I winced a little upon reading a few stories about this new law in
the UK. The gist of them was basically that the British government
could force you to disclose encryption keys for national security
reasons and impose jail terms of up to 5 years if you didn’t comply.
A mere 2 years if it was part of a non national security investigation.
Upon a quick look at the Act however, it appears to be even more
poorly written than that and much more open to abuses in my opinion.
Part 3 seems particularly vague and problematic :
(3) A disclosure requirement in respect of any protected information is necessary on grounds falling within this subsection if it is necessary— (a) in the interests of national security; (b) for the purpose of preventing or detecting crime; or (c) in the interests of the economic well-being of the United Kingdom.