For those who didn't notice part 3 of the RIPA act is now in force:

For those of you who don't know Part 3 basically means (quoting Wikipedia):
Quote Originally Posted by Wikipedia
Especially contentious was Part III of the Act which (under some circumstances) might require persons to supply the cryptographic key to a duly authorised person. Key disclosure would only be appropriate in circumstances where the actual encrypted traffic was not supplied. Failure to disclose encrypted traffic (or if appropriate the relevant key) would be a criminal offence, with a maximum penalty of two years in jail.
We've discussed the merits of this section of the RIPA Act before:

So any suggestions on how to deal with this new law in school policies? Or even just some practical implementation ideas?