Home Office : NTAC FAQ

[Caspar Bowden]

http://www.homeoffice.gov.uk/oicd/ntac/ntacfaq.htm 
NATIONAL TECHNICAL ASSISTANCE CENTRE: FAQs
What is NTAC?

NTAC will be a twenty-four hour centre operated on behalf of all the law
enforcement, security and intelligence agencies, providing a central
facility for the complex processing needed to derive intelligible
material from lawfully intercepted computer-to-computer communications
and from lawfully seized computer data that are increasingly encrypted.

Why is NTAC necessary?

Without an appropriate response, rapid developments in information
technology with communications increasingly travelling from
computer-to-computer and information protected by encryption will lead
to a considerable loss of intelligence from lawfully intercepted
communications and evidence from lawfully seized material.

The Cabinet Office Performance and Innovation Unit, in its report
"Encryption and Law Enforcement" recommended the establishment of a
Technical Assistance Centre to assist law enforcement agencies to gain
access to communications or plain text protected by encryption or
complex transmission or storage protocols.

Without NTAC, the ability of the Agencies to derive intelligence from
the interception of standard telephony will gradually erode as new
technologies using Internet Protocols predominate.

Use of encryption to protect stored computer files is increasing and
threatens the prosecution of those with the greatest motivation to
conceal the content of those files, such as pornographers and
paedophiles.

What will NTAC do?

Respond to the threat to public safety from criminal use of encryption.
Make a difference between serious crime being prevented or punished and
criminals going unpunished and free to continue their activities.
Provide techniques for lawful interception of modern multimedia
communications and improve facilities for deriving evidence from
lawfully seized computer data.

NTAC will make technically possible the provisions included in Part III
of the Regulation of Investigatory Powers Act 2000 requiring the
disclosure of keys to lawfully obtained protected electronic data.
(Those powers are expected to come in to force in late 2001/early 2002.)

NTAC will undertake any processing necessary to make lawfully
intercepted material intelligible. NTAC will not analyse the
intelligible content of any intercepted material. That will remain a
function for the agency which applied for the interception warrant.

Decryption keys will be held at NTAC. How safe will they be?

Any decryption keys lawfully obtained will be subject to high levels of
security and destroyed in accordance with the safeguards provisions in
the Act..

The highest level of security for keys and other sensitive information
relating to key holders will be afforded by NTAC. Technical security
will be a specific object of the NTAC implementation project. Physical
security will be provided by locating NTAC within the Security Service
headquarters.

Information obtained through interception warrants is already tightly
protected. Safe storage of material seized in the execution of search
warrant and retained for use in proceedings is a routine part of law
enforcement activity. Where decryption keys are retained they will be
given the appropriate security.

Need to distinguish appropriate levels of security for keys. The
security considerations relating to a lawfully seized key that the key
holder knows has been seized are quite different to a lawfully disclosed
key that protects data of significant value to the key holder where
compromise of that key and the data it protects would have consequences
beyond the matters under investigation.

Will all keys go to NTAC and be stored there?

Keys protecting the most sensitive material and requiring the highest
level of physical security will go to NTAC and be held there as
necessary under the safeguards provided in the legislation.

Keys and data overtly acquired from the data owner may go to NTAC to be
processed there and then be stored locally.

Some very relatively straightforward data processing of data which is
not the most sensitive may be undertaken locally at Accredited Centres
using technical facilities provided by NTAC.

How secure will data and keys be in transit to NTAC?

Physical security of data and keys being transported to NTAC will be an
important consideration and objective of the NTAC technical
implementation project, whether transit is undertaken on-line,
electronically, or off-line, by being physically transported to NTAC.

Law enforcement is well used to protecting valuable transports, whether
that is valuable evidence being moved or valuable prisoners.