Government backtracks on encryption enquiry

The Home Office has backtracked on a promise to commission an independent enquiry into the effects of legislation that will give police and other authorities the power to intercept data transmitted over private networks and demand decryption keys from the place where data is encrypted.

The promise was made two weeks ago on the recommendation of the Better Regulation Taskforce (BRTF) -- an independent advisory body backed by the Cabinet Office -- following publication of its Regulating Cyberspace report last December.

In the report, the BRTF recommended that a year after the implementation of RIPA, the controversial parts I and III of the Act should be reviewed to consider whether it is effective in meeting its aims. The Home Office originally accepted the proposal, but is now ruling out the need for an independent enquiry.

"The regulation of legislation is not something that we are adverse to, and we do keep legislation under review to assess whether it is up-to-date and meeting its objectives... but I don't think we will be looking into a independent review," said a Home Office spokesperson.

Cyber-rights advocate Yaman Akdeniz, director of Cyber Rights and Cyber Liberties, argues the BRTF recommendation was a legitimate one that the government should respond to positively.

"The Home Office should be challenged -- there is a need for the government to assess whether the Act is having an impact on law enforcement and cybercrime," he said. "Some organisations thought that the proposals within RIP were not proportionate, therefore it is important to keep the Act under review -- especially by an independent body."

Parts I and III of RIPA have been particularly controversial because they address the interception of communications, and government access to encryption keys respectively. "The recommendations may be early, but once the Act is fully functional, its impact should be kept under constant review," said Akdeniz.

The implementation of RIPA provisions is being staggered. Sections 12 and 13 concerning the interception of communications by Internet Service Providers (ISPs) is still to be implemented at the end of the year. The official government response to BRTF's proposal states, "there will be opportunities to comment on the secondary legislation which will give a practical effect to the Act as it is developed". A Technical Advisory Board has been set up, forming a panel of government and industry representatives to act as an ombudsman in the implementation of these sections.

"Prevention is better than cure... the industry already has a voice in shaping legislation before it has come into force through this panel," said the Home Office spokesperson. "We feel our current procedures will cater for the need for a review of RIP without the need for an independent enquiry," he added.

Akdeniz believes the Home Office is ignoring the real issue here -- "the effectiveness of the Act in the near future has nothing to do with the industry. The impact of the Act should be looked at by an independent panel to see if the government has got it right or not, rather than whether or not the industry is happy".

They can see you... Find out how and why in Surveillance, a ZDNet News Special.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the ZDNet News forum.

Let the editors know what you think in the Mailroom. And read other letters.