Prohibition on key escrow requirementsN.I.
3.—(1) Subject to subsection (2), an order under section 1 shall not impose a requirement on any person to deposit a key for electronic data with another person.
(2) Subsection (1) shall not prohibit the imposition by an order under section 1 of—
(a)a requirement to deposit a key for electronic data with the intended recipient of electronic communications comprising the data; or
(b)a requirement for arrangements to be made, in cases where a key for data is not deposited with another person, which otherwise secure that the loss of a key, or its becoming unusable, does not have the effect that the information contained in a record kept in pursuance of any provisions made by or under any statutory provision becomes inaccessible or incapable of being put into an intelligible form.
(3) In this section “key”, in relation to electronic data, means any code, password, algorithm, key or other data the use of which (with or without other keys)—
(a)allows access to the electronic data; or
(b)facilitates the putting of the electronic data into an intelligible form;
and references in this section to depositing a key for electronic data with a person include references to doing anything that has the effect of making the key available to that person.