What is the IMG strategy for?

At the July meeting, the BMA was offered two separate explanations of the IMG strategy document. The first was that it covered the ramifications of using cryptography. It fails to do that because it does not tackle the critical issue of escrow.

The second was that an architecture had been proposed for cryptography in the NHS. This is true insofar as the report steers the NHS towards adopting the GCHQ strategy for secure email (or some close variant).

The stated terms of reference in the strategy document were on IMG's admission varied to downgrade the importance of digital signature. What other variations were there?

The original terms of reference also asked:

• what crypto should be used for. This is answered only in general terms;
• the costs and benefits. The costs are wrong, and placating medical concerns about protecting patients' privacy appears to be seen as the main benefit;
• the available standards and products. The only available product discussed appears to be PGP, and the assessment given of it is inaccurate;
• the additional costs of central provision. These are not discussed, and the more realistic option of distributed provision of digital signature, encryption and certification services is not even mentioned;
• for a study team including people with a sound understanding of the NHS and the technology; especially the complexity of NHS management arrangements, variety of systems, available products, and the complexity of key management in very large decentralised organisations. This is also lacking.

However, on page 6 the strategy provides a completely separate set of terms of reference: to examine contexts for encryption and other security services; to describe suitable techniques; to identify impacts on various parties; and to discuss an implementation approach. It is difficult to understand why one single IMG strategy document contains two so different terms of reference, one in the appendix and one in the body of the text. However, assuming that the version in the body of the text is the real terms of reference within which the experts were instructed to work, then the strategy can still be criticised. In our view, it does not examine the contexts in which encryption would be required with any completeness or accuracy; it does not describe suitable techniques; it does not identify and describe the costs and other impacts with any precision; and it contains no practical guidance on implementation. The proposals actually made are in our view wrong in almost every detail.

The influence that GCHQ had on the evolution of the IMG strategy ought to be stated clearly together with supporting documentation. We are told that the `national interest in protection of person identifiable data' led to consultation with GCHQ's protective organisation, CESG. Yet the national authority for personal information is not CESG but the Data Protection Registrar -- who has waged a long battle against the intelligence services over whether these services should register under the Data Protection Act [34].

It is further stated that `CESG's advice has been most helpful and, while not leading to the introduction of any specific functionality into the recommended NWN key management infrastructure, has influenced the recommendations made in this report so that they allow for this possibility' (of interworking with a future national key management infrastructure).

There is also the remark (mentioned above) that the NHS would have to talk with CESG about ``the possibility of ... being allowed to use alternative algorithms''. Who is doing the allowing here, and under what law or regulation? According to the DTI, the use of cryptography within the UK is completely unrestricted [42], so we must insist that the authority for the statement quoted above is clearly identified. Which minister will be concerned with `allowing' the use of alternative algorithms? Under what law or regulation will the minister be exercising that power?

When the director of CESG, Andrew Saunders, appeared at an MoD sponsored meeting to sell the TTP programme on the 26th June, he was asked whether his department had advised the Department of Health that the IMG strategy was sound, or whether they had at least had sight of it before its release. The question was not answered on that occasion, but we must insist that it is answered now.

Common sense suggests the following explanation. GCHQ wished to promote its `secure' email protocol (as admitted in [24]). It involved the IMG and the NHS Executive as government agencies (strategy p 16: `NHS would represent a large user community, and this size of market would encourage the development of an active and competitive market in Red Pike products'). A policy decision was taken to use the GCHQ approved offering in the National Health Service, and the production of the IMG strategy document was an exercise in collecting arguments to provide ex post facto justification for this. The fact that the NHS Executive, a central government department, commissioned the report quite clearly constrained its authors, despite the lack of clarity over the report's remit.

The IMG cryptography strategy is consistent with this explanation, in which central government interests rather than individual patient privacy are paramount. Such an explanation also sheds light on why the IMG repeatedly assured the BMA that the pilots would not support key escrow, and yet went ahead with it none the less.

However, the whole GCHQ approach to securing email is inappropriate in the health care context, as are the arguments advanced in the IMG strategy to support its adoption.