You RIPA!
The Regulation of Investigatory Powers Act is a piece of legislation that has been enacted in the UK for a few years. Despite this, one component part of RIPA remained un-activated until October 1st 2007. UK Citizens are being told that if you have nothing to hide you have nothing to fear. Nothing to fear except their government perhaps.
The component of the legislation that was ‘activated’ deals with criminalising anyone who:-
1. Fails to present a decryption key for encrypted data upon demand from the authorities.
2. Tells anyone else that the key has been requested except for their lawyer.
What if you genuinely cant remember your passphrase or password or can’t produce a decrypted form of the encrypted data? Simple if you fail to prove your innocence you will go to jail for 5 years. I don’t know about you, but I remember all my passwords from the past 15 years….
An abuse of your rights.
Lets say I don’t like you, and I decide to send to you a CD that contains an encrypted data file, lets say I tip-off the police anonymously that that person is part of a plot to kill the prime minister and that the plans were kept in an encrypted form.
How the hell would you be able to prove that you don’t have the passphrase? How could you prove that the CD is not yours if your finger prints got on it when you opened the envelope?
Ways around this stupidity.
For those who need it, there are methods that can be used to get around this issue. Using Truecrypt its possible to encrypt files and hide others completely so that they do not appear to exist. You can not decrypt what does not exist.
Re-house your data abroad, but not within the United States. I would suggest other nations such as Australia, Canada and European nations.
If you need to encrypt small quantities of sensitive data, Steganography (embeds encrypted data in an image) is a prospective solution.
Ensure your decryption and public keys expire so that if they are requested by the authorities they will become unusable at a certain time. Also changing a key and passphrase regularly can greatly improve your personal security.
In a situation where a draconian measure like this has been forced onto the general populace, the best form of defence is plausible deniability.
Recent Comments