Forgot your password?
typodupeerror
News Your Rights Online

South African Gov And ECT Bill 12

Posted by Hemos
from the what-goes-around-comes-around dept.
GothicManSlut writes "South Africa's ITWeb(http://www.itweb.co.za) has released this article (http://www.itweb.co.za/sections/internet/2002/020 8011154.asp?O=FPT) in regards to the controversial ECT Bill being passed now as law. This is sure to provoke the industry in South Africa as it expects the public to hand over all cryptography keys the SA public has just to name a few of the problems with it. I wonder who will actually obide to these laws."
This discussion has been archived. No new comments can be posted.

South African Gov And ECT Bill

Comments Filter:
  • ...the mandatory use of IPv6 by all ISPs with each individual assigned an IP number at birth which will be theirs for life. This, combined with mandatory MAC address registration/matching with IP numbers will be the end of anonymity on the web. Before you can gain access, you must first identify yourself.

    You may think it absurd, but this (or something to the same effect) is more likely than not. I remember the end of the BBS days when the ACs were screened out by most SysOps via mandatory IDing of the user before an account was allowed on the systems. This due to rampant abuse by ACs and the coming of the concept of legal accountability to those running the systems.

    I have mixed feelings in that I'm not sure if it's good or bad as there are good arguments on both sides. Guess we'll get to watch it play out in time.

  • It's a shame that these initiatives all ssem to be so narrow minded.

    Even when they're actually good ideas (I'm not claiming that this is a good idea!) they're implemented on a country-by-country basis and so their use to the global Internet community is severely limited.

    I didn't see anything that required the end users of the net in SA to register themselves though - just the providers of cryptographical solutions - so I think we're safe from complete user control for a few more months...

  • Anybody know what happened with the guy who had been running the .za domain?

    Last I'd heard [slashdot.org] he'd moved the servers that controlled it out of South Africa for when this bill went through.
  • OK, I admit, I actually read the article -- please don't shoot me! From what I read, the new law legitimizes electronic signatures (I'm sure it does more, but the article didn't say) and the only registration requirement is for companies providing cryptographic services. It said nothing about individuals having to turn over their private keys.

    Frankly, I'd be very happy if public key encryption became standard, and there were government-registered companies to certify people's public keys. How do you know that this key purportedly from John Smith is really from John Smith? Why not welcome the government's seal of approval that the company verifying John Smith's identity isn't "Fly-By-Night Enterprises" [verisign.com]? Or are you happy trusting Microsoft [passport.com] to verify this stuff for you?

    • From the article, this all sounds quite positive for South Africa. Legally recognized digital signatures, based on a solid technical platform, seems like a good idea. Unlike the moronic corp-bought equivalent US law, which gives legal recognition to completely insecure, unverifiable click-through agreements on the web. Perhaps the U.S. should consult President Mbeki on matters of Internet policy in future? (Just not on AIDS policy, please.)

      If there's something else nefarious going on here, could someone explain?

      I think this bill does contain the new .za domain control legislation, so that part may be iffy (I don't know), but that's nothing like the UK RIP-like encryption fascism described in the submitter's posting.

      There's a possibly interesting pattern developing here: some of the most technologically advanced nations, arguably having the most to lose from preceived "abuses" of technology, are attempting to control development with unreasonably strict laws: DMCA, RIP, and whatever's going on in Australia with e.g. net filtering and the like. Meanwhile, some developing nations have a double incentive to be less restrictive and more open to "subversive" technological innovation: they're not dependent on revenue from the existing hi-tech industry, and they may see an opportunity to leapfrog some of their more advanced competitor nations. Perhaps this is how Western global economic and dominance will end, as short-sighted politicians try to ban innovation in genetic research, encryption, digital cash, and other promising areas...

  • They'll get my crypt-keys when they pry them out of my cold dead...
    Sorry, wrong bandwagon.
  • I've read this petition [ectbill.co.za] (as well as the of some of the problems with the bill [ectbill.co.za]). It mainly talks about Accreditation authority restrictions. It does not say ANYTHING about handing over private keys.

    I'll still have my private key and privately encrypted messages (but they won't be legally recognised). These will be as safe and ans private as a locked box was and still is. (The law about this is still the same to promote general anti-crime sentiments.

    Finally I may be able to send electronically signed letters to my bank! Faxes are SOOOO outdated.

    :)

    I have also read most of the bill itself and note that there are (still) some things that need to be scraped or wiped before we come into alignment with european standards.
    • The "handing over keys" thing is just FUD from the article poster. There is NO provision in the bill for this, after there was a public outcry about the recommendations of the technical committees (which did the research which led to the bill).

      Unfortunately the public outcry was caused by FUD from morons just like this poster. The technical committees recommended that a court could issue a warrant to force any person to disclose their keys or the contents of an encrypted message or transaction (at the discression of the person receiving the warrant).

      This would have been the most enlightened stance on the matter in the world, since you (if accused of wrongdoing) could avoid handing over your keys!

      At the moment, legal opinion is that in most countries the court could force you to hand over your keys under existing law, if it deemed them important in an investigation, or find you in contempt.

      So, thank you FUDding dipshits for fucking up a really good thing, because you couldn't be bothered to READ and UNDERSTAND the ACTUAL BILL, but relied on bullshit that you got from the rumourmill.

      • Hear, hear.

        I really TRIED to find something that was deeply negative, but could not. I made the effort of reading through several sections of the bill.

        If anyone could just give me the sections they have problems with, then we can talk again. I think the bill is fair for all parties, and lays the ground of lealising electronic (inter-)personal transactions. Another step toward a paperless society. I love freedom but hate anarchy ... two sides of the same coin? perhaps...

        -shrug- :)

The Tao doesn't take sides; it gives birth to both wins and losses. The Guru doesn't take sides; she welcomes both hackers and lusers.

Working...