Between the 1st of April 2008 and 31st March 2009, the first prison sentences were imposed because the accused refused to surrender passwords or cryptographic keys. This disclosure appears in the annual report of the Chief Surveillance Commissioner to the Prime Minister and Scottish Ministers. Two people were sentenced on the basis of powers which came into operation in October 2007 when part three of the Regulation of Investigatory Powers Act (RIPA) 2000 was brought into law. The law allows enforcement agencies to prosecute when a person does not reveal, upon request, passwords and encryption keys, with a threat of up to five years in prison.
Read more on The H Security.