STAND (http://www.stand.org.uk) is an exercise in online participation in democracy. It consists of over three thousand volunteers from six hundred constituencies who have offered to assist members of parliament in understanding the issues behind new information and communications technology. While STAND does not act as a platform for a single political viewpoint, participating members have expressed a broad consensus on a number of technical issues.

The following written submission expresses our concerns regarding the proposed E-Commerce bill. We strongly believe it represents the concerns of many others who - like us - depend on the Internet for their business today, and are involved in creating the British technologies of tomorrow.

This document was perforce written before the full consultation paper was released by the Department of Trade and Industry. As such, many of our comments are based on the formal briefing provided by Stephen Pride of the DTI at the ICX conference in November[1]. We understand that some details may have changed in the interim - particularly as the consultation paper has now been delayed by several months. However, most of our objections are based on what we believe to be the misled grounding of the bill rather than the implementation details. Whatever the final form of this document, the principals we express here should be applicable.

The proposals lend government support to the establishment of a voluntary key escrow system for public key encryption on the Internet. Key escrow systems require that the encryption keys used to protect data in transit are placed in trust with a third party. Suggested third parties include British Telecom, banks and other agencies that may already be considered trustworthy by the public.

The customary explanation for key escrow is that it permits law enforcement access to communications suspected of concealing criminal activities. We believe the voluntary escrow of communications keys fails to live up to this expectation, and will have little effect on the control of illicit activities on the Internet. We believe it may, by weakening Internet security for those who adopt it, actively increase criminal activity in the UK. We believe that even voluntary support for such a system will damage British business interests. And we believe that the key escrow system outlined in the government’s proposals unacceptably affects the civil liberties of British citizens.

Key Escrow and Law Enforcement

Government support for key escrow will have little effect on criminal activity on the Internet. There are many ways by which criminals will transparently circumvent the law, without fear of detection or prosecution. Software providing unbreakable encryption is already in widespread use on the Internet, for business and for personal use. This software is readily available, and costs nothing. It is extremely unlikely that government support will encourage criminals to switch to commercial software that deliberately leaks their private keys to a third party.

Furthermore the implementation of a key escrow system provides numerous opportunities for criminal activity that would otherwise be impossible. When keys are maintained in centralised databases, the investment required by criminals to obtain secure information is dramatically minimised. Such a repository would represent too good a target to resist, as any successful infiltration could provide access to large numbers of keys with which to unlock (without detection) large amounts of data.

A customary method to improve the security of encrypted communications is to regularly change a company’s encryption key. Many contemporary encryption systems use a different private key for each communication session. By prescribing key escrow, the government will be supporting a standard that is profoundly weaker than this commonly used practice. Either the keys will have to be kept long after the communication has completed - a dangerous and unnecessary weakening of the current practice - or the keys will have to be transmitted to a third party simultaneously with the encrypted transmission. Both solutions considerably increase the chances of a key passing to unauthorised third parties.

Finally, evidence has not been submitted to the public regarding scenarios in which the new key escrow system would aid the apprehension of criminals. In a recent announcement by the National Criminal Investigation Service [3], several case studies were presented of criminal activity which involved encryption. The NCIS Director General, John Abbott, implied that these cases would have been easier to solve within a key escrow regime. However, all the examples given involved local encryption of permanent data. Such encryption would be possible (and not unlawful) in the regime following the new law, and would be unaffected by the proposals.

Government support for key escrow profoundly impacts Britain’s position in the global marketplace, not just for encryption products, but for all goods and services traded via electronic commerce. While the government’s proposals insist that the system will be voluntary, it must be understood that that British companies providing encryption services will be encouraged to develop key escrow systems in preference to more secure methods.

Despite the government’s assurances, support for key escrow does favour one technical system over another. Certain additional requirements being mooted (such as dual-ended access) virtually prescribe a particular encryption algorithmn. Even if these are dropped, key escrow necessarily favours certain technical systems over others because most encryption systems in widespread use do not support key escrow. Furthermore, because key escrow is a political requirement that inherently reduces data security it is not incorporated into the strongest systems. It is therefore fair to say that the most effective systems are the ones most discriminated against by these proposals.

Moreover, Britain is currently one of the centres of excellence in non-escrow systems: Microsoft’s centre at Cambridge for instance, was formed to take advantage of the cryptographic expertise there,and also of a legal export regieme that was more welcoming than that of the competing United States. To settle on a key escrow system here when other countries are standardising on stronger encryption will damage the ability of thesecompanies to compete in the global market.

The Internet is a remarkably fluid and responsive marketplace, but most companies are understandably suspicious of its lack of in-built security controls. Our experience suggests that business will freely move to sites and software that gives security the highest priority. With the government proposals in place, these sites, this software, will not be created in Britain.

Key escrow is a weak security system, both technically and in its appearence to the consumer. Internet users already express a lack of confidence in the security of their online transactions. The knowledge that the key to all their transactions is being sent to a third party will do nothing to improve that confidence.

Enforcing a key escrow system is cumbersome, and costly to maintain. This cost will be, in the highly competitive world of electronic commerce, be passed onto the consumer. British products and services of all kinds will therefore incur excess costs beyond that of competing nations.

In the words of some of the most respected experts in this field, including two of the creators of the public key encryption system, as well as experts at Microsoft, AT&T, Cambridge University, MIT, and the Stanford Research Institute:

"The deployment of key-recovery-based encryption infrastructures to meet law enforcement’s stated specifications will result in

substantial sacrifices in security and greatly increased costs to the end-user. Building the secure computer-communication

infrastructures necessary to provide adequate technological underpinnings demanded by these requirements would be enormously complex and is far beyond the experience and current competency of the field. Even if such infrastructures could be built, the risks and costs of such an operating environment may ultimately prove unacceptable. In addition, these infrastructures would generally require extraordinary levels of human trustworthiness. [4] "

Standards for secure communication on the Internet already exist [5]. Support for these standards by the British government would help build confidence. No currently promoted system for secure communication advocates key escrow, nor is it likely to, given the overwhelming objection to such systems by computer security experts. Encouraging companies to develop new standards, incompatible with the accepted protocols of the Internet, will slow market growth. At best, the governments support for voluntary key escrow will be ignored by business. At worst, it will confuse matters irrevocably, and retard Internet e-commerce in this country well into the next century.

STAND is concerned that within the initial DTI discussion proposed that the new Bill will "clarify" certain powers of law enforcement with regard obtaining encryption keys. While these clarifications are ironically somewhat unclear at this stage, we would like to highlight our objections to some of the suggested contents.

While the declared intention of the DTI is merely to apply the law in the offline world online, how this can be achieved is not clear-cut: if it was, there would be no legal confusion requiring clarification. It is useful when considering the balance of appropriate powers and civil liberties to remember that this field covers all areas of law enforcement: not merely the Police, but also Child Support Agency, Customs & Excise, Inland Revenue, Contributions Agency, Social Security and every other area where disclosure of information can be required by law.

It has been implied that private keys to encrypted communications may be obtainable using a simple PACE warrant, requiring only the permission of a senior police officer. The current legal position of an message waiting for collection on a network server is unclear, and revolves around whether to treat that message as a communication (thus requiring a Home Secretary’s warrant under the Interception of Communications Act) or as stored data, which can be obtained under the lesser safeguards of the Police And Criminal Evidence Act.

A simple solution in the case of an encrypted message would be to treat it as a communication while stored on servers whose controllers do not possess the key, and as stored data at other times. A government Bill could usefully enact this suggestion; however STAND fears that the intention is to do the reverse, providing the Secretary of State with an effective power to determine that all online communications can be treated as stored data, as they must be stored on a computer system while in transmission.

The introduction of a new criminal offence of revealing to a surveillance target (who may not be a suspect in any investigation but merely be supposed to be in possession of information required by the enforcement official) that his or her key has been passed on to law enforcement officers. While we understand the reasoning beyond such a move, we find it disquieting that no parallel obligation has been included, requiring the such surveillance to be revealed as having occurred after the case has been closed (and a suitably short period of time has elapsed). Given the ease by which key escrow allows the transparent surveillance of a large number of suspects, we believe that such a check is an absolute necessity.

We strongly believe that these measures do more than simply clarify existing practice. Moreover, they have no place in a Bill intended to primarily encourage, standardise, and promote electronic commerce. We do, however, recognise that a formal statement of the powers of enforcement officers in this area would benefit the police and civil service compliance officers, business interests, and civil liberties. We suggest that a better placing for these issues is in a bill devoted to lawful access to traffic: namely, the Home Office’s current consultations on an updating of the 1985 Interception of Communications Act.

STAND members represent a broad cross-section of political opinion, but we are all united in our practical understanding of how the Internet is used today in business and everyday affairs. Our combined experience suggests that government support for a key escrow system will damage the fledgling Internet business in this country, and harm the civil liberties of innocent British citizens, while doing nothing to assist law enforcement in apprehending criminals.

Members may wish to obtain free advice on Internet and computing technology in their own constituency. STAND holds a database of volunteers who will be happy to provide briefings on the Internet in general, and its use in their area - including local success stories and newsworthy activities. Interested parties can either e-mail us at mp@stand.org.uk or telephone 07050 605010, and we will put you in contact.

Many of the cited sources in this document are available for free on the World Wide Web. You can access the Web via the House of Commons library. In the case of shorter documents, copies have been included (with the permission of the copyright holder) in Appendix III.

[1] "Building Confidence in Electronic Commerce: The UK Government Initiative", 19^th October 1998, http://www.icx.org/

[2] - The updated submission will be passed on to the Committee Secretary, and available for public viewing at http://www.stand.org.uk/select.html

[4] "The Risks of Key Recovery, Key Escrow, and Trusted Third Party Encryption", Abelson et al, July 98 -

http://www.cdt.org/crypto/risks98/

[5] The Internet Engineering Task Force, the principal standards authority for the Internet, provides for a number of encryption standards - S/MIME for secure e-mail, and the SSH and SSL protocols for secure communications. All are already in common use. See http://www.ietf.org/ for more details.