- The security of your information systems may be compromised by the investigations of law enforcement agencies.
e.g. In some countries, legislation grants law enforcement agents access to cryptographic keys, or to the unencrypted contents of data previously encrypted.
The Regulation of Investigatory Powers Act, enacted in 2000, provides such powers to UK law enforcement agencies.
The Council of Europe - Draft Convention on Cyber Crime, released in late 2000, proposes even greater investigatory powers.
- Seek legal advice as a priority.
- Consider how to best support the investigative process with minimum breach to your Information Security.
- Where cryptographic keys have been revealed and the relevant data submitted, arrange for the keys to be changed at the first available opportunity.