|
|
| |
| Crypto
Regulation in Europe : Some Key Trends and Issues |
| by Bert-Jaap Koops, 8th Joint European Networking
Conference (12/05/1997) |
| |
| This paper gives an overview of current
and proposed crypto regulations in Europe, with attention to developments
in the US, Japan and the OECD. For long governments have regulated
the export of cryptography, mainly to keep criminals within the reach
of wiretapping officials, but now they have to face a crytpo dilemma
as the lobbies for restricting crypto aremore or less balanced by
the lobbies to stimulate crypto use. According to the author, there
are several growing issues that any crypto policy has to take into
account before being able to implement a crypto policy : the aim of
the policy (provide law-abiding citizens with robust encryption or
solve the problem law enforcement has with cryptography), international
cooperation, and key recovery issues (trust, liability, constitutional
rights, who accesses keys). Consequently, this paper finally suggests
a framework for states to decide upon a crypto policy. |
| |
| Commerce
Electronique : les Réformes Européennes |
| by Maitre Valerie Sedallian, conference given
at INFOSEC (02/06/1999) |
| |
| Presentation of a project of law
which aims at giving a legal value to such concepts as digital signature,
online contracts and electronic currency, in order to favor electronic
commerce at the European level. The main issue here is to create confidence
through the technical and legal security of online transactions, for
which many projects of laws are still being discussed, for example
a proposal of reglementation on encryption : this rule would suppress
the need for authorization in the case of export of encryption products
between members of the European Union. This document does not deal
mainly with encryption though. In the first part, Valerie Sedallian
explains why it is difficult to legalize the concept of electronic
proof, and describes the projects of European laws that aim at doing
so. Then she talks about third-party certification services and presents
the project of a new directive that tries to create an international
recognition of certification services for electronic signature. This
activity is not regulated by the French law, so a directive would
create the legal frame for such services in France. Yet, there is
a problem of compatiblity of this law with the french laws on encryption
: third-party certification services would indeed be considered as
encryption services providers by the French law, and would then require
an authorization granted by the State to provide their services. |
| |
| Network
and Information Security : Proposal for a European Policy Approach |
| by the Commission of the European Communities
(06/06/2001) |
| |
| After an analysis of network and information
security issues, this report underlines the need for an European Policy
approach in order to ensure that the Internal Market can benefit from
common solutions to security risks, and in order to improve the functioning
of the legal framework at a regional level. It is especially important
that policy makers create the conditions that will allow to balance
the cost of providing security with the specific need for security,
which is not yet possible due to certain market imperfections. Among
the proposed measures is the free circulation of encryption products
between Member States. |
| |
|
