-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dave Page @ 2008/04/18 06:19: > On Fri, Apr 18, 2008 at 03:11:52PM +0200, Hans Schnehl wrote: > >> I was told in the UK you are obliged to deliver your private gpg/pgp >> keys to the authorities as soon as you use one of these programs for >> yourself. > > [snip] > >> I hope this is a hoax, but just for informational reasons it would be nice if >> someone with the appropriate knowledge could clarify this. > > This isn't anything I'm aware of in UK law, and I'm pretty sure I would > have heard about it if it were. > > The Regulation of Investigatory Powers Act (RIPA) 2000 details the > powers the police have to demand decrypts and keys. You can read more > about it at > http://security.homeoffice.gov.uk/ripa/publication-search/ripa-cop/electronic-information > > Dave
you may want to check [1] back from may 2006. "Part 3 of RIPA gives the police powers to order the disclosure of encryption keys, or force suspects to decrypt encrypted data. Anyone who refuses to hand over a key to the police would face up to two years' imprisonment." there was also some other talk about this here back then[2][3]. i don't see any recent developments regarding this, though.... 1. http://www.zdnet.co.uk/misc/print/0,1000000169,39269746,00.htm 2. http://archives.seul.org/or/talk/May-2006/msg00283.html 3. http://archives.seul.org/or/talk/May-2006/msg00284.html -----BEGIN PGP SIGNATURE----- iD8DBQFICR8VXhfCJNu98qARCFYiAJ0VOfOHOauHhzQIJF1czjLlKmoiAgCePk36 E9duKQApkYoklHBNPYhnLNQ= =iibE -----END PGP SIGNATURE-----