A/CONF. 187/10 considered controlling the proliferation of cryptography obtain access by applying coercive powers against either of products in order to prevent criminal or terrorist groups them. Usually, they will prefer to do so against the Internet from gaining access to them, using such things as licence service provider, since this could be done without alerting requirements for products"strong"enough to make law the addressee to the existence of the investigation. In such enforcement access difficult. Some countries have also cases, the legal powers to intercept a communication and sought to apply practical measures in an attempt to ensure to effect a physical search of premises and any computers that legal access to electronic communications protected by located therein may effectively become interchangeable. In encryption can still be gained. The measures include the this context, the legality of a production order to hand over use of special computer chips, key-escrow systems(in existing messages and messages that arrive within a certain which message keys are kept by trusted third parties from period of time could be questioned unless it met the whom they can be lawfully seized to gain access)or special (usually higher)legal standards for interception. The fact efforts to break encrypted messages using technical means. that the data are under the control of the provider and Policies of this kind have encountered some difficulties customer simultaneously may also raise questions about with the technology and opposition from advocates of whose privacy, property or other rights or interests must be privacy rights and commercial interests addressed in gaining legal authorization to conduct a 46. Ensuring access to encrypted communications search or interception stored data in the course of criminal investigations is understandably a matter of concern to law enforcement agencies worldwide. Measures that address this problem V. International cooperation among part may already exist in some countries. In many cases national law enforcement telecom and network operators will themselves apply authorities encryption to protect their own systems and their customers communications. Where those operators are A. Forms of cooperation and international under a legal obligation to cooperate with law enforcement nitiatives authorities in the interception of a specified communication it seems reasonable to assume that such an obligation includes(or could include) a duty to undo any 48. Given the international dimension of electronic encryption they applied to it. This would not extend to networks, it is becoming less likely that all elements of encryption applied directly by the customer, however cyber crime will be restricted to a single national territory which would generally be impossible for the operator to n Investigations, law enforcement authorities of different States will need to cooperate, both formally, using mutual consider obliging persons who participate in an encrypted legal assistance frameworks and structures such as communication to provide the means of decryption when Interpol, and informally, by providing potentially useful so ordered by the competent judicial authority. To protect information directly to the authorities of another State. In against self-incrimination, such an order could be made general, international police cooperation presupposes the unavailable against suspects or other persons to whom a consent of the authorities of the States involved legal exemption applie Depending on the relationship of the States involved, the nature of the information in question--or other factors-it 47. As noted in paragraph37above, most countries make may also require authorities and procedures set out in an a distinction between the interception of flowing data and international agreement the seizure of stored data, but e-mail challenges this distinction, because it combines both data transfer and 49. In 1997, the Group of Eight, consisting of the heads storage. When a message is sent, it Is transmitted by the of State or Government of the Group of Seven major sender's service provider to the service provider of the industrialized countries and of the Russian Federation, addressee. Upon receipt, the latter stores the message in adopted a number of legal principles and a common action the mailbox of the addressee until it is opened. The plan against what it described as"high-tech crime". They addressee has access to the message and determines how contain some proposals for practical cooperation among long it will be preserved in the mailbox. Messages in the law enforcement authorities, as well as the development of mailbox are thus under the control of both the addressee legal principles concerning mutual legal assistance and the provider, and law enforcement could generally Elements of practical cooperation discussed includedA/CONF.187/10 11 considered controlling the proliferation of cryptography products in order to prevent criminal or terrorist groups from gaining access to them, using such things as licence requirements for products “strong” enough to make law enforcement access difficult. Some countries have also sought to apply practical measures in an attempt to ensure that legal access to electronic communications protected by encryption can still be gained. The measures include the use of special computer chips, key-escrow systems (in which message keys are kept by trusted third parties from whom they can be lawfully seized to gain access) or special efforts to break encrypted messages using technical means. Policies of this kind have encountered some difficulties with the technology and opposition from advocates of privacy rights and commercial interests. 46. Ensuring access to encrypted communications or stored data in the course of criminal investigations is understandably a matter of concern to law enforcement agencies worldwide. Measures that address this problem in part may already exist in some countries. In many cases, telecom and network operators will themselves apply encryption to protect their own systems and their customers’ communications. Where those operators are under a legal obligation to cooperate with law enforcement authorities in the interception of a specified communication, it seems reasonable to assume that such an obligation includes (or could include) a duty to undo any encryption they applied to it. This would not extend to encryption applied directly by the customer, however, which would generally be impossible for the operator to decrypt. Another possibility is that national legislators consider obliging persons who participate in an encrypted communication to provide the means of decryption when so ordered by the competent judicial authority. To protect against self-incrimination, such an order could be made unavailable against suspects or other persons to whom a legal exemption applies. 47. As noted in paragraph 37 above, most countries make a distinction between the interception of flowing data and the seizure of stored data, but e-mail challenges this distinction, because it combines both data transfer and storage. When a message is sent, it is transmitted by the sender’s service provider to the service provider of the addressee. Upon receipt, the latter stores the message in the mailbox of the addressee until it is opened. The addressee has access to the message and determines how long it will be preserved in the mailbox. Messages in the mailbox are thus under the control of both the addressee and the provider, and law enforcement could generally obtain access by applying coercive powers against either of them. Usually, they will prefer to do so against the Internet service provider, since this could be done without alerting the addressee to the existence of the investigation. In such cases, the legal powers to intercept a communication and to effect a physical search of premises and any computers located therein may effectively become interchangeable. In this context, the legality of a production order to hand over existing messages and messages that arrive within a certain period of time could be questioned unless it met the (usually higher) legal standards for interception. The fact that the data are under the control of the provider and customer simultaneously may also raise questions about whose privacy, property or other rights or interests must be addressed in gaining legal authorization to conduct a search or interception. V. International cooperation among national law enforcement authorities A. Forms of cooperation and international initiatives 48. Given the international dimension of electronic networks, it is becoming less likely that all elements of a cyber crime will be restricted to a single national territory. In investigations, law enforcement authorities of different States will need to cooperate, both formally, using mutual legal assistance frameworks and structures such as Interpol, and informally, by providing potentially useful information directly to the authorities of another State. In general, international police cooperation presupposes the consent of the authorities of the States involved. Depending on the relationship of the States involved, the nature of the information in question—or other factors—it may also require authorities and procedures set out in an international agreement. 49. In 1997, the Group of Eight, consisting of the heads of State or Government of the Group of Seven major industrialized countries and of the Russian Federation, adopted a number of legal principles and a common action plan against what it described as “high-tech crime”.7 They contain some proposals for practical cooperation among law enforcement authorities, as well as the development of legal principles concerning mutual legal assistance. Elements of practical cooperation discussed included: