `the private use of encryption'
will be unregulated. However, it is only proposed that export controls on
encryption
products will be relaxed if they are `applicable to encryption
products which are of use with licensed TTPs'. The paper says `The
licensing
policy will aim to preserve the ability of the intelligence and law enforcement
agencies to fight serious crime and terrorism
by establishing procedures for
disclosure to them of encryption keys, under safeguards similar to those which
already exist for warranted
interception under the Interception of
Communications Act 1985.'
Graham Greenleaf, General Editor.
AustLII:
Copyright Policy
|
Disclaimers
|
Privacy Policy
|
Feedback
URL: http://www.austlii.edu.au/au/journals/PrivLawPRpr/1996/35.html