The encryption research prong analyses legal requirements concerned with encryption and decryption. This includes legal rules on the import and export of cryptographic products.
Cryptography has been the subject of extensive legal debate, mainly within the tension of fundamental rights and national security. Image author: Perpecsys. Used under CC.
Encryption under the SIGNAL project
Many Western states (including Norway) have adopted a fairly liberal policy on use of cryptography; i.e. employment of strong encryption by private persons and enterprises has been generally viewed in a positive light.
Western governments have generally refrained from introducing schemes for mandatory key escrow for policing purposes, and the legal frameworks for cryptography have been generally “light touch”. The events of “9/11”, however, catalyzed discussion about the propriety of liberal crypto-policy. And we see increasing pressure in more recent years to facilitate police access to unencrypted or decrypted data sent over the internet.
Crypto-policy and Human Rights
The research will, inter alia, map recent trends and changes in crypto-policy and assess these in relation to current law, including requirements anchored in the 1950 European Convention for the Protection of Human Rights and Fundamental Freedoms (ECHR). An example of a salient issue to be investigated in relation to the ECHR concerns the degree to which police orders to decrypt data violate the right against self-incrimination pursuant to ECHR Article 6 (which deals generally with the right to a fair trial).
A similar issue to be investigated concerns the degree to which mandatory decryption orders are required under Article 19 of the Cybercrime Convention.