E-C Bill Response: FIPR
FIPR: Foundation for Information Policy Research
FIPR Response to Draft Electronic Commerce Bill 1999
8th October 1999
Communications and Information Industries Directorate
Department of Trade and Industry
Room 220, 151 Buckingham Palace Road
London SW1W 9SS
A response to the DTI consultation paper (CM 4417 23 July 1999)
Foundation for Information Policy Research
The Foundation for Information Policy Research is an independent non-profit organisation that studies the interaction between information technology and society, with special reference to the Internet, from a broad public policy perspective; we do not represent the interests of any trade-group. Our goal is to identify technical developments with significant social impact, commission research into public policy alternatives, and promote public understanding and dialogue between technologists and policy-makers in the UK and Europe.
Permission is granted for publication of this response.
- In time the Internet will become the source of great transformations in social, political, cultural and commercial life, comparable in its effects to the invention of moveable type, the coming of telecommunications by telegraph, the telephone and radio, and the growth of the railways and road transport. Such transformations seem to happen faster and faster; but these are still the very early days of the Internet, despite the fact that it has been in existence for some thirty years. Its potential remains vast, but obscure in the details of how it will unfold. There is no need for panic.
- When considering legislation, there is every need not to panic. The law requiring a motor vehicle to be preceded by a man with a red flag is remembered with well-deserved contempt. More than a trace of the same anxiety is reflected in the draft Electronic Communications Bill. We recommend that it should try to do much less, and should try to do it much better.
Regulation and its Misuses
- Part I of the Bill provides power to introduce a scheme for registering approved providers of cryptography support services. Ministers have spoken of "light touch regulation", but the powers are completely general, and would enable any possible scheme to be imposed, however heavy its touch. Given the Government’s obvious intention of favouring approved providers, and its own prospective importance in the relevant marketplace, the prospect of unlimited and uncertain forms of legislative interference seem to us to cast an unhealthy shadow over the Internet landscape in the UK. In particular, Government pressure for industry self-regulation could lead larger established enterprises to formulate schemes which would prove burdensome to newer less bureaucratic entrants, so hampering the growth of valuable diversity.
- A particular vice of Part I is that a scheme made under it could impose key escrow requirements as a condition for approval. Ministers have made it plain since March of this year that key escrow is ruled out: if Part I is retained, it should expressly preclude the imposition of any key escrow or key recovery requirement through powers to make subordinate legislation.
- If powers must be taken, we suggest that they should be carefully limited to what is necessary, and so formulated that the legislation will guarantee industry and the public an adequate input into the content of any scheme. The mechanism we have in mind is that before any scheme can be made, the Competition Commission must hold a public enquiry into the cryptography support services sector in order to identify the shortcomings which require regulation by a statutory scheme, and to report on the remedies which are required for those shortcomings. The powers of the Secretary of State should be limited to making a scheme to give effect to those remedies.
- But our strong preference would be for no such powers to be taken. It remains wholly obscure whether providers of cryptography support services will in fact play any such pivotal role in the development of the Internet (and electronic commerce) as the Government imagines. The business model which envisages hierarchies of purveyors of electronic identity certificates remains wholly a thing of the imagination. It depends on large-scale engineering of certificate revocation lists, which remains untried and unproven. It has no equivalent in the existing world of commerce, where trust is built up by experience and the financial intermediation of the banking system, whether that commerce takes place face to face, by post or through wires (as it has done for the last hundred years). Indeed, the electronic payment protocol proposed in 1996 by VISA and MasterCard for credit card payments on the net and which was supposed to require such hierarchies - SET - has failed in the marketplace. The main reason is that it would have been very much more expensive than the protocol currently in use (SSL/TLS), which has turned out to be adequate.
- Governments have always seen great advantages in persuading citizens to adopt identity certificates, but citizens have remained resolutely opposed. We think that Government is hoping that the Internet will provide a seductive way of persuading citizens to accept electronic identity certificates. But the importance of data protection and privacy are becoming recognised as key elements in the Information Society, and as the number of Internet users grows we think that objections to identity certificates will in fact prove even greater in the world of the Internet than they were before. The Government should abandon the hope that citizens can be gulled into making their every step in cyberspace trackable for the benefit of government departments and agencies: this is mere wishful thinking, and it continues to distort the Government's view of how electronic commerce will develop and of what regulation is required.
- We urge the Government to postpone attempts to regulate the mechanisms of electronic commerce until the need for regulation emerges from experience. In particular, the notion that the Government can encourage trust in electronic commerce by approving providers of cryptographic support services seems to us farfetched in the extreme. The public at large will have the greatest difficulty in discerning the relevance of cryptographic support services to their security; and those who are knowledgeable about such matters will not regard the Government’s track record on these issues as lending any useful value to its endorsement. The Internet's technical standards are not set by the UK government, but by US industry. And past UK government attempts to introduce personal ID cards by linking them with other IT projects have an extremely poor track record; the disastrous failure of the Pathway project to cut social security fraud is fresh in the industry's memory. Finally, as noted above, the `window of opportunity' in which businesses saw a global hierarchy of public key certificates to be necessary has now passed.
From Paper to Electronics
- Part II of the Bill has the aim of removing impediments to electronic commerce, and we support that aim. But the draft provisions are very unsatisfactory as a way of achieving it.
- Electronic signatures are admissible in evidence under the Civil Evidence Act 1995. What facts they actually prove must depend on expert evidence (if there is a dispute about it). The question is whether an electronic signature is really a signature, since it looks very different from anything previously recognised as a signature, and is made by a very different process. The bolder lawyer will point to the range of things already recognised in law as amounting to a signature; the more cautious will emphasise the differences in the electronic case. We think that the courts will exercise the same robust common sense that they have generally shown over telegrams, telexes and faxes, and recognise electronic signatures as being another kind of signature; but if the matter can conveniently be put beyond doubt by legislation, this must be helpful
- Unfortunately, Clause 7 makes no attempt whatever to address this issue. It provides a limited admissibility for electronic signatures, when there was no doubt about admissibility. It wholly fails to provide that they are in fact signatures in the sense of marks showing the approval of the signatory (as provided in clause 10 of the Australian Electronic Transactions Bill 1999). It seems to us basically misconceived.
- Its language is also unfortunate, even for what it is trying to achieve: it applies only to electronic communications, not to data (by contrast with the definition in clause 19). It may be said that most things that are signed are intended to be communicated, and that may be true; but it is a perverse misuse of language to argue from that observation to the conclusion that everything signed can therefore sensibly be called a communication. To take just one example out of many possible, consider a bank guarantee. Such a document might be very convenient to sign electronically and send to a bank. Does that make a bank guarantee a communication? A bank might reasonably be forgiven for feeling considerable doubt about the question: that is hardly a good advertisement for a clause that is supposed to remove doubts.
- Clause 7(3) does not seem apt to cover the common case where a certificate states that a public key contained in the certificate is one of a pair of which the other key is in the possession of a person identified in the certificate. In that case, neither a signature nor a procedure are certified, or not expressly: it may arguably be implied that in certifying a public key, one is certifying whatever procedure may be required to use it to verify a signature. This is not a satisfactory way to lay doubts to rest on an issue of this kind. The problem would be avoided if clause 7(3)(b) read, "a key to be used in a procedure to be applied ...".
- It is also unfortunate that the word "certified" appears to be used on the basis that it has the meaning attributed to it as a matter of ordinary language, because in the context of public key certificates the same word is invariably used in a technical sense with specific consequences. This gives rise to a risk of serious confusion. The draft EU Electronic Signature Directive uses definitions that avoid this pitfall, providing in particular that "certificate" means an electronic attestation which links signature verification data to a person, and confirms the identity of that person.
- We notice that clause 7 requires to be brought into force by statutory instrument (see clause 24): we think that a clause doing what clause 7 ought to do should come into force automatically.
- The other great problem for electronic commerce, that the law requires some things to be done in writing, and that writing generally means paper writing, is addressed by clause 8. This contemplates that such legislative obstacles will be addressed one by one, by the Government Departments responsible for the fields of legislation in question, by the making of statutory instruments under the clause. This produces neither any immediate effect, nor any guarantee of speedy or consistent progress. It is inconsistent with the approach adopted in the draft EU Directive on Electronic Commerce, which provides that outside the reserved fields, electronic writing is to be generally accepted as equivalent to paper. (Such a change could be effected by replacing the definition of "writing" in the Interpretation Act 1978 with the definition given in section 178 of the Copyright, Designs and Patents Act 1988.)
- We accept that there are cases where such a simple change would produce undesirable effects: bills of exchange may well be examples, since the problems of distinguishing originals from copies would cause serious difficulties. In such cases, the replacements are not simple electronic equivalents but entirely new systems. For example, the Switch debit card has largely replaced the use of cheques in the High Street; and Bolero provides electronic bills of lading based on tamper resistant hardware and a central registration server. A central server is also the mechanism used by CREST to register UK equities electronically. Such systems often require no new legislation, but where they do it is likely to be complex and touch on many more matters than merely the evidential admissibility of certain electronic messages. The general purpose power which the Act proposes is unlikely to be sufficient in such cases, which will typically require primary legislation We therefore consider that a much more dynamic approach is needed.
- We suggest that the Bill should provide that electronic writing will automatically become acceptable where writing was previously required, but after a limited transitional period not exceeding 12 months. During that period, the DTI should have power to exclude the application of the change in any case where it was satisfied that serious adverse consequences would otherwise follow. This will ensure rapid action, and enable the DTI to keep a grip on the process; this could otherwise meander indefinitely, with serious prejudice to the Government's e-commerce targets. And even in excluded cases, there should be provision for periodic subsequent review of the continuing need for exclusion, with a power to terminate the exclusion.
- There will be inevitable technical problems, but just as similar problems in the case of paper have been managed by the use of powers to prescribe forms and formats, so the technical problems should be managed by the initial adoption of basic document standards (such as ascii and html) followed by subsequent refinement.
- As well as objecting to the policy of clause 8, we regard its powers as too wide. Clause 8(4)(d) would enable changes to be made to the burden of proof, and would enable conditions to be imposed requiring signatures to be certified, or, worse, certified by approved service providers. This could even underpin reintroduction of key escrow or key recovery. Use of the power in any such ways would raise important and very contentious policy issues, which should not be done by secondary legislation.
- On the contrary, in relation to the burden of proof we urge that the Bill provide expressly (as does proposed Australian legislation) that unless otherwise agreed between the purported sender and the recipient of an electronic communication, the purported sender of the electronic communication is bound by that communication only if it was sent by the purported sender or with the authority of the purported sender. The same should apply to the signing of data. In relation to certification, we urge that no electronic signature used in connection with any government service should be required to be certified unless a requirement for certification also applies to a paper signature made for the same purpose. Without such provisions, the Bill will enable the transition to electronic commerce to be made an occasion for binding the unwary to forgeries made in their name, or for introducing either an identity card scheme or other new and objectionable layers of administrative bureaucracy. Corresponding restrictions should be imposed on the powers already conferred for similar purposes on the Commissioners of Inland Revenue and the Commissioners of Customs and Excise under section 132 of the Finance Act 1999.
- On one point, the powers under clause 8 seem too narrow: although provisions can be made for determining when an electronic act is done, the same is not true about where it is done. This can be important in relation to choice of law and jurisdiction, and in relation to the application of mandatory rules of the relevant domestic jurisdiction (for example, rules for the protection of consumers).
- As regards Part III of the Bill, we draw attention to the delay and difficulty which has already been caused by Government endeavours to shape electronic commerce policy and legislation in ways designed for the benefit of the intelligence agencies (for which law enforcement bodies have acted as little more than a front). Delay, difficulty and controversy are unhelpful and damaging to electronic commerce and the wider benefits that we hope will flow from the success of the Internet. We are critical of the Government for linking the well-intentioned objectives of Part II of the Bill to the proposals in Part III, which raise many highly controversial issues (addressed below).
A sensible power
- We would see much less objection to the inclusion in the Bill of moderate and sensible provisions confirming (and if necessary extending from the civil to the criminal sphere) the existing powers of the courts to require that material which parties or witness are required to produce should be produced in intelligible form where the party or witness is able to do so. There might need to be a new power to subpoena a person to use a key to decrypt a document. These provisions should be expressly made subject to the privilege against self-incrimination. Anything wider or more invasive should be clearly dissociated from the promotion of electronic commerce and should take its place in the criminal justice legislation to which the review of the Interception of Communications Act 1985 will in any case lead in due course.
- As an aside, deployment of cryptographic security is essential for the protection of the infrastructure of the Information Society and the privacy of its citizens. It is an absolutely inevitable side-effect that some part of the huge increases made by the intelligence agencies and law enforcement bodies in the last twenty or thirty years in their capacity to obtain intelligence will be rolled back. Legislation cannot undo this fact. It is easy to see that even the current proposals of Part III would be useless in the face of steganographic file systems and encrypted communications using ephemeral keys not retained by the parties.
- We think that the whole approach of Part III (trying to erect an adjectival superstructure over diverse existing powers of surreptitious or open surveillance and search) is visibly collapsing under the weight of its own complexity. It also contains oppressive provisions which contravene the privilege against self-incrimination and the presumption of innocence (both protected by Article 6 of the European Convention on Human Rights) and amount to an unjustifiable interference with privacy (contrary to Article 8 of the European Convention on Human Rights).
- We shall very shortly be able to provide the Joint Advice of Professor Jack Beatson, Q.C., and Mr. Tim Eicke on human rights issues under the European Convention, dealing with these matters in detail. We think it is also right to point out how fundamental these issues are in Anglo-Saxon common law. The Parliament of the State of Victoria has made the following observation:
"In particular, the right [of silence] and the privilege [against self-incrimination] are commonly said to have originated in the abolition of the Court of Star Chamber....these courts were highly unpopular, largely because they were used to suppress religious and political dissent. But their procedures were also seen as oppressive, with the judges of both courts having the power to interrogate an accused person on oath. This meant that an accused person could be compelled by threat of punishment to swear an oath to tell the truth, and could then be interrogated by the court in order to determine whether or not he or she had committed an offence.
This exposed the accused to what the High Court has described as `the "cruel trilemma" of punishment for refusal to testify, punishment for truthful testimony or perjury (and the consequential possibility of punishment)'...
Perhaps the most objectionable aspect of the procedure was that the accused could be interrogated on oath before any charges were laid, and without having even been informed of what it was that he or she was alleged to have done. Interrogation on oath could thus be used as a `fishing expedition', to try and produce evidence of some as yet undisclosed and unidentified criminality".
The Right To Silence: An Examination Of The Issues, Scrutiny Of Acts And Regulations Committee, Parliament of Victoria
- We urge a more moderate and sensible approach than that of Part III in its present form, as suggested above. We nevertheless address a number of detailed defects, while making it clear that their removal would not overcome our more general objections.
Points of Detail
- Clause 10(1) should not attempt to cover protected information not yet in the possession of the relevant person, because to do so precludes the addressee of a notice from providing plaintext or a session key (unless he happens to have the information himself already); and provision of a long-term key permits unjustifiably wide access to other private information.
- A section 10 notice should be accompanied by the protected information in electronic form so that the addressee can provide plaintext, and if necessary demonstrate the correspondence of plaintext and ciphertext. Provision of the information will often be necessary to enable the recipient of the notice to find out what key it is encrypted under: it is unreasonable to expect the recipient to disclose all keys in his possession, none of which may be relevant. And where tamper-resistant devices are used, disclosure of keys may be impracticable: all that can be done is to decrypt under supervision.
- Clause 10 and its related provisions present great difficulties where encrypted information is held by large commercial, financial, academic or other organisations. Members of their governing bodies may have the authority to provide access, but will often not have the technical means. Those with the technical means may be subject to explicit and compelling duties forbidding them to provide access without proper internal authority, and their systems may reveal that they have given exceptional access. It is not clear how the provisions work in the context of a large organisation, and to whom a notice would be given. Where the organisation is not itself regarded as the target of a criminal investigation, such cases cry out for a less draconian approach.
- In our view the invasion of privacy represented by compulsory decryption should always require judicial authorisation on specified statutory grounds based on sworn evidence. The intended recipient should be notified of the order unless the judge can be satisfied that there is justification for not doing so. (Clauses 10(1)(c) and (d) are notably deficient in failing to establish any criteria by which the justification for a decryption notice should be determined: this is in marked contrast to the clear criteria laid down, for example, in the Police and Criminal Evidence Act 1984 which must be satisfied by magistrates or judges issuing search warrants.) Where the information is held by an organisation, the necessary internal communications for a proper response must be permitted. The legislation should ensure that this is the case, and not merely rely on the sensible exercise of statutory discretions. This is of special importance at a time when the Internet industry is acutely aware of the very limited understanding of technical issues possessed by most law enforcement bodies.
- Legislation must also take account of the practicalities of warranted decryption. The bill appears to assume that persons served with a notice will be in a position to hand over cryptographic keys; but this is not the case with most products on the market. In the case of the product with which law enforcement appears most concerned (PGP), the natural way for a user to comply with a warrant at present would be to decrypt the requested material. If government insists on forcing the disclosure of the user's master key, then the user would have to hand over their secret keyring and their passphrase - in effect allowing the police to replicate their system.
- However, many systems resist such replication. The SIM smartcard in a mobile phone is designed to be tamper-resistant, while a bank's mainframe computer installation may be too expensive for a police force to replicate (as well as containing much private and commercially confidential data concerning uninvolved third parties to which a court would be highly unlikely to grant warranted access). Bank systems are the object of frequent police enquiries, and it has been found satisfactory for the Bank to extract the requested information and provide it as a copy statement or as a print-out supported by a PACE s 69 certificate. No case has been made for replacing this limited and controlled access with the kind of global access that would result if (for example) a bank manager were compelled to hand over the password with which he logs on to the system. Yet clause 10 appears to give a law enforcement agency precisely the power to compel that a manager disclose his password without telling his employer of the disclosure. This may be convenient for the police, in that given such a password they would not have to disclose the name of the customer under investigation, but it will surely not be acceptable to the banking industry (since given the logon password an unscrupulous policeman could commit serious frauds for which the manager would be blamed without having the ability to defend himself).
- Government may be tempted to demand master keys in the case of products such as PGP simply because it is possible with the current version of the product. However, this is unlikely to last. The introduction of processor serial numbers, and the forthcoming introduction of private-public keypairs in processors, will make it easy to tie decryption to a specific machine; there will be many legitimate reasons to offer this as an option in encryption products.
- Thus we expect that in the medium term, system replication will be much less easy than it is today. There seems to be no justification for greatly extending police powers of access to systems in general when the risk is enormous and the benefit is likely to be nugatory.
Some specific Human Rights issues
- Article 6 of the European Convention on Human Rights, providing for the right to a fair trial, has been held by the European Court of Human Rights to include the right for the accused not to be compelled to provide information which can be used against him. The Court has held that the prosecution must prove its case without resort to evidence obtained through coercion and oppression in defiance of the will of the accused. The cases in which this principle has been upheld are Funke v France (1993) 16 EHRR 297 and Saunders v UK (1997) 23 EHRR 313.
- It appears to be the contention of the Home Office (which has been regrettably unwilling to debate these issues to enable them to be properly addressed) that decryption orders are analogous to search warrants or orders for compulsory fingerprinting. But such orders do no more than authorise what would otherwise be an application of unlawful force. The Court has made it clear that it is different, and unacceptable, to compel the accused to say where documents are hidden or how other evidence against him may be obtained, on pain of penalties for refusing. Encrypting a document is just another way of hiding it, and we think that the cases show that compulsory decryption under clause 12(1) must be made subject to the right of the recipient of a notice to refuse to incriminate himself by decrypting or by admitting knowledge or possession of a key. This does not of course prevent witnesses from being compelled to decrypt, and a useful analogy can be drawn with the powers of the Serious Fraud Office to compel replies to their enquiries: those replies cannot generally be used in evidence in proceedings against the person who gives them.
- Article 6(2) of the Convention lays down explicitly that "Everyone charged with a criminal offence shall be presumed innocent until proved guilty according to law." It is not necessarily incompatible with this provision to require the accused to prove a defence: in Lingens and Leitgen v Austria (1981) 4 EHRR 373, 390-391, such a requirement was justified by the fact that it was unfair to impose on a prosecutor the burden of proving a negative. But reversing the burden of proof must be confined within reasonable limits in its application to individual cases, as the Court held in Salabiaku v France (1988) 13 EHRR 379 and Hoang v France (1992) 16 EHRR 53.
- The presumption of innocence is of course not newly introduced into English law by the Convention, but has long been a fundamental part of English criminal law. We think the views of the Privy Council in Attorney-General of Hong Kong v Lee Kwong-Kut  AC 951 are highly relevant. The court was applying the presumption of innocence as set out in the Hong Kong Bill of Rights, and considering whether an offence created by earlier legislation had been repealed by the Bill of Rights by virtue of being incompatible with that presumption. The offence was defined as possessing cash reasonably suspected of being stolen without giving the court a satisfactory explanation. The court held that the accused's opportunity to explain was not truly a defence but that his inability to explain was the most important element of the offence, and that the burden on the prosecution had been reduced to proving merely formal matters: this contravened the presumption of innocence, and the offence was held to have been repealed.
- It is clear that the presumption of innocence must be applied as a matter of substance, and not merely of form. It is therefore necessary to consider whether what has been cast in clause 12(2) as a defence of non-possession, and in clause 13(8) as a defence of ignorance, is in each case truly a defence; or whether in reality possession of the key, or knowledge of the secrecy provision, is an essential element of the offence. We think it is easy to see that the natural way to describe these offences is "failing to disclose a key in the accused’s possession" and "knowingly disregarding a secrecy obligation imposed on another", and that ingeniously contorting them into the shapes found in clauses 12(2) and 13(8) has the effect of largely reducing the burden on the prosecution to proving formalities. And if the Court in Lingens and Leitgen v Austria (cited above) thought it unfair to impose on a prosecutor the burden of proving a negative, we think there can be no doubt whatever that it would think the same of the impossible burdens imposed on the accused under clauses 12(2) and 13(8). We think it is an inescapable conclusion that these provisions infringe Article 6(2) of the Convention.
- Clause 13 creates a "tipping off" offence. This seems to us to be in practice ineffectual and to produce absurd and obnoxious effects, probably because its policy pays no sensible regard to the technical context. Many lawyers who have considered the point have concluded that it is not an offence under this clause to revoke a key which has been disclosed under clause 10. Other lawyers and many laymen have expressed considerable doubt and anxiety on the point, however. We think that to prohibit revocation of a disclosed key would be deeply objectionable, because it compromises the security of all future communications, which is disproportionate to the legitimate objectives of decryption. But if a key is permitted to be revoked, and that fact published in the normal way, its owner is likely to received enquiries about the reason. If he declines to explain, as he must, those enquiring will draw the inference that it was disclosed under clause 10. But he can hardly be under a statutory duty to lie, let alone a duty to lie convincingly. So the clause is ineffectual. Meanwhile, the secrecy obligation can drive a wedge between family members, or between employer and staff, and could prevent legitimate complaint about what might be an oppressive use of decryption powers.
- Clause 15(2) is unacceptably weak in imposing a duty so purely subjective that it is in practice unenforceable.
- Clause 18 makes no provision for compensation in cases where a section 10 notice has been given by someone other than the Secretary of State.
Return to Library Listing.
Return to FIPR Front page.
Last Revised: October 8 1999