Another US proposal would ban strong encryption products. Again, critics say that such a ban would severely hamper e-commerce, particularly financial services, without deterring criminals, who would always find illegal encryption products or legal products from other countries.
An anti-terrorism bill, backed by the Bush administration, would require encryption products to include an extra key which could be used by the FBI to decode any intercepted encrypted communications. Some say this is analogous to every individual being required to give a copy of their house key to the local police station. Another argument is that any encryption product with a “back door” is inherently less secure for legitimate business purposes.
Earlier proposals to ban strong encryption products were withdrawn a few years ago in light of industry criticism. The recent terrorist attacks have renewed the debate, although it is unclear if those responsible for the attacks actually used encryption to protect their electronic communications.
Another proposal following the attacks in the US is the introduction of national ID cards, currently being discussed by the governments of the US, the UK and Australia. A recent Mori poll of 513 UK adults showed majority support for ID cards including not just a photograph and date of birth details, but also details of eye colour, a finger print, DNA details, religion and criminal records. Civil liberties groups have voiced opposition, saying that ID cards unreasonably increase police power and information sharing among government agencies. National ID cards already exist in France, Spain, Italy and Greece.
Some commentators also expect UK law enforcement agencies to seek greater powers in the wake of the US attacks.
At present, the UK’s Regulation of Investigatory Powers Act contains provisions which allow the police and other agencies to demand decryption keys from the senders or recipients of encrypted e-mails in certain circumstances. The powers are contained in a part of the Act which is expected to come into force later this year. Before the Act existed, the Government was forced by industry opposition to withdraw a proposal to require that copies of all encryption keys used in the UK be stored with a third party.
A section-by-section analysis of the proposed US Anti-Terrorism Act of 2001
The Electronic Privacy Information Center has prepared a critique of the proposed law