You are here:
AustLII >>
Australia >>
Journals >>
PLPR >>
1996 >>
[1996] PLPR 35
[Global Search]
[PLPR Search]
[PLPR Homepage]
[Help]
The scramble to develop encryption rules
Graham Greenleaf
As
outlined in last month's special issue of PLPR on encryption and privacy, the
outlined in last month's special issue of PLPR on encryption and privacy, the
technologically advanced countries of the world are scrambling to develop
defensible policies on encryption which will balance interests of personal and
business privacy on the one hand, and law enforcement and national security
needs on the other. Some recent developments in Australia and the UK are noted
in this article.
Australia -- too many cooks?
At
least seven different enquiries currently underway in Australia touch on the
development of encryption policies. Most visible is probably the
AUSTRAC-chaired inquiry into the law enforcement implications of electronic
commerce (details below). Austel's Law Enforcement Access Committee (LEAC) is
looking at the telecommunications interception aspects. The Online Services
Task Force of the Attorney-General's Criminal Law Division, the Wallace review
of the financial system, an inter-Department committee headed by the Tax
Office, and an electronic counterfeiting study involving Tax, Customs and A-Gs,
all include encryption issues in their ambit. Last, but probably not least, is
a review being carried out by an adviser to the Attorney-General's Department,
a former senior national security officer. In addition, Standards Australia,
Australia Post and others are developing public key infrastructure proposals.
From all of this, some coherent government policy is supposed to emerge.
Another
player which is likely to put its hat in the ring on encryption policy - and
privacy and censorship policies - is the Information Policy Advisory Council
(IPAC), foreshadowed (under the name `Information Policy Task Force' - IPTF) in
the Coalition's `Australia Online' policy (see 3 PLPR 1) as a `standing
advisory committee' supported by a secretariat in the Department of
Communications and the Arts, to replace Labor's National Information Services
Council (NISC). IPAC is to be chaired by Terry Cutler, and the other
appointments will be announced soon (see Communications Minister Alston's
INTIAA speech at http://www.dca.gov.au/speeches/intiaa.html). Some interesting
turf disputes between DoCA and A-Gs may well emerge.
AUSTRAC's Electronic Commerce Task Force
The
Australian Transaction Reports and Analysis Centre (AUSTRAC) has been asked by
the Commonwealth Law Enforcement Board (CLEB -- see http://www.nla.gov.au/cleb/
if unfamiliar) to head an Electronic Commerce Task Force (ECTF) to investigate
electronic commerce issues of concern to Commonwealth Law Enforcement. It is to
report by November 1996. It is to cover e-cash, smart cards and other forms
of `cyberspayments', both domestically and internationally. ECTF's Steering
Committee is made of law enforcement agency representatives, who are to invite
privacy, banking, consumer, industry, government and other groups to
participate in working parties.
Ford on crypto policy
Peter
Ford, First Assistant Secretary, Security Division, in Commonwealth
Attorney-General's gives some interesting insights in the current thinking from
that direction in `Information Security, Censorship and Privacy', a paper
presented to an AiC Conference in June 1996 (available at
http://www.anu.edu.au/people/Roger.Clarke/II/Ford960619.html). The paper is
most interesting in its discussion of the options available to law enforcement
and other agencies in the event of strong encryption being widely available in
the absence of any compulsory `key escrow' (`trusted third party' or `TTP')
schemes. It discusses legislative options to encourage wide use of trusted
third parties (which are therefore easier to serve with warrants but maintain
covert operations), and suggests (rather ingenuously, perhaps) that a
compulsory TTP licensing scheme would `offer better consumer protection'. It
also discusses possible amendments to laws concerning evidence,
self-incrimination, warrants etc to facilitate investigations and prosecutions
in such an environment.
On
10 June 1996 the UK Government announced that it would legislate to licence
anyone who provided `encryption services to the public' - `Trusted Third
Parties' (TTPs). The proposal in full is appended, extracted from the
Government's `Paper On Regulatory Intent Concerning Use Of Encryption On Public
Networks'. Significant features of the proposal are that, although any
activities by `third parties' will be licensed, `the private use of encryption'
will be unregulated. However, it is only proposed that export controls on
encryption products will be relaxed if they are `applicable to encryption
products which are of use with licensed TTPs'. The paper says `The licensing
policy will aim to preserve the ability of the intelligence and law enforcement
agencies to fight serious crime and terrorism by establishing procedures for
disclosure to them of encryption keys, under safeguards similar to those which
already exist for warranted interception under the Interception of
Communications Act 1985.'
Graham Greenleaf, General Editor.
AustLII:
Feedback |
Privacy Policy |
Disclaimers
URL:
http://www.austlii.edu.au/au/journals/PLPR/1996/35.html
