From: Eric Murray <ericm@lne.com>
Date: Thu, 2 Jul 1998 16:46:11 -0700 (PDT)
To: jmcc@hackwatch.com
Subject: Re: IE Frees Crypto
In-Reply-To: <359BCD11.30DEF3CD@hackwatch.com>
Message-ID: <199807022345.QAA07915@slack.lne.com>
MIME-Version: 1.0
Content-Type: text/plain


John McCormac writes:
 
[about Irish crypto legislation]
 
> <quote>
>  In order to enable lawful access to encrypted data, legislation will
> be enacted to oblige users of encryption products to release, in
> response to a lawful authorisation, either plaintext which verifiably
> relates to the encrypted data in question or the keys or algorithms
> necessary to retrieve the plaintext. Appropriate sanctions will be put
> in place in respect of failure to comply.
> </quote>
> 
> This seems to be carefully considered in that the user could be asked to
> prove the encrypted document contains the encrypted form of the
> plaintext. But the most important thing is that a search warrant would
> be required to force the user to give up the plaintext or the key.

It says "lawful authorisation" not "search warrant".

That means that sometime later they can go back and
pass another law that says that "lawful authorisation" for
forcing one to reveal one's plaintext or keys is something
much less stringent than a search warrant.
Most proposed US crypto regulations have similar weasel-words.



-- 
Eric Murray  Chief Security Scientist  N*Able Technologies  www.nabletech.com
(email:  ericm  at  lne.com   or   nabletech.com)          PGP keyid:E03F65E5