Feeds

Government orders data retention by ISPs

Keep it for 12 months for the plods

Internet Security Threat Report 2014

Phone and internet companies will soon be forced to keep logs of internet usage to be made available to the police under a new law announced by Prime Minister Gordon Brown this week.

The law, the Communications Data Bill, will implement the remainder of the European Union's Data Retention Directive.

Last October the Government enacted regulations which said that telcos must keep records of phone calls to and from land lines and mobile telephones. That requirement will be extended to records of customers' internet usage, email usage and voice over internet protocol (VoIP) records.

“The aim of the [Directive] is to ensure that certain data is retained to enable public authorities to undertake their lawful activities to investigate, detect and prosecute crime and to protect the public," said a Home Office spokeswoman.

“The first part of the [Directive] was transposed into UK law in October 2007 but the Government made a declaration … to postpone its application to the retention of communications data relating to internet access, internet telephony and internet email until 2009. So the measures referred to in the Communications Data Bill will complete the transposition of the Directive for IP [internet protocol] communications data," said the Home Office spokeswoman.

The Bill is likely to follow the lead of last year's Data Retention (EC Directive) Regulations in ordering providers to keep the data for 12 months.

Law enforcement agencies can gain access to such data with a court-ordered warrant. Though providers almost uniformly keep the information for such periods to resolve any future billing disputes, the laws will ensure that they do so.

The laws order the retention of who called whom, when and for how long but not the content of phone calls. The internet log retention orders will also mandate the keeping of information on a user's activity but not the content of any communications.

A telecoms business lobby group told OUT-LAW.COM at the passing of the Regulations last year that the orders would have little impact on the industry.

"The reality is that nothing much has changed. The new legislation will make little practical difference as most telecoms providers keep certain information for billing purposes and customer records," said Michael Eagle of the Federation of Communications Services. "That information would be enough to meet the requirements of law enforcement agencies. There is no need to keep more data that you are ever likely to be asked for."

The Home Office would not release details of the Bill and how it would work. A statement, though, said: "the purpose of the Bill is to allow communications data capabilities for the prevention and detection of crime and protection of national security to keep up with changing technology through providing for the collection and retention of such data".

"Unless the legislation is updated to reflect these changes, the ability of public authorities to carry out their crime prevention and public safety duties and to counter these threats will be undermined," it said.

The European Commission had put a deadline of 15 March 2009 for the transposition into law of the whole Directive.

Copyright © 2008, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
BT said to have pulled patent-infringing boxes from DSL network
Take your license demand and stick it in your ASSIA
Right to be forgotten should apply to Google.com too: EU
And hey - no need to tell the website you've de-listed. That'll make it easier ...
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Managing SSL certificates with ease
The lack of operational efficiencies and compliance pitfalls associated with poor SSL certificate management, and how the right SSL certificate management tool can help.