Feeds

UK.gov to tap BT as data harvester

Small ISP customers to be monitored upstream

Secure remote control for conventional and virtual desktops

The government will call on BT and other big communications firms to monitor small ISPs' customers and keep private information on them under European data retention rules, the Home Office has revealed.

Officals fear the cost of paying every small ISP to retain every customers' communications data. Instead, they will fund BT and other bandwidth wholesalers to gather the data from their networks.

The proposed arrangements emerged last week as the Home Office published draft laws transposing the European Union Data Retention Directive (EUDRD). "A communications provider is only obliged to retain communications data under these regulations after they have received a formal notice to do so from the Secretary of State," the draft laws say.

"The Secretary of State must give a written notice... unless the communications data concerned are retained in the United Kingdom in accordance with these Regulations by another public communications provider."

A Home Office spokeswoman confirmed the laws mean higher tier providers, including BT, will be called on to act as the government's collectors, pooling pivate communications data from dozens of small reseller networks.

BT said it was examining the draft legislation and declined to comment.

The arrangement is the Home Office's solution to its dilemma of having to comply with EU law, while not wishing to fund every ISP's data retention system. At an industry meeting last year officials were unable to provide clear guidance on what small operations would be required to do once the EUDRD became UK law.

The directive, which the UK government pressed for in the wake of the 2005 London bombings, requires every ISP to retain IP addresses and session data* for a minimum of six months. The UK's draft laws set a minimum of 12 months.

Taxpayers have paid £19m in the last four years for voice communications providers to retain data on who calls whom. The Home Office estimates that retention by ISPs will cost a further £43m.

Separately this week, a legal callenge against the directive by small countries including Ireland was rejected by the European Court of Justice.

The EUDRD had been scheduled to be transposed as part of a broader Communications Data Bill, but was spun out as a stand alone statutory instrument in order to meet a March deadline.

The internet industry now awaits news of the other part of the Communications Data Bill, as it was originally envisaged. Intelligence chiefs want a vast central government database to pool retained data, and "maintain capability" to monitor communications, costing many billions.

A consultation on the plans, being developed in Whitehall as the "Interception Modernisation Programme", was scheduled to be published in January, but has so far failed to appear. A Home Office statement said: "The consultation is due to commence early this year, but a final date for the launch has still to be confirmed". ®

*Full details of the internet communications data to be retained under the UK implementation of the EUDRD are here. Scroll to Part 3.

Internet Security Threat Report 2014

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Special pleading against mass surveillance won't help anyone
Protecting journalists alone won't protect their sources
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Apple's iPhone 6 first-day sales are MEANINGLESS, mutters analyst
Big weekend queues only represent fruity firm's supply
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Bill Gates, drugs and the internet: Top 10 Larry Ellison quotes
'I certainly never expected to become rich ... this is surreal'
Big Content Australia just blew a big hole in its credibility
AHEDA's research on average content prices did not expose methodology, so appears less than rigourous
EMC, HP blockbuster 'merger' shocker comes a cropper
Stand down, FTC... you can put your feet up for a bit
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.