The Dutch government is said to be interested in a law that would force people to hand over computer passwords. Interest was raised when encryption software proved to be an obstacle in an investigation. It sounds like it will be similar to the UK’s RIPA, Regulation of Investigatory Powers Act, which allows the incarceration of people who won’t produce a password.
There is a twist, however: it will apply to terrorists and pedophiles only, apparently.
Bill to be Introduced in 2013 After Horrific Crime
This is the statement by the Netherlands’s Ministry of Justice, according to news24.com:
“People suspected of having and trading in child pornography or terrorist activities will soon be compelled to work together to open encrypted files on their computers,” the Dutch justice ministry said in a statement.
Mooted by Justice Minister Ivo Opstelten, the bill will be introduced in parliament in early 2013, it added.
This is a response to a horrendous crime: “The proposal comes after a paedophile called Robert M was sentenced to 18 years in jail earlier this year for abusing some 67 very young children.”
The investigation into Robert M (Dutch law prohibits his last name from being revealed) was considerably slowed down because he used encryption software to secure the contents of his computer.
That computer encryption software can slow down the authorities is true. After all, that’s what encryption software is designed to do: slow down, to the point of impossibility, the unauthorized access to protected data, no matter who the seeker to the data happens to be: the government, criminals, competitors, coworkers, your spouse, friends, etc. Calculations show that correctly implemented, AES-256 encryption — used in AlertBoot Mobile Security for laptops and other hard disks — would take millions of years to crack using all the computing power found in the world today.
Similar Laws Around Europe and the World
As I mentioned above, it sounds like the law might resemble the UK’s RIPA, which makes it possible to incarcerate a person for not handing over password when instructed by the court. Except that, under British law, it’s not limited to terrorists and pedophies.
I was unaware, but apparently Sweden also has a similar law. (No details yet; I’ll have to look into it.)
And, of course, the US has been known to have struggled with the issue of forcing passwords out of suspects.
At the heart of the controversy regarding such laws is, essentially, is producing passwords and such self-incrimination?
And what to do about those instances where a person is set up, or a person truly cannot remember the password? Not being able to produce a working password — because the one under investigation literally cannot — means an automatic, and possibly recurring, prison sentence.
Like any piece of complex legislation, there are no easy answers.
Related Articles and Sites: