§ Mr. LoughtonTo ask the Secretary of State for the Home Department (1) what proposals he has to link the licensing of trusted third parties with key escrow in e-commerce communications; [R] [89334]
(2) what is his policy towards key escrow in e-commerce communications; [R] [89333]
(3) what new powers he proposes to give police and the security services to gain access to encrypted computer files; [R] [89336]
(4) what plans he has to control encryption in e-commerce communications. [R] [89335]
§ Mr. StrawThere will be no mandatory link between key escrow and being an approved provider of cryptography services under the proposed e-commerce legislation. Approved providers will be free to offer those cryptographic services required by their clients. These may, for good business reasons, include the storage of their clients' encryption keys. Encryption technologies are vital for instilling trust in e-commerce transactions and the Government do not propose to control their legitimate use. The same technologies, can, however, also be put to criminal use. In response to this threat, the Government intend to provide the law enforcement, security and intelligence agencies with new powers to require any person, upon service of a properly authorised written notice, to produce specified material in an intelligible form or to disclose relevant material (for example a decryption key) necessary to render it intelligible. The legislation will contain strong safeguards and the powers will only apply to material which is, or has been, lawfully obtained.