The Brexit agreement contains references to decades-old computer software – including descriptions of Netscape Communicator and Mozilla Mail as “modern” services.
Experts believe officials have copied and pasted chunks of old legislation into the document, which can be found on page 921 of the new trade deal – in a section on encryption technology.
It also recommends using systems that are now considered extremely vulnerable to cyber-attacks, citing “modern e-mail software packages including Outlook, Mozilla Mail as well as Netscape Communicator 4.x.”
The latter two are now defunct – while the last major release of Netscape Communicator was in 1997.
The deal also recommends using 1024-bit RSA encryption and the SHA-1 hashing algorithm, both of which are outdated.
“It’s clear that something is amiss in the drafting of this treaty, and we’d go so far as to venture the opinion that a tired civil servant simply cut-and-pasted from a late-1990s security document,” news site Hackaday remarked.
Some have suggested that the text was copied from a 2008 EU law, which includes much of the same text.
Professor Bill Buchanan, a cryptography expert at Edinburgh Napier University, told the BBC there was “little excuse” for the outdated references.
“I believe this looks like a standard copy-and-paste of old standards, and with little understanding of the technical details.
“The text is full of acronyms, and it perhaps needs more of a lay person’s explanation to define the requirements.”