Key escrow back on Blair's agenda

US terrorist attacks revive costly plans that will "deliver no benefit"

US terrorist attacks revive costly plans that will "deliver no benefit"

The Government is set to bring back the key escrow powers dropped from the Regulation of Investigatory Powers legislation in the late 1990s after they were discredited by businesses and civil liberties groups.

Senior government sources confirmed to Computer Weekly that former home secretary Jack Straw - now foreign secretary - and his successor, David Blunkett, have discussed the issue following the 11 September attacks on the US.

The source said that key escrow was likely to be introduced as a result of the terrorist threat. "We are definitely considering this. David and Jack believe it was wrong to drop these powers and now is the time to do something about it."

But the plan is certain to cause disquiet among businesses and civil liberties groups. When the idea was first proposed three years ago they successfuly argued that key escrow, which requires organisations to hand over encryption keys to an approved agency, would weaken security and damage trade.

"A lot of people were developing contingency plans to leave the UK if they thought it was going to impose unnecessary commercial burdens on them. They were concerned about weakening of security," said Peter Sommer, security expert at the London School of Economics.

One large company privately told Computer Weekly at the time that it was so worried about the Government's key escrow plans that it would consider pulling out of the UK if they went ahead.

Foreign secretary Straw gave the first indication of the change of view last week in an interview on BBC Radio Four when he said that "naive" campaigners against stronger Internet surveillance laws had hurt the fight against terrorism.

He suggested that with stronger powers the security services might have detected some of the 11 suicide hijackers who are now known to have passed through the UK on their way to the US.

He told the Today programme, "It wasn't Big Brother government, it was government trying to put in place increased powers so that we could preserve and sustain our democracy against this new kind of threat.

"We needed to take powers so that we could de-encrypt commercially encrypted e-mails and other communications because we knew that terrorists were going to use this.

"What happened? Large parts of the industry, backed by some people who I think will now recognise they were very naive, in retrospect, said 'You mustn't do that'."

The Confederation of British Industry, one of the groups originally opposed to the de-encryption proposals reacted with caution.

A spokesman said, "That debate took place in very different circumstances from now so we would want to consult members to see if their views had changed."

Reports from the US this week said that the hijackers had not used encryption to co-ordinate the attacks, although they had sent e-mails in Arabic and English from cybercafes in Florida.

Sommer said the argument that key escrow would combat terrorists made no sense when there were already so many encryption products on the market.

"Key escrow failed in 1998 because the law enforcement 'access to keys' argument made no sense when you realised that there were encryption products out there for terrorists to use. It required companies to go through complex loopholes for really no benefit," he said.

Downing Street said all relevant legislation to do with terrorism was being examined to see if it needed toughening up, but refused to confirm or deny that the Regulation of Investigatory Powers was part of that trawl.

Read more on Data centre hardware