Abstract: With the invention, rather than a sender encrypting the data directly to the key of the intended recipient, the sender instead encrypts the data to a policy decision point (residing, for instance, on a server), and instructs the server as to the policy under which it is to be decrypted (for instance, when someone with certain responsibilities asks for it, when a date has been reached, etc.).