the issue of legislation
There are Internet laws, but these are often inadequate and each country has its own legislation - so much so that just a few years ago, France prohibited all forms of encryption (except for
signatures since 1990) since its politicians believed (some still do today) that citizens could not have access to cryptographic tools that could be used by the military. French policies have since become more flexible but are still behind in relation to countries like the United States, which gives its citizens
the freedom to encrypt at their leisure.
However, the State no longer has any control over the content of exchanges, to the delight of hackers (for bank transactions for example), the Mafia and terrorists (for data exchanges compromising national security).
On the other hand, e-commerce needs cryptographic services to ensure delivery to the customer and guarantee payment.
The State therefore needed to have access to certain information to be able to fight terrorists. Keys appear to be the best way to guarantee identification
Trusted third parties
This new legislation authorizes any person (physical or legal) to use encryption software as long as it deposits keys with a body certified by the DCSSI (French Information Systems Security
Central Division). This body can hand encryption keys over to the law in the case of doubt. This Trusted third party does not depend on the State; the latter has to set up legal proceedings to be able to verify encrypted messages.
France is, as in many other areas, extremely slow whenever it comes to administrative matters (other countries are even slower) and particularly legislation. So much so that when laws appear, technologies have already changed making the laws obsolete... Who is to blame? Is justice too slow, or is the world changing too quickly? A bit of both, most likely..
Leyes sobre la criptografía
Lois sur la cryptographie
Leggi sulla crittografia
Leis sobre a criptografia