Introduction to these documents

A recently published Cabinet Office paper entitled Encryption and Law Enforcement stated that "there must be a greater degree of international co-operation, particularly in relation to setting agreed standards." (para 7.10) The paper further stated that "there has been remarkably little co-ordination of policy on encryption matters" internationally apart from the OECD Guidelines on Cryptography Policy.

However, the Aaron Files that we are bringing to the attention of the public through these pages suggest otherwise - that UK Government encryption policy was closely co-ordinated by the US despite the denial in the Cabinet Office paper which concluded that the result of the absence of such a co-ordination "has been a degree of misunderstanding and suspicion as to the rationale behind attempts to regulate, or influence, the domestic use of encryption."

We believe there has not been a misunderstanding at all and secrecy played a key role in the formulation of UK Government policy on encryption so far. The responses received through the DTI in relation to requests made under the Open Government Code of Conduct procedure revealed nothing at all apart from references to "a whole range of papers (in up to 15 separate files)" which would be relevant to a better understanding of UK Government's policy on encryption.

We were already suspicious about a US Government involvement in May 1997, and as a response to the, March 1997 DTI Consultation paper, Cyber-Rights & Cyber-Liberties (UK) stated that:

"The DTI consultation paper addressed many issues which would have an impact on the use of encryption tools on the Internet but the issue of whether blanket escrow of encryption keys (the central policy being put forward both to encourage trust in the integrity of encryption and to allow for investigation of those criminals and terrorists who abuse its facilities) presents unique civil liberties dangers was not addressed. In addition to its refusal to examine the core of the controversy, the DTI paper is provincial and ahistorical. There is no mention of the four years of continual proposals for key recovery products by the US Government, even though their proposals have much in common with the DTI proposal and clearer inspired the latter."

Cyber-Rights & Cyber-Liberties (UK), "First Report on UK Encryption Policy: A Legal Reply to the DTI Public Consultation Paper on Licensing of Trusted Third Parties For the Provision of Encryption Services," May 30, 1997, at

Now we have the opportunity to reveal the secretive process in which UK Government policy was influenced by the US Government between November 1996 and January 1997. In the absence of a Freedom of Information Act, it was not possible to obtain any documents from the DTI under the Open Government Code of Conduct in relation to the formulation of UK Government's policy on encryption. Therefore, we are grateful to the Electronic Privacy Information Center who has obtained the following documents under the US Freedom of Information Act which are historically important and shows a great deal on how policies are developed in secrecy.

Cyber-Rights & Cyber-Liberties (UK), July 1999.


Go back to Cyber-Rights & Cyber-Liberties (UK) Freedom of Information Files pages.