Analysis of Part III of the (draft) Electronics Communications Act 1999

Fragmented Keys

It can be Good Practice to escrow keys so that they can be recovered in the event of a disaster, death or similar situation where the working copy has been lost. It is also Good Practice to split up the escrowed keys so that several people are needed to be present in order to reconstitute the original key. This leads to some interesting problems if the fragmented escrowed key has been demanded under a Section 10 notice.

Ian Miller
I hope the lawyers will excuse my ignorance and go some way to dispelling it.

My understanding is that a legal 'person' can be a 'natural person' or a company. Section 13 seems to refer to just to persons so could refer to either. Assuming the legisation was passed as currently drafted how are the courts likely to rule on the following:-

An individual is a company's senior system administrator (as it happens I am; hence the interest) and they have access to company's master encryption keys. However they only have access by dint of their position, not as a private individual. Release of those keys to a third party is summary dismissal offence. If the system administrator was personally served with a warrant, would they be justified in refusing to comply on the grounds that they, as a private person, have no lawful access to the key?

It strikes me that the precise interpretation of this could be very important in organising the security measures protecting keys.

Brian Morrison
Surely, if they comply with the request, they could then only be dismissed if the company were informed of the disclosure, and that would itself constitute "tipping off" would it not?

Paul Leyland
If the keys were so important to a company, would it not be wise to have them split between multiple parties specifically to prevent any single employee releasing them without authorization? Several "n from m" schemes are available, such that any n persons can recover a key but any n-1 cannot.

This brings up an interesting half-way house in the requirement that keys be released when demanded by the police. Suppose, for example, I have enough information to generate a key if, and only if, I act in collusion with any two other people picked from a group of five. Do I possess the key within the meaning of the Act? If not, who does? Any three people of the six acting together surely possess the key, but no individual or pair can possibly create the key.

Nicholas Bohm
I think this is what clause 12(2)(b) is about: the key is not in your possession, but something is in your possession which, when amalgamated with similar fragments in the possession of others, will yield access to the key.

In that case clause 10 notices have to be served to get the fragments together with information about who else has the other fragments. But awkward when people are in different jurisdictions, some of which don't provide these powers.

Tom Thomson
It brings up an even more interesting question: suppose any five from seven can deliver the key, and each of the five claims to deliver his component, but the resulting key will not decrypt the message. Then it's clear that at least three are lying about ther component, but four could be telling the truth.

David Swarbrick
It is for each individual to establish that he has complied with the notice.

Tom Thomson
There's clearly no way to make a criminal charge stick against any individual, and even in a civil case it can be argued that 4 have complied and 3 haven't so on balance of probabilities any individual is one of the three. (This is different from 3 out of 5 because in the 3/5 case it's clear that the majority are lying and that means the balance of probabilities about any individual is different - in theory that's irrelevant in criminal law, but even there it isn't irrelevant in practice in England and Wales [but probably is in Scotland], and it's definitely relevant in civil law unless I misunderstand English law badly).

David Swarbrick
Why can't a charge stick against an individual. He was asked for a key, and has not delivered it - or has he. If the key does not work, then is it not for him to establish that he can have done no more?

Nicholas Bohm
There have certainly been cases where the prosecution could prove no more than that one out of two defendants committed the offence, without being able to prove which, and without being able to prove any conspiracy. The result is that both are acquitted. The same certainly seems to apply in your example.

David Swarbrick
Surely not? The notice does not need to suggest that the person served need be able to provide all the answer. The definition of key includes 'any part of a key' If you retain any part of what may be required to decrypt the text, it must be surrendered.

Nicholas Bohm
Yes. But if five people each surrender what each of them says is all he has, each claiming that he and the other four together have the necessary components, but the result fails, then it is impossible to prove which of them has withheld something. So it all depends where the burden of proof falls.

A combination of key splitting, steganography and communications using transient keys will clearly defeat this proposed legislation. If deployment of those techniques is in fact good for security generally, and will be promoted by the threat of the legislation, perhaps we should welcome it after all.

David Swarbrick
The legislation will be 'defeated,' if passed, only by the avoidance of use of cryptography. It will always now be possible to communicate securely, but any users of such security must know that, as against their government, and irrespective of their propriety, they will have privacy only at the cost of risking becoming criminals.

Nicholas Bohm
Communications using transient keys are effectively immune to key seizure requirements. Steganographic file systems make it impossible to prove the existence of encrypted material to which to apply the decryption powers.

Ian Miller
If they were to comply, and were subsequently dismissed for doing so, would they have any claim to unfair dismissal? If the warrant was served on the company, then presumably the 'company' is deemed to know about the warrant. Under these circumstances who in the company could be told about it? The directors, shareholders, employees?

Nicholas Bohm
Probably, since they acted under legal compulsion; but this argues for conferring a special legal immunity for the making of a disclosure in good faith in the belief that it was compelled by a clause 10 notice.

David Swarbrick
Only if he tipped off his employer that the key had been compromised! He would then have a claim for unfair dismissal which he could no doubt conduct from his prison cell.

Ross Anderson
But wouldn't it amount to "tipping off" to use the fact of that compulsion in their dismissal case?

Michael Bacon
Following up, can the legal eagles tell us in general, if to comply with one law requires one to break another, where does one stand? (Other than in the dock on one charge or another.)

Nicholas Bohm
Difficult. If the later law expressly requires breach of the earlier, it amounts to an implied repeal of the earlier, and your're not therefore breaking it. But this is rare (and would be a serious failure of parliamentary draftsmanship).

Where the later law imposes an obligation to do something, but the only way, in a particular case, of complying involves a breach of the criminal law, then probably the obligation does not require the breach to be committed.

Back to the analysis of part III

Return to the Draft E-Commerce 1999 Bill Review front page.