Cryptography Act Public Draft 999
Category : Human Rights
Strength : Significant
The World Assembly,
NOTICING the usage of cryptography in many member nations as well as its unparalleled importance in regards to the privacy of data, and
RECOGNIZING that all member nations do not possess the same level of information technology, which may be subject to relatively fast and advanced changes that could potentially introduce unforeseen ways of engaging in criminality and warfare, but
REAFFIRMING the statement that “...every person has a right to privacy that extends to all lawful actions that occur out of public view and to all lawful actions, places, and other matters for which a subjective expectation of privacy and a reasonable, or objective, expectation of privacy exist” which has been expressed in GAR#213 Privacy Protection Act;
ADMITTING that, for the good of their population and, more generally, in their own interest, member nations may need to attempt bypassing cryptographic protocols, but
CONDEMNING how some governments do not hesitate to fragilize the trust that people all around the world may have in cryptography by forcing the implementation of backdoors in widely, publicly used protocols during their development,
UNDERSTANDING that other aspects of cryptography and it’s usage should be regulated by further legislation, which is expected to justify the necessity of all eventual breaches of privacy, and
NOT FORGETTING that the concept of cryptography isn’t restricted to digital communications,
Hereby,
DEFINES, at least for the purposes of this resolution :
a. Cryptography as the study and application of the methods by which information may be made private to any unintended reader and, by extension, the various protocols devised for this purpose;
b. Encryption as the application of any protocol that obfuscates the original meaning of information beyond legibility, with decryption as it’s reversal or attempted defeat;
c. Vulnerability, in the context of an encryption protocol, as the ability to reverse or defeat it without any information private to the owner of relevant data and within a sensible timeframe;
d. Cryptographic Privacy as the logical consequence of using cryptography to ensure the privacy of information for the sake of one’s own privacy;
ESTABLISHES that cryptographic privacy can not be expected from a vulnerable encryption protocol;
PROHIBITS member nations from interfering with the development of encryption protocols with the intent of increasing their vulnerability;
ALLOWS member nations to devise and apply cryptographic protocols, in the extent of legislation on the matter and within the confines of this resolution;
DECLARES that any malignant interference with the development or application of any cryptographic protocol in a member nation shall be considered an act of sabotage, surveillance, or terrorism, depending on the context and severity, and as understood by all parties involved at the lawfully appropriate levels;
URGES member nations to regulate the governmental development or application of any preferred forms of cryptography in an official manner, left to their liking and customs and according to their level of information technology, especially if the intent is to implement bona fide acts of surveillance, as explained above;
PROHIBITS member nations from attempting to reverse or defeat vulnerable encryption protocols implemented by a civilian of any member nation, except in the case where the obtention of specific instances of decrypted or encrypted information linked to this civilian is warranted lawfully;
ALLOWS member nations to establish organizations dedicated to the lawful encryption and decryption of data, as this kind of duty can not be realistically accomplished by an international body without seriously endangering international harmony.