Privacy Law and Policy Reporter
Graham GreenleafAs outlined in last month's special issue of PLPR on encryption and privacy, the outlined in last month's special issue of PLPR on encryption and privacy, the technologically advanced countries of the world are scrambling to develop defensible policies on encryption which will balance interests of personal and business privacy on the one hand, and law enforcement and national security needs on the other. Some recent developments in Australia and the UK are noted in this article. Australia -- too many cooks? At least seven different enquiries currently underway in Australia touch on the development of encryption policies. Most visible is probably the AUSTRAC-chaired inquiry into the law enforcement implications of electronic commerce (details below). Austel's Law Enforcement Access Committee (LEAC) is looking at the telecommunications interception aspects. The Online Services Task Force of the Attorney-General's Criminal Law Division, the Wallace review of the financial system, an inter-Department committee headed by the Tax Office, and an electronic counterfeiting study involving Tax, Customs and A-Gs, all include encryption issues in their ambit. Last, but probably not least, is a review being carried out by an adviser to the Attorney-General's Department, a former senior national security officer. In addition, Standards Australia, Australia Post and others are developing public key infrastructure proposals. From all of this, some coherent government policy is supposed to emerge.
AUSTRAC's Electronic Commerce Task Force
The Australian Transaction Reports and Analysis Centre (AUSTRAC) has been asked by the Commonwealth Law Enforcement Board (CLEB -- see http://www.nla.gov.au/cleb/ if unfamiliar) to head an Electronic Commerce Task Force (ECTF) to investigate electronic commerce issues of concern to Commonwealth Law Enforcement. It is to report by November 1996. It is to cover e-cash, smart cards and other forms of `cyberspayments', both domestically and internationally. ECTF's Steering Committee is made of law enforcement agency representatives, who are to invite privacy, banking, consumer, industry, government and other groups to participate in working parties.
Ford on crypto policy
Peter Ford, First Assistant Secretary, Security Division, in Commonwealth Attorney-General's gives some interesting insights in the current thinking from that direction in `Information Security, Censorship and Privacy', a paper presented to an AiC Conference in June 1996 (available at http://www.anu.edu.au/people/Roger.Clarke/II/Ford960619.html). The paper is most interesting in its discussion of the options available to law enforcement and other agencies in the event of strong encryption being widely available in the absence of any compulsory `key escrow' (`trusted third party' or `TTP') schemes. It discusses legislative options to encourage wide use of trusted third parties (which are therefore easier to serve with warrants but maintain covert operations), and suggests (rather ingenuously, perhaps) that a compulsory TTP licensing scheme would `offer better consumer protection'. It also discusses possible amendments to laws concerning evidence, self-incrimination, warrants etc to facilitate investigations and prosecutions in such an environment.
Graham Greenleaf, General Editor.