Feeds

UK.gov to impose data retention dragnet on ISPs

Consultation? What consultation!

  • alert
  • submit to reddit

High performance access to file storage

The Government is to impose a controversial Net surveillance regime on service providers, despite widespread industry criticism that its dragnet data retention approach is costly and unworkable.

On Friday (Sept. 12) the Home Office announced the results of a consultation on a code of practice for the voluntary retention of communications data that reveal the Government remains unmoved by the arguments of the ISP community, civil libertY activists or many backbench MPs.

Currently, ISPs retain data for billing purposes only. But soon they will have to retain communications data for at least a year, under provisions in last year's Anti-Terrorism Crime & Security Act (ATCS).

Data retention obliges service providers to keep data on everyone, in case it is subsequently needed for investigations into serious crime or terrorism.

Data retained will include catalogues of Web sites visited, records of e-mail recipients, lists of telephone numbers dialled, and the geographical location of mobile phones at all times they were switched on. It does not include the contents of messages or telephone calls.

In a January report by the All Party Internet Group (APIG) of backbench MPs criticised data retention and urged the Government to consider a lower impact scheme of targeted "data preservation", where service providers retain data on specified individuals at the request of the police. This approach is used in the US, and is favoured by UK ISPs.

APIG's inquiry found the government had underestimated the expense of its data retention scheme, which could cost "well in excess of £100 million", and concluded that the government's approach is impractical.

Despite many such criticisms during the six-month consultation, the Government's commitment to data retention remains intact.

Friday's paper proposes that data should be retained for a maximum period of 12 months and identifies different time limits for retention of different types of data. If this voluntary arrangement proves unacceptable to the industry, the Government will look to make such data retention compulsory.

Home Office minister Caroline Flint said: "The Government believes that retention of communications data under the Anti-Terrorism Crime and Security Act is crucial in the fight against terrorism.

"The code of practice being placed before Parliament produces a balance between what is required to combat terrorism and what is reasonable to ask industry to deliver," she added.

The view aired during the public consultation make it clear that the proposed voluntary ATCS scheme has no hope of acceptance. Civil liberties campaigners have expressed disappointment that promised safeguards had not been included in the regulations.

Simon Davies, director of Privacy International, said the Government had "betrayed the consultation process".

Ian Brown, of FIPR, said since the ATCS was only passed as emergency legislation, the Government should return to Parliament to allow a fuller debate on data retention. As things stands, the controversial rules are set to be imposed on an unwilling ISP community by executive order.

Phil Zimmermann, of PGP fame, described data retention as a threat to civil liberties. He fears that data retention measures might be imposed in US service providers, in parallel with those being contemplated in the UK, via "Patriot Act II", the Bush Administration's next version of anti-terrorism legislation. ®

SANS - Survey on application security programs

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
Number crunching suggests Yahoo! US is worth less than nothing
China and Japan holdings worth more than entire company
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.