The Report of the Special Senate Committee on Security and Intelligence <http://www.parl.gc.ca/36/1/parlbus/commbus/senate/com-e/secu-e/rep-e/repsecintjan99-e.htm> ou en français <http://www.parl.gc.ca/36/1/parlbus/commbus/senate/com-f/secu-f/rep-f/repsecrenjan99-f.htm> was released in January 1999, and it even mentions encryption. In Ch III about Emerging issues, encryption is indentified as important. <http://www.parl.gc.ca/36/1/parlbus/commbus/senate/com-e/secu-e/rep-e/repsecintjan99part3-e.htm#Encryption> "Law enforcement and security intelligence agencies also seek legislative amendments, in particular changes to the Criminal Code, to compel the holder of a cryptographic key or password to give it up in response to a judicial warrant. The Canadian Association of Chiefs of Police has also asked for Criminal Code amendments to criminalize the use of cryptography in the commission of a crime." When mentioning 'mandatory key access' and why the it isn't part of Industry Canada's crypto policy they fail to cite the increase risk of central storage, which has been outlined in at least two major non-restricted papers written in the US. "The Committee also endorses recommendations to amend the Criminal Code to provide lawful access to encryption keys by law enforcement and security intelligence organizations and to criminalize encryption when used in the commission of a crime. The Committee also urges the law enforcement and security intelligence communities to consult with developers and suppliers of cryptography technology and with carriers and service providers so that each side may better understand the requirements and objectives of the other and, hopefully, arrive at mutually-agreed solutions." The report should get bonus points for mentioning chaffing and winnowing. For a summary of the report see the press release. January 14 1999 <http://www.parl.gc.ca/36/1/parlbus/commbus/senate/com-e/secu-e/press-e/14jan99-e.htm> -- M Taylor mctaylor@ / glyphmetrics.ca | privacy.nb.ca
