Law Forum
  Law Books

Adverts from Google:
 
 
Google
 
Web www.swarb.co.uk

Secure Communications

We like working with clients over Internet, but e-mail is insecure. It is like sending a postcard. The chances are that nobody will bother to intercept your e-mail and read it. There isn't even a postman who might look inquisitively, but for some letters and documents, someone just might. We should discuss what needs to be done and what can be done.

We would not normally write you on a postcard, and so we see a duty at least to discuss the matter first. Even if we do not use encryption when dealing with clients in the normal course, there may be occasional items which you, or we, will think it appropriate to encrypt.

We cannot run too many different kinds of encryption with different clients, and so will use one additional service, the TEA encryption system. TEA is public domain, it is freely available and useable, and fairly easy to implement, and to use. We can send a Windows program to you upon request, with brief instructions on how to install it, and use it. We are here to act as lawyers not computer support engineers. We can if need be refer you on to someone who may be able to help you, but they must of course charge for that work.

Having agreed an encryption standard, we must agree a pass-phrase - the key which will lock and unlock any encrypted material we may wish to pass either way. It is a chance for us both to discuss the use of time-honoured phrases such as 'The white panther stalks the dawn chorus' (well, you see what we mean). This pass-phrase should be agreed by a separate method outside Internet (there is little point in passing it insecurely).

We will also ask you for a question, and its answer. This is chosen by you, to which only you will know the answer, but which you will easily know the answer. We will record this, so that if you ever lose your password, we can confirm your identity before revealing it.

Nothing is perfectly secure. Encryption will keep your e-mails secure against all but the most determined attack. If you suspect at all that any pass phrase may no longer be secure, please be sure to let us know immediately.


Why not PGP? We like PGP, and believe it has huge potential value and social significance. It does however require significant computer literacy to implement and use it. PGP is not freely licensed for commercial use. Both we and our clients would need licences, and until the political and regulatory background has settled down, it seems inappropriate to tie our tails to it. One day soon perhaps ...

The Regulation of Investigatory Powers Act 2000 was intended to discourage you using PGP. It succeeds.

Important: Please note that our law-bytes are retained for archival purposes only. The law changes, and these notes are often, now, out of date. You must take direct advice on your own personal situation and the law as it currently stands.
All information on this site is in general and summary form only. The content of any page on this site may be out of date and or incomplete, and you should not not rely directly upon it. Take direct professional legal advice which reflects your own particular situation.
Home |  lawindexpro |  Forum | 
| Two Doves Counselling | Faulty Flipper
Copyright and Database Rights: David Swarbrick 2012
18 October 2013 http://www.swarb.co.uk/lawb/usSecuComm.shtml 180 18 October 2013