RIPlist Bulletin : HO kill independent review, ISC say Tribunal "incapable", NTAC head, DPCs diss Cybercrime treaty, Hong Kong & Wandsworth R.I.P.

Caspar Bowden cb at
Sun Apr 8 19:00:00 EDT 2001

RIP Bulletin : 9/4/01



4/4/01 Government says yes/maybe then Home Office says no to official
regulation watchdog's call for INDEPENDENT review of RIP (14/12/00)

29/3/01 Official spy watchdog says Investigatory Powers Tribunal "quite
incapable", unable "to open the mail, let alone process and investigate
complaints" -

29/3/01 Home Office takes powers to license IT security contractors
(see STOP PRESS below)
...and NTAC head announced - Asst. Chief Constable Ian Humphreys

22/3/01 EU data commissioners issue devastating critique of Cybercrime
treaty (

19/3/01 PQ: ISP reading e-mail Subject lines for virus checking NOT illegal

19/3/01 Protests over new proposals for HONG KONG decryption powers

14/3/01 Attempt to increase RIP penalty for failure-to-decrypt to 10 years -
only for material seized under Protection of Children Act (as if evidence
that the material was child pornography)

					ELSEWHERE interviews Akerman (ACPO), Abbott (NCIS) and Packam (NCS)

Carnivore renamed "DCS1000" -

Andrew Miller MP's ( private members
bill to increase penalties for all types of copyright offences (including
circumvention of  copy protection) from 2 years to 10 years jail.

			 RIPnews since last bulletin....

		    (full links at

Register 6/4/01: Free software would have prevented foot and mouth, BSE,
Hatfield rail crash - RMS - Wearing socks but no shoes, brown canvas
trousers and a red polo shirt, Stallman is not as other people. Although his
pitch was not new - and he admitted as much - it was probably the first time
the academics, artists and lawyers who made up most of the audience had
heard it expressed so directly. Pausing only for the obligatory swipe at the
UK Government, the Regulation of Investigatory Powers Act and the Private
Security Industry Bill (and tipping his hat to FIPR's Caspar Bowden, also in
the audience) Stallman went on a gentle meander through the history of
copyright, ending at the present day when the media companies own most
copyrights and also (he alleges) own the politicians who make the laws that
maintain the system.

Financial Times 5/4/01: Snooping code delay until end of the year - Iain
Bourne, strategic policy manager at the Information Commission, said: "We
got a lot of very detailed submissions, some of which were longer than the
code itself. The code was supposed to colour in the skeletal outline of the
law. Some thought it went beyond that." The commission will now take expert
advice before publishing the final version of the code, "hopefully by the
end of the year," Mr Bourne added.....The delay risks leaving both employers
and staff in legal limbo. Sarah Veale, senior policy officer at the Trades
Union Congress, said: "A lot of us were relying on the code to clarify when
the right to privacy protects the employee . . . we need it to help
employers, as much as employees. If we're not going to have a code (this
year), then if someone is unfairly treated it means we may have to go to
court. That's got to be the inevitable consequence." The Confederation of
British Industry said it hoped the delay reflected a "fundamental rethink"
of the code. "Our response (to the commission) contained a number of very
serious objections to the code. We said it was too complicated and too long
and that some parts, such as e-mail, were unworkable," said Rod Armitage,
head of legal affairs.

ZDNet UK 4/4/01: Government backtracks on encryption enquiry - Despite
accepting its own taskforce recommendation two weeks ago, the Home Office
now says there will be no independent enquiry into the effects of the
controversial RIP Act...."The impact of the Act should be looked at by an
independent panel to see if the government has got it right or not, rather
than whether or not the industry is happy" <Yaman Akdeniz CRCL> 4/4/2001: "'Shunned' industry scuppers European cybercrime

Guardian 3/4/01: Cyber terror threatens UK's biggest companies - The CMA
asked 172 of its senior personnel ... Thirty-two per cent admitted being the
victim of cyber-terrorism (!!!?!)

Register 3/4/01: Spooks cock snooks at RIP oversight - The RIP Tribunal -
citizens defence against abuses of the Act - has been criticised for being
poorly staffed, so underfunded that the ISC reported in December, that it
was unable to open mail, let alone process complaints. The Tribunal has
confers  no right of cross-examination. But the ISC meekly notes only that
progress needs to be monitored by the next committee. Without an effective
RIP Tribunal, it is impossible for UK citizens to invoke the European
Convention of Human Rights, the only legal recourse available.

ZDNet 3/4/01: Watchdog warns Net policing will go unchecked - "The official
parliamentary watchdog has exposed the [RIP] complaints mechanism as a sham,
and a senior member has highlighted its inadequacy under the European
Convention of Human Rights" <Caspar Bowden, FIPR>

Scotsman 30/3/01: Thriving communications pose new legal implications

Financial Times 29/3/00: IMRG opinion - Spam - E-mail's foot-and-mouth

Register 30/3/01: US company defeats Brit RIP Act - SafeWeb's proxy servers
encrypt all data transmitted between an individual's computer and the Web
sites visited, once they've logged on to the service. Thus the only
information one's ISP can record, hence cough up to nosey Feds, is the fact
that one accessed the SafeWeb site...The company also has an application
called Triangle Boy, which adds an extra layer of security for the truly
paranoid and further obstacles and frustrations for investigators and
censors....Because the T'Boy boxes are distributed randomly, it is virtually
impossible for any government authority to defeat the scheme with filtering,
firewalls or surveillance hardware -- meaning that Netizens in notoriously
authoritarian countries like China, Afghanistan and Britain, say, will be
able to access whatever they please on the Web and leave no trace of their
comings and goings.

Register 19/03/01: Hong Kong ISPs slam encryption demands (see Hong Kong
section for details ) - The concerns are similar to those raised last year
over the UK's government's Regulation of Investigatory Powers (RIP) Bill

NTK 16/3/01 - TOTALISE vs Motley Fool...So British law now says UK Websites
can be sued for libel (because they are publishers) and be compelled to hand
over personal details (because they aren't). Nice... as UKCRYPTO regular
Donald Ramsbottom noted, if the courts have this much power to compel
disclosure: why did they ever need  RIP in the first place?

KableNet 15/3/01: Privacy schooltime - ...what the PIU (when it eventually
reports) must not do is recommend attempts to legislate the privacy issue
away. When the government attempted to move in this direction with its RIP
Act, it was rightly slammed by civil rights groups <Ian Kearns, IPPR>

Caspar Bowden               Tel: +44(0)20 7354 2333
Director, Foundation for Information Policy Research
RIP Information Centre at:

STOP PRESS :(RIP-related ??)
NTK 30/3/01: Registering the troublemakers

VNUnet 3/4/01: IT security firms face prevention or regulation

VNUnet 2/4/01: IT security professionals may be licensed

Computer Weekly: 2/4/01: Government may license IT security consultants 30/3/01: You're not getting in - not with data like that

Register 30/3/01: SysAdmins to need a licence from Home Office?
The idea of the Bill is to bring in a licensing scheme for bouncers, private
investigators and wheelclampers but its current wording clearly includes IT
security consultants and even plain old systems admin folk. Since this
really can't be the intention of the legislation - it would, after all, be
completely unworkable - you have to ask why the Home Office has written it
as such?..."In 1999 the government wanted 'key-escrow' - a copy of
everyone's encryption keys. The RIP Act 2000 allows seizure of anyone's
encryption keys. Do they now want to ban anyone from working with encryption
without a license?" <Caspar Bowden, FIPR> 30/3/01: IT pros may need licences to work- "This looks like a
tactic to keep the government's options open. Unless there are the same cast
iron exemptions for programmers, sysadmins and IT consultants that have been
granted to other professions, the government can introduce licensing by
order at any time." Caspar Bowden, FIPR

Home Office 30/3/01: 'unofficial'  Release

FIPR Release 29/3/01: Govt. stalls on licensing of computer consultants

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list