Animal Rights Activists Forced to Hand Over Encryption Keys

In the UK:

In early November about 30 animal rights activists are understood to have received letters from the Crown Prosecution Service in Hampshire inviting them to provide passwords that will decrypt material held on seized computers.

The letter is the first stage of a process set out under RIPA which governs how the authorities handle requests to examine encrypted material.

Once a request has been issued the authorities can then issue what is known as a Section 49 notice demanding that a person turn the data into an "intelligible" form or, under Section 51 hand over keys.

Although much of RIPA came into force many years ago, the part governing the handing over of keys only passed in to law on 1 October 2007. This is why the CPS is only now asking for access to files on the seized machines.

Alongside a S49 notice, the authorities can also issue a Section 54 notice that prevents a person revealing that they are subject to this part of RIPA.

Actually, we don't know if the activists actually handed the police their encryption keys yet. More about the law here.

If you remember, this was sold to the public as essential for fighting terrorism. It's already being misused.

Posted on November 28, 2007 at 12:12 PM • 94 Comments

Comments

silenceNovember 28, 2007 12:35 PM

I'm just waiting for somebody to start putting random data on peoples' computers so that the cops can demand that it be decrypted.

AnonymousNovember 28, 2007 12:43 PM

"I'm just waiting for somebody to start putting random data on peoples' computers so that the cops can demand that it be decrypted."

Who needs to? You've an image file? Clearly the low bits are used to hide something! Doesn't produce anything meaningful, though, so you must have a key. Sit in jail until you hand it over.

David ThomasNovember 28, 2007 12:45 PM

Anonymous above was me.

Anyway, the obvious solution is that "refusal to hand over encryption keys when legally ordered to" should be a crime like any other, and should have to be proven beyond a reasonable doubt in order for there to be penalties.

Stevie ColbertNovember 28, 2007 12:47 PM

> this was sold to the public as
> essential for fighting terrorism

Animal Rights Activists are known to be closely allied to environmentalists, which is a big step on that slippery slope of becoming eco-terrorists. Today they're protecting bunnies, tomorrow they'll probably be spiking trees.

If they're not with us, they're against us.

Lock 'em all up.

KeysWhatKeysNovember 28, 2007 12:56 PM

Ok. So the person in question provides "the key" (aka password?) to decrypt the data. The officials try the key and it doesn't "work" (i.e. provide the info they are expecting), then what?

Maybe person truely forgot the key for that data, or maybe they they intentionally provided the wrong key. In any case, the person provided "the key".

jNovember 28, 2007 1:02 PM

So the British "antiterrorism" law is being misused. Is anyone surprised? Was anyone surprised when the same thing happened with the USA PATRIOT "antiterrorism" law?

Jeff BarrettNovember 28, 2007 1:02 PM

They don't identify the "animal rights activists" in the article, but several animal rights groups in the UK (e.g. the Animal Liberation Front) carry out hundreds of real terrorist attacks (firebombings, digging up graves, attacks on scientific laboratories using research animals). Don't know the details in this case, but there is the very real possibility of actual terrorism (just not the kind that makes it into the American news very often).

BetaNovember 28, 2007 1:03 PM

'In the event that there was doubt that a suspect did not possess a key, [David Harris] said, it was up to the prosecution to demonstrate beyond a reasonable doubt that they could know the passphrase.

'"They have quite a hurdle to overcome," he added.'

If the prosecution must show that he DOES know the passphrase, that's quite a hurdle. If the prosecution must show that he COULD know the passphrase, then the authorities now have the power to lock up pratically everyone who has a computer.

CGomezNovember 28, 2007 1:05 PM

Out of curiosity, why exactly do they want the keys? Is it to decipher data that was validly seized via a proper warrant?

I know this isn't the US, but I don't see the value in saying "if you simply encrypt your data that that evidence is completely immune from valid search and seizure."

In your previous blog comment you stated:
"But if you're guilty of something that can only be proved by the decrypted data, you might be better off refusing to divulge the key (and facing the maximum five-year penalty the statue provides) instead of being convicted for whatever more serious charge you're actually guilty of."

True, at least in that you are generally obstructing justice. There is no need for a seperate crime (that is bothersome). If the seizure is valid, then you are obstructing justice, and there are laws for that (again speaking from a US persepctive, but I would believe there is an equivalent).

A.PersonNovember 28, 2007 1:05 PM

Some Animal Rights Activists do blackmail, violence, damage to property etc.
What do they have to do to qualify as terrorists?

Fergus GallagherNovember 28, 2007 1:08 PM

Echoing what Jeff Barrett said, it's my opinion that "animal rights activists" (and similar) should definitely be treated as terrorists.

Or should brown skin be a necessary requirement?

Catullus 5November 28, 2007 1:11 PM

Gee, Officer, those files are nothing but digits of pi, XORed with a one-time pad. See, here's the one-time pad. Go ahead and decrypt it, you'll see. Can I go now?

Jeff CraigNovember 28, 2007 1:17 PM

As others have said, there is a chance that these Animal Rights Activists have engaged in terrorist activity.

As for the demand to turn over encryption keys, I'm of two minds. They could potentially be a part of a legal seizure, but at the same time, the potential for abuse is frightening. I know I wouldn't want to hand over my passphrase.

nrqNovember 28, 2007 1:19 PM

> If you remember, this was sold to the
> public as essential for fighting terrorism.
> It's already being misused.

Something similar happens here in Germany with data retention laws currently. They have just been passed 20 days ago and do not become effective until 2008, but politicians want to use the data to prosecute copyright infringement already.

IsaacNovember 28, 2007 1:20 PM

This law isn't being misused. It is being used exactly as intended. The law is being applied in a manner which is inconsistent with how the government said the law would be applied. The difference is that the public is naive enough to think that the government does what it says it will do. The law is what the law says. The law is not what the government spin doctor says about its application.


It is the same as the mortgage broker selling you an adjustable rate mortgage in 2002, and then telling you not to worry about the interest rate changing because that isn't likely to happen. Here it is 2007 and you've signed a mortgage you can't afford because the interest rate isn't 3% anymore. That would never happen! Mortgage brokers honest.

The people were sold a bill of goods and they bought it. In America we bought the patriot act.

Don't count on what they say, count on what they do or in this case write into law.


@silence it is an interesting question. The government must have some idea of what should be there if they are asking for keys. Could you take an oath before the court and say it's all just gibberish? there isn't anything to decrypt. what if you're key was something like "what does two plus two equal?" how many cops would try "4"

Michael AshNovember 28, 2007 1:24 PM

The question of whether these activists should be treated as terrorists is somewhat missing the point. The true question is this: why should terrorists be treated any differently from regular criminals? Why should you be subjected to harsher punishment and lower standards of proof just because your purported goal is to manipulate emotions instead of one of the standard litany of criminal motivations?

nathanNovember 28, 2007 1:26 PM

I wonder what would happen if your key was a big blob and not human-readable, and you had it stored with a sort of dead man's switch. E.g., you have to hit some button (run some program) periodically or the key is deleted irrecoverably. Then it would be impossible to hand it over, as the key would be automatically destroyed while you're sitting in a cell awaiting trial.

ScepticNovember 28, 2007 1:36 PM

I'm not sure I'd call this particular incident a misuse of the law. Some of the animal rights protestors have been involved in very serious violence and intimidation.

http://www.newscientist.com/channel/opinion/...

I also wonder if the police delay in requesting keys will cause them some difficulty here. Paragraph 53 (2) of RIPA (http://www.opsi.gov.uk/acts/acts2000/20000023.htm#aofs) states that

"In proceedings against any person for an offence under this section, if it is shown that that person was in possession of a key to any protected information at any time before the time of the giving of the section 49 notice, that person shall be taken for the purposes of those proceedings to have continued to be in possession of that key at all subsequent times, unless it is shown that the key was not in his possession after the giving of the notice and before the time by which he was required to disclose it."

So what happens if the suspect shrugs and says "sorry, I wiped the key from my USB stick last month".

I suspect that all the suspects have to do is keep their nerve.

Non-entityNovember 28, 2007 1:47 PM

@Jeff Barrett
"several animal rights groups in the UK (e.g. the Animal Liberation Front) carry out hundreds of real terrorist attacks (firebombings, digging up graves, attacks on scientific laboratories using research animals)."

Hmm.. one of these things is not like the others....

Fake51November 28, 2007 2:05 PM

A decade ago, being an animal rights activist didn't mean you were a terrorist - even if it involved a lot of the activities it does today. What has changed? The meaning of the word terrorist, little else. Previously, terrorism was distinctly political and any violence done in the name of animal rights only shared that one aspect: the violence. Nowadays, everybody is a terrorist, if they're not explicitly for the status quo in the western world.

I would suggest people either use the word terrorist in it's previous meaning or skip it altogether. As it is used now, it doesn't describe anything, but only serves to demonize whatever or whoever it is applied to.

Iowa HawkeyeNovember 28, 2007 2:08 PM

http://www.gazetteonline.com/apps/pbcs.dll/...

There was an animal rights break-in on my university campus a few years ago that was investigated at the time as a terrorist act (and still is for all I know). The most ominous thing that went on was a bit of petty vandalism combined with the theft of several hundred rodents. This scared the hell out of me, because I because it showed me that "terrorism" wasn't something objective, but just a scare word to round up inconvenient radicals.

Iowa HawkeyeNovember 28, 2007 2:10 PM

Of course that last line should have read "because it showed me that 'terrorism' wasn't something objective, but just a scare word to round up inconvenient radicals." Sorry about the typo.

FPNovember 28, 2007 2:20 PM

There is obviously some misunderstanding about the definition of "terrorist."

There is a wide range from random to specific targets, threats to property damage to murder, isolated to regular incidents, individuals to coordinated groups.

What about individual pyromaniacs that occasionally put private residences on fire? Organized animal rights groups that harass employees of laboratories? Uncoordinated anarchist groups that sometimes turn peaceful demonstrations into a rampage? The Washington Sniper? The Mafia?

No surprise that some want a most inclusive interpretation of "terrorist".

J.November 28, 2007 2:31 PM

Anti-terror laws being misused in the UK? Oh really?

Those are what the British police uses to control protests (your favourite search engines shall show you thousands of hits) and dissent (check what happened to Walter Wolfgang in New Labour's conference in 2005).

As an earlier posted said, these laws are used exactly as intended, same for RIPA.

BetaNovember 28, 2007 2:33 PM

@Sceptic

(Thanks for the RIPA citation.)
'...unless it is shown that the key was not in his possession...'

Am I reading this right? How can I possibly show that a key I once had is NOT in my possession? Turn out my pockets?

pmpNovember 28, 2007 2:34 PM

This product claims to have a "plausible deniability" feature that allows you to have a random decryptable segment of your data and the real secret stuff encoded in the same file with two different passphrases. If you are forced to provide the decryption secret (gun to your head, ..), you can provide the secret to the random segment. I have no idea if this works or holds water, but it is an interesting idea.

http://www.truecrypt.org/docs/?...

John DaviesNovember 28, 2007 2:39 PM

@J

Strictly speaking it was the Labour Party bouncers who threw him out not the police.

Nomen PublicusNovember 28, 2007 2:42 PM

Given that the entire internet is available, why would anybody keep incriminating documents, encrypted or not, on their PC? At the very least encode the data in a large image and upload it into Flickr.

KevinNovember 28, 2007 2:51 PM

I think I'm going to start the "large random bitstring collector club" where the members all enjoy storing large arbitrary random bitstrings on their computer for personal enjoyment, or mathematical study into the nature of randomness.

We encrypt them of course - we will happily, when provided with a warrant, provide investigators with a decryption key which will show them what our large random bitstrings look like in fact.

SpiderNovember 28, 2007 3:18 PM

@pmp
I like that idea, but I'd like a system that made two encrypted files or set of files look like one, each with a different passprhase. One passphrase reveals the secret data you don't want people to read, the other reveals harmless information like log ins information to bank accounts with small amounts of money in them. If you are forced to give up a key, you give them the one to the small bank accounts. They will see that its information that you might have wanted to keep secret, but not what they were looking for.

It looks like you are trying to comply with there wishes, without some crazy story about belonging to a "large random bitstring collector club" :)

Tom WelshNovember 28, 2007 3:25 PM

"If you remember, this was sold to the public as essential for fighting terrorism. It's already being misused".

1. It wasn't sold to the public. There was no need. As PM, Blair had an automatic majority in the House of Commons, which meant he could pass any law he liked.

2. Logically, it may have been essential in fighting terrorism. It is also being used for this.

Essentially, we are seeing a dichotomy between two views of government. Some believe that government is entitled to know everything about everyone, and control what everyone does all the time, if it will only make them safe and comfortable. Others (such as Jefferson) believe that government is a necessary evil, and the less of it we have the better.

MaxNovember 28, 2007 3:39 PM

@Spider

The hidden volume option of Truecrypt does exactly what you want. You create a master container w/ one password. Once that is done, you can segment off a portion of the (already encrypted) master container to hold a second, hidden volume encrypted w/ it's own unique password.

Giving up the first password allows access to the master/container volume and any (nonsensitive) data/files you put there. But there is absolutely no evidence that a second hidden volume might exist within the master/container volume.

The only thing in your example that can't happen is immediately gaining access to the hidden drive. You always have to open the master container first, and then open the hidden drive.

It's a nice program; they've done a lot with it since the early E4M days.

NickoNovember 28, 2007 3:47 PM

For the record, back when the RIP Act was going through in 2000 "animal rights" terrorists were explicitly mentioned as potential targets of section 49 and section 51 notices. Activists in this space have a long history in the UK of intimidation, threats, physical attacks and bombings. (I was evacuated from the Computer Lab at Cambridge University in the late '80s when the veterinary research lab adjacent was fire-bombed; the smoke damage shut down the mainframe for a week). This is exactly the sort of domestic terrorism the act was designed to target.

One can argue about the effectiveness of this sort of legislation, but I don't see any evidence that the law is in any sense being "misused".

TQ White IINovember 28, 2007 3:51 PM

Does anyone have any thoughts about what would happen under a corresponding law in America if a person said, "I cannot tell you that key because there is incriminating material on that hard drive. I plead the fifth."

Tangerine OrangeNovember 28, 2007 3:58 PM

@Nicko,

We are being manipulated. Our emotional buttons are being exploited by gov't for their own ends.

What exactly is "domestic terrorism?" In your book, fire-bombing counts; does straight-out murder count? How about assault? Extortion? Rape? Vandalism?

JessNovember 28, 2007 4:05 PM

I realize that the law in question is in the UK, but could a similar process occur in the USA? At least here, I would hope the 5th amendment would operate. A file that can't be read in the way the police prefer is evidence of precisely nothing. This is so whether or not it's been obfuscated as an image, sequential 8-bit data from a meteorological instrument, or whatever.

I would have thought that the police may not compel a suspect to produce evidence that hasn't been proved to exist. If you beat him enough or keep him locked up long enough or even threaten to do so in a credible fashion, he might admit to the crime or produce incriminating data. What about that scenario contributes to justice or security?

It is one thing when a legally-executed search uncovers evidence of a crime. It is quite another when all that is uncovered is some sequence of data, which would be some other sequence after an appropriate transform. Compelling any suspect to provide such a transform, especially since it can't even be shown to be unique, seems quite a bit like compelling self-incriminating speech to me. We're going to require that the police work a little harder than that.

Jon SowdenNovember 28, 2007 4:05 PM

@ Beta
'...unless it is shown that the key was not in his possession...'

Am I reading this right? How can I possibly show that a key I once had is NOT in my possession?
***********
Oh, that's easy: you are merely required to prove a negative.

Jeff ThompsonNovember 28, 2007 4:08 PM

> would happen under a corresponding
> law in America if a person ... plead
> the fifth.

In the America of my birth, there could be no such law.

In today's America , telling the court that there's incriminating evidence on the drive might not work in your favor.

In tomorrow's America, I fear the Bill of Rights may be rendered meaningless. We've already seen habeas corpus withdrawn.

John RidleyNovember 28, 2007 4:30 PM

You always have to open the master container first, and then open the hidden drive.
Uh, no. I use hidden volumes under TC all the time, and I never provide the first-level password. I just tried it; plugged in my thumb drive, clicked the tc volume, provided the hidden password, it mounted with "Hidden" in the Type field.

You CAN provide BOTH passwords if you want; this gives you access to the "normal" (decoy) volume, but TC knows about the hidden volume and will protect it; you can use this mode to populate decoy stuff into the normal volume without risking damage to the hidden volume.

DudeNovember 28, 2007 4:31 PM

@Jeff Barrett
"several animal rights groups in the UK (e.g. the Animal Liberation Front) carry out hundreds of real terrorist attacks (firebombings, digging up graves, attacks on scientific laboratories using research animals)."

I'm curious: in what way did they use research animals to attack scientific laboratories?

SofakinbdNovember 28, 2007 4:33 PM

TQ White II:
I too would like to know if taking the Fifth would work for us here in America. I would have to if need be, no way I'm saying my phrase. Written, verbal, smoke signal, secret squid ink, whatever, not gonna happen.

J.November 28, 2007 4:41 PM

@John Davies

Indeed, Wolfgang got removed by the bouncers, but the police later used powers under the terrorism act to prevent him to go back in again, what with being a 80ish years old threat to society.

That these laws were used in this case, against a 82 years old Labour activist that escaped Nazi Germany in the 30s, just about sums things up, I feel.

WandaNovember 28, 2007 5:08 PM

> the authorities can also issue a
> Section 54 notice that prevents a
> person revealing that they are
> subject to this part of RIPA.

How Patriot Act-ish. What possible good to society is there to keeping prosecutions secret?

Can indictees at least tell their barrister?

Jon SowdenNovember 28, 2007 5:36 PM

@ Dude,
assuming you're serious ... read that as:

(the terrs attacked) (scientific labs that used animals as part of their research)

NOT

(the terrs used animals to attack) (scientific labs)

AjNovember 28, 2007 5:38 PM

I live in the UK and work for Pharma (Clinical programmer)

I fully support the right of animal activists to PEACEFULLY demonstrate their views, but for a long time too many animal rights activists in the UK have crossed the line into terrorism.

==rant==
In some ways it really sucks doing a job that is making a real difference for mankind , but your "officially" not supposed to talk about because of the real risk of animal rights terrorists.
==end rant==

I've never really liked RIP, because its far to easy to lose your keys. In real life the worst that can happen is dealing with a broken front door. In a digital UK you could get in very serious trouble.

neduNovember 28, 2007 6:01 PM

In the words of Mr. Justice Bradley:

"[A]ny compulsory discovery by extorting the party's oath, or compelling the production of his private books and papers, to convict him of crime, or to forfeit his property, is contrary to the principles of a free government. It is abhorrent to the instincts of an Englishman; it is abhorrent to the instincts of an American. It may suit the purposes of despotic power, but it cannot abide the pure atmosphere of political liberty and personal freedom."

BOYD v. U S (1886)
http://supreme.justia.com/us/116/616/case.html

But this is no longer good law in the United States. And, in the United Kingdom, the once-famous opinion of Lord Camden in Entick v. Carrington and Three Other King's Messengers now seems thoroughly repudiated and cast away.

It was a different age.

David DonahueNovember 28, 2007 6:28 PM

As I recall from reading Applied Cryptography long ago, that using several different techniques is it possible to embed multiple cleartexts within a encrypted stream, such that one passphrase will decrypt the "real" secret and a second passphrase will decrypt a "cover or mildly incriminating" cleartext message (it's very simple/easy with OTPs). I also remember seeing a paper, about 8 years ago that "proved" that it was not possible to detect the presence of the second embedded cleartext.

Unfortunately I don't recall the specific techniques and paper details as I never had a need to use them myself.

So, assuming my memory is right, then this is the same situation as needing a defense against rubber hose cryptanalysis. The Animal right folks to need to use the right crypto program so when the UK comes a calling, they reluctantly release the "cover key" that reveals that the members of the group have the hots for each other's wives, instead of the key that reveals their detailed plans to commit terrorist acts.

As I said, a "solved" problem from a Cryptography perspective, now all it needs is to be implemented into common encrypted messaging apps, and laws like the UK's will quickly drive just such product enhancements.

ChiNovember 28, 2007 8:06 PM

The Truecrypt idea doesn't sound great from a information standpoint. Encrypted data should have certain random properties, and a certain length. If there is too much data to plausibly reveal a small certain volume of text (especially since the Law will need to know the general algorithm too) then there must be something more.

Despite my lack of crypto background, I would bet a large amount of money that Truecrypt solves nothing.

rageaholNovember 28, 2007 9:20 PM

while i am in the US, i do actual animal work, unlike the clinical programmer commenting above.

as a direct target of these people, and one who has serendipitously had a not insignificant amount of interaction with them, i can say categorically that these laws are a much greater threat to human health and safety than the occasional animal rights wacko.

my tuppence, at least.

DavidNovember 28, 2007 9:22 PM

If I understand the idea behind Truecrypt, an encrypted volume looks just like a lot of random garbage. Into this I insert a small collection of porn, or Communist propaganda, or anything else I might be embarrassed to have come out, with one key. Everything else on the volume looks like random garbage, with that key entered. I put the incriminating stuff in with the other key.

I now have plausible deniability, for whatever good it does me (depends on the government and investigators, I guess). I have an encrypted area with, say, a collection of pornographic text adventures, that I want to protect from prying eyes. That's the reason for the Truecrypt volume, for all anybody can tell. The part of the volume that still looks random is doubtless waiting for real-time ASCII-character games.

Stefan W.November 29, 2007 12:13 AM

Animal right activists might be terrorists or ordinary criminals.
I thought a central point in human rights is, that I don't need to incriminate myself.

Maybe this encrypted file doesn't incriminate myself, but needs to stay secret.
Why?
Well - that's secret too.

I got 60 000 files in my home directory, not to mention files of the OS - I guess half a million.
Some of them are created 1993.
Shall I remember for every file what it is?
How to open?

Of course that doesn't lead to a clever hiding technique, which scales well; just to security by obscurity.

chuckNovember 29, 2007 2:26 AM

aren't they terrorists?! they do all the same stuff - intimidation, violence, they terrorize general population.

MarkNovember 29, 2007 3:24 AM

@A.Person
Some Animal Rights Activists do blackmail, violence, damage to property etc.
What do they have to do to qualify as terrorists?

Given the media's current obsession with "Islamic Terrorists" they'd probably have to have dark skin, speak Arabic and attend a Mosque every Friday...

The real question is why arn't other "anti terrorist" laws being applied to animal rights, anti abortionists, etc...

MDNovember 29, 2007 3:32 AM

I live and work in the UK. As others have said, there are groups of activists within the Animal Rights community over here who have no compunction in taking the law into their own hands, committing criminal acts to try and close down legal research projects.

There have been attacks on the research companies, companies who supply the research companies, their staff and homes. They have used everything from graffitti through more severe vandalism to letter bombs and defamatory attacks on individuals to destroy their careers and personal relationships. They have even targeted shareholders of the organisations.

There have been convictions of persons and groups for this kind of activity. it's fact, not supposition. Run a web search on 'Huntingdon Life Sciences' and do some reading. That's just one company that has suffered at the hands of violent extremists.

I readily accept that this is just a small, hard-core, group among many others who protest in entirely legal ways. I have no problem with the majority, even if I do not agree with them. Freedom of speech, yes. Freedom to impose one's will on others who have not broken any laws, no.

The use of RIP is only against that hard-core group who will stop at nothing to achieve their misguided goals. The Police must satisfy a judge before they can gain the necessary court order for an RIP order letter. That protects the rights and freedoms of the innocent as far as is possible.

BobNovember 29, 2007 4:22 AM

@Chi "If there is too much data to plausibly reveal a small certain volume of text (especially since the Law will need to know the general algorithm too) then there must be something more."

In Truecrypt you specify a size for a volume when it is created, so there is nothing strange about a 1GB volume containing only a few megabytes of data - you've simply made the volume large enough for future use.

SteveNovember 29, 2007 5:01 AM

Ok, it says: "Alongside a S49 notice, the authorities can also issue a Section 54 notice that prevents a person revealing that they are subject to this part of RIPA."

Since a section 49 notice is a demand that a person turn the data into an "intelligible" form, how do you demand something from someone without revealing to them that they are legally compelled to comply?

Police: Give it to me.
Suspect: Give you what?
Police: I can't tell you.
Suspect: Erm. ok, Is there some legal reason why?
Police: I can't tell you.
Suspect: So you want something, for some reason but can't tell me anything?
Police: Yes
Suspect: No
Police: You are under arrest.
Suspect: Why?
Police: Can't tell you.

pixelNovember 29, 2007 5:52 AM

There used to be an issue with TrueCrypt where you could detect a hidden volume, because the free space showed the wrong size. E.G. if you had a 400mb outer and 50mb inner hidden, the free space of the outer would only ever be 350mb. It looks as though they have fixed this now, but you can now accidentally overwrite the inner hidden volume. Swings and roundabouts really.

Maybe the best, easiest solution is to not be a criminal and not have any incriminating data in the first place?

TimNovember 29, 2007 6:35 AM

What pisses me off is that the law is bad for all of us right-thinking people who use encryption to prevent things falling into the wrong hands (starting with the fact that I work 99% the time with boxes 3000mi away via ssh), but there are two noteworthy specifics to the case:
a) it's not the police asking, it's a letter from the CPS which doesn't have the same clout at all;
b) so-called "animal rights" activists who inflict suffering on humans are bottom-dwelling scum-suckers for whom I have no sympathy and would happily see the full weight of the law thrown at - as long as by "law" we mean everything that doesn't adversely affect me too, such as RIPA! I worry how many people over on El Reg have only seen the first part of this, "animal rights people, well that's OK then" and not the fact that it affects all alike.

BillNovember 29, 2007 6:41 AM

A mans family are killed when a massive explosion rips through an apartment block. Apparently the appartment block also housed a scientist engaged in animal releated work. The police could have prevented this, they had siezed a computer with details of the plan but the terrorists were not required to had over the keys to the encrypted plans and only did so when the damage had been done.
Sometimes the law is wrong and sometimes its right - live with it, its the price we pay for not having religous police etc

NanymousNovember 29, 2007 6:52 AM

Steve

I don't know whether your misunderstanding is deliberate or not, but section 54 means that the suspect is not allowed to reveal to a 3rd party that he is the subject of a section 49 demand.

eg

Police: Here's a S49 notice for your keys and a S54 notice that you cannot let anyone else know that you've given the keys to us.
Subject: Or what?
Police: Do you like porridge?

CGomezNovember 29, 2007 8:13 AM

I think if you are looking for US Case Law you won't find it well settled yet. There are definitely some similarities to testifying against yourself but there are also striking differences.

For example, if you merely had not had the foresight to encrypt some incriminating evidence, it would (in many cases) be perfectly usable against you. So, merely the fact you were bright enough to encrypt it should be enough to prevent its use against you? Something doesn't seem right about that.

The Constitution does not protect criminals or criminal activity.

At the same time, it does protect your rights. Forcing you to turn over an encryption key seems an awful lot like testifying against yourself.

There are definite similarities and differences. Which way to splice this is not an easy question nor settled at all.

bobNovember 29, 2007 9:29 AM

@pixel: The problem is this - The way society is going, I do not know TODAY as I write something on a computer, whether having written it will make me a criminal TOMORROW. Furthermore with software like Vista taking total control of my PC away from me, IT could download something onto my PC which I could be held responsible for.

Truecrypt rocks.

I have long been puzzled by the logic of classifying evidence. -
"What am I being accused of?"
"We cant tell you, but we know you did it!"
"If I did it I would already know about it, so you wouldn't be giving anything away!"
"But if we are wrong and you did NOT do it, we would have to let you go and then you would be able to divulge classified information, so we cant tell you!"

SteveKNovember 29, 2007 10:05 AM

@ legal question -- this is a UK law, not US. If US (e.g., Patriot act) then 5th Amdt provides right against SELF incrimination. You can't [*] be forced to hand over keys if authorities are looking for evidence that can be used against you. If they are looking for evidence that can be used against others, but not you, then 5th does not apply (e.g., membership list or customer list). Patriot act (and FISA) both have "don't tell" provisions.

[*] most likely ruling, but case law not settled yet.

Steve K (a US lawyer)

neduNovember 29, 2007 10:10 AM

"The Constitution does not protect criminals [...]"

@CGomez

The Eighth amendment, forbidding cruel and unusual punishment, most assuredly applies to those convicted of a crime. Who else would it apply to?

Thus, your assertion that the Constitution does not protect criminals is generally false.

Further, it is a well-settled principle of our constitutional scheme of government that no person shall be set outside the law, nor wholly deprived of the protection of the law. To admit otherwise is to admit tyranny.

A person convicted of a capital crime may indeed be shorne of liberty and perhaps his life, but he shall not not be punished except by law under our Constitution. The Constitution protects the criminal.

BetaNovember 29, 2007 10:49 AM

@Nanymous
Police: Here's a S49 notice for your keys and a S54 notice that you cannot let anyone else know that you've given the keys to us.
Subject: Or what?
Police: Do you like porridge?

***

Subject: I'm revoking this key.
Friend: Why?
Subject: I can't tell you.
Friend: 'Bye. [Exit, pursued by a bear]

CGomezNovember 29, 2007 10:57 AM

@nedu:

Those are some nice platitudes. It's always great to wrap yourself in the flag when you don't have anything to add.

I will stand corrected the Constitution protects all of its citizens. I plead that I misspoke. I appreciate that you took my entire point and grabbed a piece of it out of context. It wasn't even the main point. But I can admit the mistake. Now, let's get back to the point.

I do not believe it protects criminal activity. In other words, it strives to give authorities tools to investigate and prosecute crime.

I will allow my general point to stand that it is not an easy answer that requiring encryption keys to be turned over (upon valid search or seizure) is an automatic 5th amendment violation.

It is not perfectly clear whether this is "testifying against yourself" or "obstruction of justice".

I think the law is unsettled on this point and the test controversies have yet to arise.

I suspect if we ever got an answer, it will not be clear cut. Like the many lines that have been drawn to dissect 4th amendment protections, I suspect we will see as many lines drawn to divide when the authorities get something, and when they don't.

Otherwise, we would be saying you can obstruct justice merely by encrypting as much evidence as you can. This is going to be an interesting legal issue, if it ever actually plays out.

CGomezNovember 29, 2007 10:59 AM

@SteveK:

I would be very interested in any appellate case that has tried to deal with this so far (US law). I completely agree with your analysis that we'd be limited to evidence that would incriminate you.

Even if it's not Supreme Court, I wonder how the different appellate courts are trying to deal with this... if it's even come up yet.

BetaNovember 29, 2007 12:35 PM

@nedu

(I wish I could send this privately.) You're right. Please don't let yourself be baited.

BobNovember 29, 2007 1:42 PM

> There used to be an issue with TrueCrypt
> where you could detect a hidden volume,
> because the free space showed the wrong
> size. E.G. if you had a 400mb outer and
> 50mb inner hidden, the free space of the
> outer would only ever be 350mb. It looks as
> though they have fixed this now, but you can
> now accidentally overwrite the inner hidden
> volume.

Not if you know how to use TrueCrypt. The outer volume can be mounted with a flag (in Linux, on Windows in another way) indicating that the hidden volume should be protected. This will also ask for the hidden volume password. Of course, one would not normally use the outer volume on a regular basis, as it is merely a decoy.

Use of TrueCrypt requires a bit of effort (on Linux, the Windows version is said to be more streamlined), and visiting the forums is recommended before one starts using it. However, all problems mentioned in the previous post have been solved, and TrueCrypt can provide full protection against RIPA if used well. All my external hard-drives have been turned into TrueCrypt-encrypted devices with a hidden volume, out of principle rather than that I have anything (criminal) to hide, as I live in this godforsaken police state off the coast of Europe.

jayhNovember 29, 2007 2:20 PM

@chi
If there is too much data to plausibly reveal a small certain volume of text (especially since the Law will need to know the general algorithm too) then there must be something more

Actually no. Truecrypt creates a virtual volume, you specify the volume size at creation. As you add information the volume size does not change. So I have a 500mb volume with only about 5% of that actually in use.

----
I don't know if this has hit the courts yet re: the 5th. The 5th protects you from coerced TESTIMONY, but it does not permit you to hide evidence or refuse a search warrant. Conceivably a court may consider this as evidence tampering.

EsurnirNovember 29, 2007 5:30 PM

@Bill: If I wanted to blow up a lab full of scientist with a group of activist do you REALLY think that I'm gonna hand over the cryptographic key just because the police come to my house and wave in front of me a section 49 that make me risk something like a *gasp* 5 year term, while divulging it would earn me life in prison without parole ?

What I would do in such case is do my 5 year which by the way give me a good alibi for not being the terrorist "what ? Bombing that house? But I was in prison! What your proof are on this encrypted drive? Well you know I'm already doing my 5 year term so if you think I'm gonna give your the key now piss off."

3 yeah owdNovember 29, 2007 10:16 PM

arglybarglyboo
I fwowed all up on u
da keys want click
won I got [*sic*]
arglybarglyboo

MRNovember 30, 2007 11:09 AM

So please set up an example of a dread deed of an abominable animal rights terrorist, which cannot be punished by more than 5 years, Bill... The one you provided is less-than-perfect.

wkwillisNovember 30, 2007 1:22 PM

What I find interesting is that the true purpose of all the antiterrorist legislation is to establish a tax collection regime that can't be evaded.
To pay our social security pensions.
Now which side are you on?

wearableDecember 1, 2007 12:51 AM

One thing I've wondered about with the UK law is whether the following would be legally valid:

I have documents I don't want the government to see, but I only need to access them occasionally. I have a trusted colleague in a foreign country and, after each usage all the documents are securely re-encrypted with a random key which is securely transmitted to my colleague. Each time I need access I get my colleague to relay the decryption key to me. He's strongly instructed only to send me the current key if it's clear I'm not asking for it under duress (which my general circumstances can reveal without me making it clear it's RIPA that's the reason). Then no matter how hard I try to comply with the govt's request I can't decrypt the files when they ask. Am I within the law?

Of course, being within the letter of the law may not really matter given there're probably lots of other ways for a govt to intimidate you, but I'm just curious about it as a philosophical matter.

ScepticDecember 1, 2007 10:24 AM

@wearable

I am doubtful that the police would use RIPA in that situation. My understanding is that RIPA would only apply if the police could get their hands on the encrypted documents so if you store them abroad, there is no legal basis to seize them using UK laws. Here is a related story:

http://observer.guardian.co.uk/business/story/...

In practice, I think the police would try to trick you into handing over the documents by a bit of duress or even tapping your communications if they wanted you badly enough.

UNTERDecember 3, 2007 2:34 PM

Sceptic,

You misunderstood the example. Wearable was positing that you had the document - just not the decryption key, since that was held overseas. It's the inverse of the usual public/private key, more like signing. Your partner sends you his public key, and you encrypt the data. Then you need him to send you his private key to decrypt. The data is never transmitted.

In this case, tapping wouldn't help much, since presumably he'd send you the old private key and a new public key together, and you'd decrypt, append and re-encrypt almost immediately, destroying the unencrypted/old encrypted form. The police would have to tap and be ready to raid as soon as you received the old public key and before you had a chance to re-encrypt and destroy the unencrypted/old encryption data. And if you were to go through such rigamarole, you'd probably have a dead-man's switch on the whole thing, so the police would have to be ready to stop that mechanism as well immediately.

Of course, you couldn't keep backups for that to work. Duress would be difficult to use, because the scenario posits that the partner would err on the side of caution and refuse to transmit the decryption keys if there was any question - keys asked for at the wrong time, from the wrong phone, in the wrong tone of voice, ..., etc. The authorities would be limited to trickery, and no encryption mechanism can protect you if you are tricked into voluntarily divulging your secret.

xreyDecember 3, 2007 2:44 PM

Isn't this essentially an ex-post facto law? If you encrypted something before the law existed, how can you be forced to divulge the key?

AnonymousDecember 3, 2007 8:02 PM

@Beta

I'm not so sure that part of the law is designed to prevent all communication between the person who has been served a RIPA warrant and the rest of the world. That'd be impossible to accomplish. The suspect could have a predefined "warning signal" keyword/phrase/facial expression/hair style. Or it could be communicated in a way similar to what Mordechai Vanunu (http://en.wikipedia.org/wiki/Mordechai_Vanunu) tried (successfully). Or maybe even something more subtle such as tipping off investigators that the key is located offsite (a location which is monitored by affiliates of the suspect).

More likely it is designed to make it harder for the suspect to go through court and fight their case. Closed court sessions and restrictions on who you can use for the defense of your case? And maybe also a touch of "cover up" when the government undoubtedly realizes they completed screwed up and their case is worthless? They hate embarrassment.

IgorDecember 4, 2007 3:17 AM

Just a weird thought ...
If I have to hand over an 'intelligible' form of a encrypted file, can I give any paper document (of course, unrelated to the encrypted file)?
I could say that I do not have the key, but I do have the plain text (in paper). How is someone to refute the claim?

MarkosDecember 4, 2007 7:23 AM

@ Bruce
"If you remember, this was sold to the public as essential for fighting terrorism. It's already being misused."

How so Bruce? This article tells you the seized computers they want to access were seized in raids in May.

Those raids are descibed in the following article as being conducted by the National Extremist Crime Unit against groups engaged in a terrorism campaign:
http://tinyurl.com/22cmmp

Where is the misuse? How does this not qualify as being used for terrorism cases?
Sounds like a bit of reverse profiling bias is evident here. They're not terrorists unless they fit some predetermined notion of what a terrorist is.

MarkosDecember 4, 2007 7:37 AM

Well I see I was well and truly beaten to the punch on that one. I guess this is one of those blogs with just too much integrity to ever issue corrections, retractions, etc.
.
6 days. Credibility 0.

StudentDecember 4, 2007 1:06 PM

Well, as usual on blog comments, everything gets lumped together.
There are 3 relevant issues here.

1: Animal rights activists like SHAC use intimidation, violence and fear to achieve a political end. That *is* the definition of terrorism, is it not?
I'm working at a research lab, and my induction included advice on how to deal with suspicious packages sent to work, and how to avoid threats at home. it's not misguided but peaceful protesters that are the suspects. It's people connected to a known group of violent political thugs.

2. Attempting to make someone prove they *don't* know information is impossible. Unlike demanding that physical evidence is turned over, you can't prove it exists. This is why the letters were stupid.

3. Targeting someone with a dumb law does not make them into an innocent victim. They can still be guilty as hell. it just means you're wasting your time and setting a bad precedent.

The law's being put to its proclaimed purpose of fighting politically motivated violence. Of course, looks like it's other main purpose is grabbing files related to tax evasion (customs can use it)

Whether it *works* is another matter. Also, note the defences mentioned in the Act.
Only if you have been shown to have known the "key", for example, you have been shown to have decrypted that file before, then you have to prove you don't possess it. The equivalent would be "we saw you had these documents, where did you hide them"

Otherwise, you just seem to need to provide create some doubt about that "what key? I didn't ask for that key?", and the prosecution then have to prove beyond all reasonable doubt that you have the key. So framing someone would require further fraudulent evidence of you requesting a key, being involved in the kind of activity that would mean you'd be likely to want the files in the first place etc.

The law also forbids "fishing expeditions " using the key.

So it's potentially dodgy, but not as bad as it's being made out.

R153nmDecember 4, 2007 1:13 PM

You've got to love people showing up and yelling "GOTCHA!" while holding straw (metaphorically) in their hands. Remove the group name and motivations. Now determine why the law applies. If this was a bookie, would we apply the same criteria? We should if the law is sound.

kauder.welschDecember 5, 2007 2:06 PM

This sort of legislation should get us thinking about and spreading the concept of plausible deniability. Note that UK laws requiring you to hand out encryption keys are only a very mild form of cryptoanalysis by sheer force. Assuming that I'd be personally 100% convinced of my cause, I'd personally be probably mildly annoyed but far from intimidated by that sort of laws - worst thing that can happen is that the government has to spend quite some money to keep me locked up but apart from that well fed and indulging in martyr's poses. Pathethic and only promising against those who thinking that their actions would not have consequences (a flourishing attitude, but that's beside the point here). But what about somebody putting a gun against yiour spouses head or offering a whole new set of personal experiences, all revolving around the creative use of a dentists drill and probably some sort of acid. Unfortunately this sort of appeals seem to be very common and quite successful sharpening long and short term memory in large parts of this world. This problem can be overcome or at least mitigated plausibly making deniable that there was any data encrypted in the first place. Steganography has its own sets of problems which won't become less garve as processing power evolves. Do not try to pull the stunt with supposedly unused or redundant bits in graphics files (Q: how long does a run-off-the-mill PC take to process all graphics files on a hard drive, scanning for some non-random patterns in what should be random data. The best solution to the problem, I've encountered so far is part of the open source disk encryption solution truecrypt (www.truecrypt.org). Follow the link when wanting to get information on this, these guys have some really clever thoughts wrapped up into an amazing piece of software. I want to end this text with the observation that people like us (security experts, plain paranoids, technically interested readers, you name it) tend to forget some much more basic means of cryptoanalysis which have little to do with algorithms but a lot with protocols, at least with those written down after torturing or somehow else intimidating people. To provide cryptographic aid to those in such a situation imho holds its merits and can deal with the ill conceived attacks on our privacy, waged by our western "leaders" just as an aside. Share what you know, learn what you don't...

UNTERDecember 5, 2007 8:02 PM

@Student: "1: Animal rights activists like SHAC use intimidation, violence and fear to achieve a political end. That *is* the definition of terrorism, is it not?"

It's not a very good one. By that definition, every government on earth is guilty of terrorism, every police force, every tax man, and so on. You have to add - legally illegitimate for starters; the government is by definition exempt from "terrorism", as long as it's following formal and normal procedure. Second, fear is a very weak metric - every company uses fear for your livelihood to vote in their interests, passing out fliers with "suggested congressman, etc" and no one with any sense openly shares their real political ideas at work. Why not use "terrorized" - having a reasonable fear for your life, not just fear for property destruction or livelihood?

Intimidation is the weakest one of all. You haven't been at all involved in local government, much less national government, if you don't think intimidation is standard operating procedure at all levels of government - you've probably never held yet a corporate job (or are fairly blind to what goes on around you) if you don't see intimidation and posturing every day. So let's strike that one all together.

So, rather than using terrorism to simply mean "political groups we don't agree with", which is what your definition boils down to, let's use "the non-governmental use of terror (reasonable fear for life) for ideological ends". That distinguishes war from terrorism, local thuggery from party-based politics and sets a high standard. Some animal rights activists who use violence are terrorists; others are just criminal, thugs, or in the best of lights are "radical activists".

lewisDecember 6, 2007 7:13 PM

Why would the U.S. Federal government or any state government even bother passing a law requiring a person to divulge a password. If a search warrant is issued for the encrypted information and you don't decrypt the file, you would be in contempt and could be jailed until you do decrypt the file. You could potentially be jailed for life. What would an explicit law add to the government's power?

JMFebruary 10, 2008 6:49 AM

MD: First the justification:-

"... there are groups of activists ... committing criminal acts ... "

"There have been convictions of persons and groups for this kind of activity...."

Then the weasel:-

"The use of RIP is only against that hard-core group who will stop at nothing to achieve their misguided goals..."

Yes MD there are people who have committed criminal acts (for whatever reason) and they have been convicted of them.

No MD, a special law practised only against persons with particular motives that you (and I as it happens) disagree with is not required, nor justified.

All are equal before the law, contrawise none should be singled out.


Gideon SamidMay 21, 2008 5:30 PM

Freedom without privacy is not.
Privacy without Deniability is not.

Deniability is the last refuge of the ordinary folk, against court discovery orders that routinely violate individual privacy, expose personal thoughts in intimate diaries, even in civil divorce cases.

Deniability is a daunting crypto challenge, but one we should face!

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..