South Africa moves to increase Net-surveillance, limit crypto

[Clive D. W. Feather]

In article <20010813120838.A2040 at cluebot.com>, Declan McCullagh 
<declan at well.com> writes
>* Internet providers may not "provide any telecommunication service which
>does not have the capacity to be monitored." A provider is responsible for
>"decrypting any communication encrypted by a customer if the facility for
>encryption was provided by the service provider concerned." This represents
>an attack on liberty, privacy, and autonomy, and is akin to anti-encryption
>rules in Russia a few years ago. Though as a practical matter, a lot would
>seem to turn on the definition of "provide." Does that mean giving someone
>an SSL-enabled web browser? IPv6 software?

I suspect that it's aimed at link-layer encryption. In other words, 
where the ISP/telco runs one end of the encryption themselves, but the 
most convenient point to tap happens to be on the encrypted part of the 
link.

Given the requirement to tap, this isn't an unreasonable addition.

>* Internet providers cannot reveal wiretaps. "No person who is or was
>concerned in the performance of any function in terms of this Act, may
>disclose any information which he or she obtained in the performance of
>such a function" (except to officials or courts).

That's a fairly standard requirement.

-- 
Clive D.W. Feather, writing for himself  | Home: <clive at davros.org>
Tel: +44 20 8371 1138 (work)             | Web:  <http://www.davros.org>
Fax: +44 20 8371 4037 (D-fax)            | Work: <clive at demon.net>
Written on my laptop; please observe the Reply-To address
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 477 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20010814/00ea00b5/attachment.pgp>