Would I be right in suggesting that it's not encrypted data unless someone can decrypt it to prove so? In other words, we're free to send garbled nonsense to each other.
I was thinking something less obviously encrypted than a usb stick with a dialog box saying "Enter password" - how about steganography? "A password for my image?"
To my (lay!) knowledge, no. The primary legislation indicates that to be in violation of that section the court has to believe you did have a way, when you were given an order under RIPA, to make the content they're seeking readable, and you haven't done so. If you do not possess a means to make it readable at that point because you routinely use ephemeral keys - as most people do now (specific example: ECDHE TLS ciphersuites) - you wouldn't be in violation of RIPA in that case, I believe.
Also, keys which are only used for signing are specifically exempted from disclosure in the primary legislation - so don't hand over private TLS signing keys (if, and only if, you always use ephemeral keys, not static RSA) or any GnuPG/PGP signing keys (encryption subkeys on the other hand? However, GnuPG has a way to output the symmetric keys for individual messages, allowing you to limit the damage)!
Of course, if ever presented with any such order, you absolutely need very good legal advice rather than taking it from a lay random on Hacker News. I would definitely encourage you to fight, if you can.
Civilization should have collapsed the moment a large group of people agreed that one element should disclose a specific piece of knowledge, or face punishment. If everything else if my life fails, I want to become a martyr to this cause.
I've rar'd quite a few files in my day, many with a password. The majority of them I could not remember if asked. We effectively have made forgetting a crime in the name of protecting children and stopping terrorism.
And it won't do either, merely encourage the use of other routes to planning such activities. It's not difficult to imagine a terrorist plan that has no dependence on electronic messaging. Talk about selling your birthright for a mess of potage.
When applied to having a hidden truecrypt OS, I don't think this would work with UK's laws. You give the password to the dummy OS, not the true OS, but there still being a large chunk of seemingly encrypted data on the hard drive would lead them requiring you to unencrypt that as well.
Deniable encryption schemes are meant to protect the confidentiality of data under duress. They are not meant to protect the person placed under duress.
Indeed, for some schemes, even if someone cooperates fully, they will be unable to prove that they have, which could leave them in a very dangerous situation. It will also be difficult to prove that they haven't cooperated fully, but whether that is relevant depends on the type of duress they face - you may have varying degrees of success or failure facing thresholds of 'beyond reasonable doubt', 'preponderance of the evidence', or 'hammer to the kneecaps'.
A vitally important thing to know, if you're a keyholder of such a system. Given such a disadvantage, they are not very commonly used. The vast majority of all those who use (and have used) TrueCrypt don't use hidden volumes.
It's also worth pointing out that any disk usage metadata - as, for example, is kept by any and every SSD - tends to catastrophically break deniability. I don't know of anything that can do deniability with a flash device.
England will imprison people who forget passwords. Here are two examples:
http://bbc.co.uk/news/uk-25745989
http://www.theregister.co.uk/2009/11/24/ripa_jfl/