Investigation of encryption protected electronic data under RIPA 2000
Investigation of encryption protected electronic data under RIPA 2000

The following Corporate Crime practice note provides comprehensive and up to date legal information covering:

  • Investigation of encryption protected electronic data under RIPA 2000
  • Investigation of encrypted electronic data
  • When does the power to demand an encryption key arise?
  • Who can give authority for an encryption key demand?
  • Authorisation by a judge
  • Authorisation where the information is obtained under a statutory power
  • Power to demand disclosure of an encryption key
  • Enforcement of disclosure notice
  • Failure to comply with a notice
  • Tipping-off

Although the Investigatory Powers Act 2016 (IPA 2016) repealed and replaced much of the Regulation of Investigatory Powers Act 2000 (RIPA 2000), the provisions in RIPA 2000, Pt III which relate to the power of public bodies to issue notices to decrypt encrypted information or to provide decryption keys remain in force, albeit amended by IPA 2016.

For information on the IPA 2016, see Practice Note: The Investigatory Powers Act 2016—an introductory guide.

Investigation of encrypted electronic data

RIPA 2000, Pt III regulates the investigation by a public authority of electronic data which is protected by encryption. The provisions are supplemented by a Code of Practice which is admissible in evidence in criminal and civil proceedings.

There are a range of means by which businesses, individuals and criminals can secure and protect their electronic data and to maintain the privacy of their electronic communications. The protection of electronic data can be achieved in various ways, including, at a basic level, a password which gives access to the data in an intelligible form. More complex applications use cryptography to protect access to the data and to put the data itself into a form that is unintelligible without the correct password or key. RIPA 2000, Pt III empowers public authorities to require protected electronic information which they have obtained lawfully or are likely to obtain lawfully be put into an

Popular documents