News

RIP revival could cause IT headaches

Cliff Saran

The government has revived plans to give the police powers to demand encryption keys from individuals and businesses.

Home office minister Liam Byrne told parliament that the Home Office intended to enforce measures in the Regulation of Investigatory Powers (RIP) Act that require disclosure.

“Encryption products are more widely available and are integrated as security features in standard operating systems, so the government has concluded that the time is now right to implement the provisions of part 3 of the RIP Act,” Byrne told the Commons.

The move has raised concerns among some security specialists, who fear it will pose practical difficulties for banks and other businesses that use encrypted communications.

Peter Sommer of the London School of Economics said the proposals would be impractical for businesses that rely on temporary session keys to transmit data, unless they redesigned their systems to record and store all the keys. “Banks would have to set up complex infrastructure to comply,” he said.

The RIP Act introduced statutory powers to force disclosure of encryption keys when it was introduced in 2000, but ministers have delayed the regulations and code of practice needed to implement the powers.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy