South Africa moves to increase Net-surveillance, limit crypto

Clive D. W. Feather clive at
Tue Aug 14 06:34:40 EDT 2001

In article <20010813120838.A2040 at>, Declan McCullagh 
<declan at> writes
>* Internet providers may not "provide any telecommunication service which
>does not have the capacity to be monitored." A provider is responsible for
>"decrypting any communication encrypted by a customer if the facility for
>encryption was provided by the service provider concerned." This represents
>an attack on liberty, privacy, and autonomy, and is akin to anti-encryption
>rules in Russia a few years ago. Though as a practical matter, a lot would
>seem to turn on the definition of "provide." Does that mean giving someone
>an SSL-enabled web browser? IPv6 software?

I suspect that it's aimed at link-layer encryption. In other words, 
where the ISP/telco runs one end of the encryption themselves, but the 
most convenient point to tap happens to be on the encrypted part of the 

Given the requirement to tap, this isn't an unreasonable addition.

>* Internet providers cannot reveal wiretaps. "No person who is or was
>concerned in the performance of any function in terms of this Act, may
>disclose any information which he or she obtained in the performance of
>such a function" (except to officials or courts).

That's a fairly standard requirement.

Clive D.W. Feather, writing for himself  | Home: <clive at>
Tel: +44 20 8371 1138 (work)             | Web:  <>
Fax: +44 20 8371 4037 (D-fax)            | Work: <clive at>
Written on my laptop; please observe the Reply-To address
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 477 bytes
Desc: not available
URL: <>

More information about the cryptography mailing list