Border Force temporary export permits: encrypted email no longer possible

[zambezi]

In order to travel to South Africa with your UK regiistered sporting rifle, you will need to complete a SAPS520 form and sign that in front of the police on port of entry. In addition, you will need to present a UK Border Force temporary export permit. Applying for one of those is free but requires significant supporting documentation. Below is the form and supplied check list of documents.

When I last travelled to South Africa, I submitted all of the documents UKBF required via encrypted email. I.e. I phoned Nicholas Richards, verbally advised him of the password with which the documents would be encypted and then emailed them. Given you are submitting a list of all the firearms stored at your address, the dates for which you will be out of country, etc, that seems to be minimum prudence. [PLAIN TEXT EMAIL CAN BE INTERCEPTED]

To my great chagrin I have discovered that uk.gov.gsi mail servers now reject encypted email regardless of sender or recipient. I.e. the government expects you to send sensitive data in plain text format. Absurd. That is a recipe for catastrophe. After some discussion, I agreed to send paper copies of all documents to UKBF via Royal Mail Secure Delivery. To help others in a similar situation to mine, here is the form and postal address required going forward:

 

[Fabnosh]

I think you may find that the reason is that many govt agencies will block encrypted emails as a matter of course as any attachments can't be easily scanned for malicious intent. It's a blunt instrument and does stop some bad things happening......but it is irritating.

FN

 

[artschool]

what's the current email address?

 

[zambezi]

what's the current email address?

Here you go Chris: BFLHRFirearms@homeoffice.gov.uk

[Heathrow specific]

 

[simonl]

If you're connected via a hotspot in a busy area then it might be reasonable advice. If you're at home and using a trusted email provider, on wired or even wifi then the likelihood of your emails being intercepted are miniscule. Anyone with the capability to do so has no interest in your firearms lists. They would probably be able to hack your password using brute force anyway.

 

[zambezi]

... using a trusted email provider...

I am not sure how I could have confidence regarding an email provider's trustworthiness. Even if I had complete confidence re my email provider's ethics, I cannot know what provisions they have or have not made to protect my data. And when email between tech giants like Sony and Snapchat are compromised, where does your confidence in Eckythump Mail come from?

Also many ISPs/email providers outsource parts of their business. I know how much more difficult it becomes to retain absolute jurisdiction over data in that case. One estimate suggests that over 60% of data breaches stem from outsourcing/offshoring. How do you know where your provider keeps your data/emails?

As to brute forcing a password, it is all about making that difficult. Using a random password generator with 20+ digits makes the challenge non-trivial. Almost certainly the hacker would quit and move on to other targets.

 

[Dickie]

When I did mine early last year there was there was nothing advising of this so I just emailed the required information like any other email.
It's a bit like sending your cert off to plod registered and they just pop it in a 2nd class brown envelope back.

 

[zambezi]

When I did mine early last year there was there was nothing advising of this so I just emailed the required information like any other email.
It's a bit like sending your cert off to plod registered and they just pop it in a 2nd class brown envelope back.

I send all sensitive paper documents as Recorded or Secure delivery mail. Thus delivery is tracked and, if the envelope is compromised, the recipient can flag that back to me. (BTW, the envelopes cannot be steamed as they are glued shut using cyanoacrylate)

 

[artschool]

I have just sent all of my info via email.

 

[Dickie]

I send all sensitive paper documents as Recorded or Secure delivery mail. Thus delivery is tracked and, if the envelope is compromised, the recipient can flag that back to me. (BTW, the envelopes cannot be steamed as they are glued shut using cyanoacrylate)

The point I was making as we send ours in to plod recorded / registered glued sticky taped whatever and plod just pop it in an envelope probably as cheap as they can get and often the document hasn't been signed. As safe as any email.