Data encryption is one method used by criminals to avoid detection, and therefore giving law enforcement agencies access to keys (which make the data intelligible) is perceived as helping in the fight against crime. In 1997 the UK government suggested setting up a network of Trusted Third Parties (TTPs), businesses that would hold encryption keys. Users of encryption were obliged under the proposals to deposit keys with one of these TTPs (key escrow). The TTP would then, in appropriate circumstances, give law enforcement agencies access to the key.
There were a number of concerns about these proposals. Questions were asked about the ability of TTPs to keep keys secure. There were also complaints about greater government surveillance and a reduction in privacy. Eventually the plans were dropped. Instead, a more limited form of access to keys was to be implemented under the Regulation of Investigatory Powers (RIP) Act which was passed last year.
US Congress cited encryption methods as one reason for the failure to gain access to information about the plans for the recent terrorist attacks. There had been speculation that the UK government would use the climate of increased security following the US terrorist acts to return to its previous suggestion of a “key escrow” scheme.
This has proved not to be the case. Instead, the government intends to press ahead with the implementation of sections of RIP Act dealing with encryption. This will give law enforcement officials the power to demand encryption keys in certain cases. The legislation is scheduled to be implemented by the end of the year.