UK holds Microsoft security talks (BBC)
Posted Feb 16, 2006 8:01 UTC (Thu) by jd
Parent article: UK holds Microsoft security talks (BBC)
IANAL, so the remainder of this post is pure and wild speculation. Imbibe
plenty of sodium chloride when reading.
Although the Government is permitted access to data for national security
reasons, under UK law, Microsoft is NOT permitted to install backdoors
without the user's knowledge and consent. For the installer or upgrader to
add such a backdoor, it would necessarily be conducting unauthorized
activity on the user's computer, which would violate the Computer Misuse
Act. Any such backdoor would need to be publicly declared and openly
agreed to. Under the Data Protection Act, Microsoft would also be barred
from holding any information that might associate a backdoor key with the
user's personal information. Nor can such information be exported to
Microsoft, as the EU bans the trade of personal information to countries
that lack privacy laws (such as the US).
Also, backdoors might constitute a picklock. In the ruling of the case
involving a hacker breaking into Prince Philip's PRESTEL mailbox, the
court ruled that a digital key that existed for a fraction of a second
(the hacker used a password guesser, I believe) was not a picklock, so by
guessing keys, he was not "breaking and entering". A backdoor is
essentially permanent, so that defense would not apply.
Although the UK Government couldn't realistically be touched for
requesting such a backdoor, there MAY be ways Microsoft could be legally
vulnerable if they supplied one, but even if they were, it would take a
genius of a lawyer to pull off a stunt like that.
A different line of attack might be to put pressure on Euro MPs regarding
the current Microsoft lawsuits. The more the EU hurts Microsoft now, the
less likely Microsoft is to play ball with ANY European state on legal or
security requirements. Besides which, they'd be less likely to risk
further entanglements with the EU as a whole, no matter what any one
member state wanted.
to post comments)