7 DAYS - Will we all be secure in the New World?

Last week the government announced in the Queen's Speech that it will proceed with a new law to regulate encryption. A consultation paper is expected imminently and will be controversial.

Cryptography, the technology of codes and ciphers, is central to the growth of the information economy.

It is needed to protect transactions which contain confidential data, to secure distribution and payment for intellectual property, to create legally watertight electronic contracts and to guard cyber-infrastructure from systematic attack.

But for many years, intelligence agencies have resisted the commercial proliferation of encryption out of fear that it could threaten their ability to intercept communications. Until recently, the main formal mechanism was export control. In addition, because the government was the main customer of encryption suppliers, companies could be quietly persuaded to limit the strength of encryption sold to other customers. The growth of the Net, the number of applications that use encryption, and the number of encryption suppliers, has eroded these controls.

Many countries' intelligence agencies have proposed more drastic measures.

France and Russia have simply banned commercial cryptography, but a more subtle approach was pioneered by the US government in 1993: 'key escrow', or 'key recovery'. Strong encryption is permitted provided users leave spare copies of their keys with the government, or with a licensed body, the so-called 'trusted third party'.

In June 1996, the UK government announced that, for law enforcement reasons, providers of encryption services would be licensed, and that licences would be available only to large organisations. Small companies and individuals would have to use a trusted third party.

In March 1997, a consultation paper announced proposals for the licensing of trusted third parties. Most responses from industry, professions and academia were critical and argued that the proposed scheme would stifle the UK information economy without delivering any real benefits for law enforcement. The Labour opposition also made a point of condemning it.

Given the global nature of ecommerce, UK policy must take into account international developments. The US retains tight controls, but there is little consensus: several encryption-related bills have stalled in Congress for more than a year, undergoing contradictory revisions in different sub-committees. They range from outright rejection of controls, to various flavours of key escrow.

Several countries have decided that the economic benefits of ecommerce outweigh any concerns about national security or law enforcement and have rejected key escrow. In October 1997, the European Commission published a policy paper on signatures and encryption which stated that 'nobody can be effectively prevented from encrypting data by simply downloading strong encryption software from the Internet'. As a result, restricting encryption could prevent companies and citizens from protecting themselves against criminal attack.

A draft directive on electronic signatures warned that 'different initiatives in the member states lead to a divergent legal situation ... the functioning of the internal market in the field of electronic signatures is going to be endangered'.

This directive could create difficulties for the UK's ecommerce bill.

Although details have not yet been finalised, the basic principles were spelled out at a conference last month. They look remarkably similar to the March 1997 proposals: the main difference is that key escrow will not be mandatory - but with a huge incentive for people to use a licensed trusted third party. In particular, electronic messages which are signed digitally will have the same legal force as paper documents.

People who do not sign up to this scheme will be at a disadvantage. In the event of a dispute, they will have to shoulder the burden of proof that a given electronic message was genuine.

The policy aims to create overwhelming market pressure to encourage the use of licensed services. Industry is not impressed. Microsoft UK's response was typical: 'UK legislation should eliminate all key escrow and recovery requirements and legal recognition should extend to all electronic signatures, not just those issued by licensed certification authorities,' it said.

Even government suppliers are unhappy. A large provider of outsourced services to government stated that 'the key recovery condition will damage the credibility of the scheme and will not impede serious criminals and terrorists who wish to use encryption'.

Professional bodies as well as civil liberties organisations have consistently opposed key recovery.

Justice, the legal reform organisation, made 20 recommendations in its report Under Surveillance: Covert Policing and Human Rights Standards, the first of which was the need for 'a single regulatory system for the lawful interception of all forms of communication (including email) based on a coherent set of principles as required by Article 8 of the European Convention (on Human Rights)'.

A thorough review along these lines would be welcome, because of the many complex issues that key recovery will raise, including:

- whether it will damage UK businesses by compelling the adoption of different technical standards from the rest of the world

- whether it will put the UK in breach of European law

- whether allowing large businesses to manage their own keys will make it harder to prosecute them.

- whether the recovery of a key is a search, seizure or interrogation

- whether a judge will be able to draw adverse inference from a suspect's refusal or inability to produce a key

What is clear is that this highly-complex issue is central to the development of ecommerce in the UK. Businesses will have to ask themselves questions.

Do you need an infrastructure of certificate servers to support the use of cryptography in your business, and if so will you build it yourself or buy it in from a trusted third party?

Will you need to provide certificates to the public? Will your particular application need to be licensed, and if so how will that affect the design?

Which of the competing technical standards will you choose? What will you do about liability? What about consumer protection?

Will your customers be encouraged to do business with you if you are licensed, or use licensed services, or will they be deterred by having to entrust their keys to a third party? How will you support customers overseas, if the software is controlled?

In an ideal world, network managers would be free to use digital signatures and encryption.Providers selling goods and services could rely on signature certificates to create binding contracts, and offer encryption to encourage confidence in their handling of sensitive data.

Large businesses such as BT, Marks & Spencer, Sky-TV and Virgin could offer a one-stop shop, issuing signature certificates and providing encryption software.

All this could operate worldwide and enable firms to compete on level terms with companies from larger national markets such as the US and Japan.

But Chris Sundt, chairman of the CBI's information security panel, says: 'The UK is missing a golden opportunity - the licensing conditions may make the UK uncompetitive and unattractive to inward investment, while important issues of detail concerning legal acceptance of electronic transactions appear to have been neglected.'

The road to a workable encryption policy for ecommerce may yet turn out to be a cul-de-sac.

Caspar Bowden is director of the Foundation for Information Policy Research (www.fipr.org).

WORDS TO WATCH FOR IN THE BILL

Presumption of validity

The incentive to obtain and issue licensed signature certificates is that courts will presume that signatures made with certified keys are valid.

It will not apply to unlicensed certificates. Unlicensed signatures will have to wait for a EU directive which clarifies the law.

All-or-none licensing

Ecommerce businesses might want to get a licence to issue digital signature certificates to be certain that electronic contracts with their customers will be easily enforceable. If the company also wants to offer customers confidentiality, they might wish to remain unlicensed for encryption, in case their customers prefer not to escrow their keys. However, the bill may forbid this.

Applicants may have to declare all the services they intend to offer to customers.

Dual-ended access

Because different keys are used for messages, giving the authorities a decryption key for incoming messages does not mean that they can also unscramble outgoing ones. A licence may depend on being able to provide such access. The only way to guarantee this will be to require customers to use special software, which may make systems incompatible with those of overseas contacts.

Liability

If a party to a contract relies on a certificate and the information proves to be bogus, what is the liability of the issuer? Will everyone who lost money be able to claim, or only the first person to lodge a claim?

Will licensing be flexible enough to allow security standards for different applications?