Cryptography and jailtime in SA
South Africans can face significant fines or imprisonment if they refuse a judge their password after being ordered to provide it
Refuse a judge your password and face jailtime
Cryptography and jailtime in SA
South Africans can face significant fines or imprisonment if they refuse a judge their password after being ordered to provide it
I suppose it is the same thing as seizing personal documents or searching your house. Didn't read the article but will now. If a Judge wants your password for something, there is probably a damned good reason he wants it. No issue here. May change my opinion after I read the details.
We need a Fifth Amendment in South Africa.
Providers of encryption have to register with the DoC - bwahahah! Yes, I'm sure the global software community is going to line up to register with the South African government.
Yet again, smacks of lawmakers making laws about technology that they do not understand... at all. Do they realise that every time you browse to an SSL encrypted website, the website can be construed as being a cryptography supplier? Do they understand that encryption is pervasive and built in to a huge amount of software and OSs (e.g. Windows encrypting file system)? Do they have a clue that the suppliers of open source cryptography packages probably comprise hundreds of developers from all over the world, and that there's no one company to register for anything in that case, not that any of the developers would give a flying hoot about SA law?
What this amounts to is government forbidding it's citizens from keeping any secrets at all from them. Why is government so threatened by the thought that information might exist that they can't get their grubby little hands on?
This all seems fine and reasonable to me. I just don't get the part about cryptography suppliers. Everyone can use open source cryptography solutions, which are for all intents and purposes uncrackable. See TrueCrypt.
Also see deniable encryption. You can have two passwords. One that reveals a 'fake' secret, and one that reveals the real secret. There will be no way to tell whether you have a second password of not, so they won't be able to prosecute.
I'm very forgetful.Originally Posted by QuintonB
three things that are potentially misleading from the article:
(1) a directive from a judge under RICA is aimed at securing access to the underlying data - not the password or key or anything else.
2) the provisions of the Act apply to encrypted data and it is tenous at best to extend it to require a person hand over their gmail login.
The purpose is to decrypt a fax which incriminates a certain individual as having committed treason by violating his/her office at the behest and pay of a military contractor in the service of a foreign government, and that sort of thing.
3) It is judge - as in High Court - not judicial officer, the article does say judge but it is prevalent for magistrates to be thought of as judges - so your local brandy club president is not in the picture - for which we should probably blame the Americans and the French, and post 1997 Great Britain.
Section 205 of the Criminal Procedure Act on the other hand does give magistrates some pretty extensive interrogatory powers and I can foresee access information being sought under this section.
THIS
Maybe you should read S 35 of the Constitution
As with everything this can be useful or just as bad. I have nothing to hide, any organization can come inspect my software of hardware, but out of principal I will not make it easy, they will have to have all their t's crossed and i's dotted before I hand over any form of password.
"The fool hath said in his heart, There is no God."
You mean Chapter 2. s35. Yes. That is what people should use in this case.
What happens if you "forgot" the password?
There is no other s 35 in the Constitution
Yes, and it is to be found in Chapter 2 if anyone else is looking for it.
Well thanks. It's also called the Bill of Rights
Posting Permissions
Reply With Quote
Bookmarks