Feeds

UK.gov plans central database for all your communications

Brown team plots Ripa redux?

Next gen security for virtualised datacentres

The Brown government is considering a central database of all UK communications data including times and durations of phone calls, emails and internet access for every British citizen.

The draft bill is still being considered by ministers and a Home Office spokeswoman told us no decision had yet been reached.

The spokeswoman told The Register: "Ministers have made no decision on whether a central database will be included in that draft bill." She refused to compare the proposed legislation to Ripa, as it is still only a proposal.

Under the Regulation of Investigatory Powers Act passed in 2000 and the Anti-Terrorism Crime and Security Act 2001, companies like telcos and internet service providers already have to keep this information in case it is needed by a police or security service investigation.

It appears what is different now is that this information will be actively collected and stored in one place by the government. Reports on the proposals suggest authorities will still need to go to the courts to gain access to the database. However, such a massive amount of data will be ripe for speculative data-mining and fishing techniques, rather than more targeted searches.

More to the point, given this government's gross incompetence in safeguarding any of our data, having all our comms info in one place has to be a major concern.

Under Ripa police or other authorities like local councils can approach service providers and demand access to anyone's communications data.

The Assistant Information Commissioner, Jonathan Bamford, said: "If the intention is to bring all mobile and internet records together under one system, this would give us serious concerns and may well be a step too far. We are not aware of any justification for the state to hold every UK citizen's phone and internet records. We have real doubts that such a measure can be justified, or is proportionate or desirable...

"We have warned before that we are sleepwalking into a surveillance society. Holding large collections of data is always risky; the more data that is collected and stored the bigger the problem when the data is lost, traded or stolen... If there is a problem with the current arrangements, we stand ready to advise on how they can be improved."

The government is blaming Europe for the changes. The European Data Retention Directive seeks to ensure that investigators have access to this information, as they do under existing UK law, but does not call for centralised, government-run databases.

The directive was issued in response to the terrorist attacks in London in 2005. It applies only to information around communication - the time and duration of your chat, not its actual content. It aims to harmonise regulations so that data is stored for "not less than six months and not more than two years from the date of the communication".

The proposed bill also ignores at least two actual problems which law enforcement struggles to deal with. Unregistered mobile phones and VoIP services like Skype mean that the proposed law will catch only the densest of criminals.

Paul Vlissidis, technical director of NCC Group, said: "My first thought was "this is the start of the silly season" - essentially all the information they are talking about is already retained. If they are talking about a central, additional database then by definition that adds more risk. It would need best-in-class security and we haven't seen much evidence of that from government IT in recent months."®

The essential guide to IT transformation

More from The Register

next story
GCHQ protesters stick it to British spooks ... by drinking urine
Activists told NOT to snap pics of staff at the concrete doughnut
Britain's housing crisis: What are we going to do about it?
Rent control: Better than bombs at destroying housing
What do you mean, I have to POST a PHYSICAL CHEQUE to get my gun licence?
Stop bitching about firearms fees - we need computerisation
Top beak: UK privacy law may be reconsidered because of social media
Rise of Twitter etc creates 'enormous challenges'
Redmond resists order to hand over overseas email
Court wanted peek as related to US investigation
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
We need less U.S. in our WWW – Euro digital chief Steelie Neelie
EC moves to shift status quo at Internet Governance Forum
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?