Key escrow may still be on government agenda for UK

Fears that the government "has yet to rid itself of its previous attachment to key escrow" were expressed today by the House of Commons select committee on Trade and Industry.

The committee's report on the Draft Electronic Communications Bill, which said that "rather than rule out key escrow because of the wide range of criticisms made about it by industry, civil liberties campaigners, computer experts and others, the government has simply admitted that its widespread adoption is unlikely at present."

It recommends that legislation should explicitly exclude the use of key escrow as a criterion for accreditation under a statutory scheme.

It also advises that the forthcoming Bill should not permit the introduction of key escrow through the back door - for example, by an addition to the accreditation for trusted service providers of cryptography services if a statutory regime were in force.

However, it says the government "chose not to answer this point."

The report also recommends that legislation to clarify the admissibility of electronic signatures in legal proceedings, and to enable the definitions of words such as writing and signature in law, be updated to take account of electronic communications.

"There is a need for a Bill to sweep away existing legislative barriers to electronic commerce," it states.

Opponents to new powers to enable law enforcement agencies to have access to encrypted materials were dealt a blow by the report.

"We have seen nothing that would substantiate some hysterical comment to the effect that the government's proposed new power to require decryption represents a major assault on our rights," it said.

However, it questions the urgency with which the proposal is being introduced, and recommends "early publication of the criteria by which law enforcement agencies will decide whether to require a private encryption key or plain text of an encrypted message."

Yaman Akdeniz, director of Cyber-Rights & Cyber-Liberties (UK) said: "Part three of the Electronic Communications Bill, which deals with law enforcement issues, remains controversial."

He said that the Bill should have been about electronic commerce and that part three should have been dealt with elsewhere, "especially in the absence of substantial evidence from the government to show that encryption is a major current problem for law enforcement agencies."