[chrisvineup]

Which is precisely why the government in the UK added encryption sections into the RIPA acts http://en.m.wikipedia.org/wiki/Regulation_of_Investigatory_P... people who fail to hand over keys to encryption can face a prison sentence. The rather obvious flaw in this is that people routinely forget their passwords and the prosecution have to prove intent.

[cmdkeen]

Yet the UK has successfully obtained convictions for failing to hand over passwords - and the UK legal system hasn't yet been compromised to the level of ignoring reasonable doubt.

The majority of people who receive such notices hand over their decryption keys. Because the UK requires such notices only be made after consulting with specialists - it isn't like some random cop makes the requirement on their own. Those specialists can determine things like the likelihood of the "I forgot" defence working.

It should be fairly easy to come up with scenarios where claiming a forgotten password is unlikely. Especially if it is a case of the key being used regularly, for instance whole drive encryption, or one key for all email encryption. Then they're not claiming they forgot the key at some point - they're claiming they forgot it at the very moment the police came knocking. Because otherwise they'd have to claim they've been sitting on a bricked computer, or unusable email account. Which becomes even harder if you can show emails having been sent from that account up until a certain point in time.

Remember criminals tend not to be the smartest cookies running state of the art encryption with deniable characteristics etc.

[userulluipeste]

Can't I just say that the police knocking gave me intense emotions which caused me a cerebral shock or something?