Short address for this page: https://oe.cd/crypto
Cryptography is one of the technological means to provide security for data on information and communications systems. It can be used to protect the confidentiality of data, such as financial or personal data, whether that data is in storage or in transit. Cryptography can also be used to verify the integrity of data by revealing whether data has been altered and identifying the person or device that sent it.
The OECD Recommendation concerning Guidelines for Cryptography Policy was adopted to "promote the use of cryptography without unduly jeopardising public safety, law enforcement, and national security".
The Guidelines include eight high-level principles:
Adopted in 1997, the Cryptography Policy Guidelines are reviewed at least every five years. Reviews carried out in 2002, 2007, 2012 and 2017 came to the overall conclusion that they are adequate to address the issues and purpose for which they were formulated and that there was no need to revise them. The next review is expected in 2022.