More details of how the UK’s new surveillance law will operate have been revealed. The details concerning the use of encryption seem especially silly, possibly written by the staff writers of Monty Python.
Under draft regulations to support the new Investigatory Powers Act, the government will be able to issue ‘technical capability notices’ to companies with more than 10,000 UK users to make it easier for police, spy agencies, Inland Revenue employees, and other government bodies to access UK residents’ private communications.
In particular, the regulations require companies to provide and maintain “the capability to disclose, where practicable, the content of communications or secondary data in an intelligible form and to remove electronic protection applied by or on behalf of the telecommunications operator to the communications or data, or to permit the person to whom the warrant is addressed to remove such electronic protection.”
In other words, the proposed law wants an unlocked “back door” into all forms of encryption in order to read what is going on. Security experts all agree that any such “back door” that is available to government employees will also become available to hackers, credit card thieves, and foreign governments within a matter of months, if not within weeks. It is similar to leaving a key to your house door under the doormat.
Unlocked “back doors” will not remain secret very long.