The Council of Eurpoe has released a draft of its cybercrime treaty. The
idea here is to get signatory nations to adopt similar laws as their own
national laws. A news article I read states that the treaty would
criminalize some forms of security testing and analysis.
One provision would require:
> Section 2 Procedural law
>
> Article 14 - Search and Seizure of Stored Computer Data
< . . . . >
> 5. Each Party shall take such legislative and other measures as may be
> necessary to empower its competent authorities to order for the purposes
> of criminal investigations and proceedings any person who has knowledge
> about the functioning of the computer system or measures applied to
> secure the computer data therein to provide all necessary information,
> as is reasonable, to enable the undertaking of the measures referred to
> in paragraphs 1 and 4.
This would require giving keys to authorities who were investigating your
system.
The draft treaty (English version) is at:
http://conventions.coe.int/treaty/en/projets/cybercrime.htm
