Feeds

UK.gov to tap BT as data harvester

Small ISP customers to be monitored upstream

Secure remote control for conventional and virtual desktops

The government will call on BT and other big communications firms to monitor small ISPs' customers and keep private information on them under European data retention rules, the Home Office has revealed.

Officals fear the cost of paying every small ISP to retain every customers' communications data. Instead, they will fund BT and other bandwidth wholesalers to gather the data from their networks.

The proposed arrangements emerged last week as the Home Office published draft laws transposing the European Union Data Retention Directive (EUDRD). "A communications provider is only obliged to retain communications data under these regulations after they have received a formal notice to do so from the Secretary of State," the draft laws say.

"The Secretary of State must give a written notice... unless the communications data concerned are retained in the United Kingdom in accordance with these Regulations by another public communications provider."

A Home Office spokeswoman confirmed the laws mean higher tier providers, including BT, will be called on to act as the government's collectors, pooling pivate communications data from dozens of small reseller networks.

BT said it was examining the draft legislation and declined to comment.

The arrangement is the Home Office's solution to its dilemma of having to comply with EU law, while not wishing to fund every ISP's data retention system. At an industry meeting last year officials were unable to provide clear guidance on what small operations would be required to do once the EUDRD became UK law.

The directive, which the UK government pressed for in the wake of the 2005 London bombings, requires every ISP to retain IP addresses and session data* for a minimum of six months. The UK's draft laws set a minimum of 12 months.

Taxpayers have paid £19m in the last four years for voice communications providers to retain data on who calls whom. The Home Office estimates that retention by ISPs will cost a further £43m.

Separately this week, a legal callenge against the directive by small countries including Ireland was rejected by the European Court of Justice.

The EUDRD had been scheduled to be transposed as part of a broader Communications Data Bill, but was spun out as a stand alone statutory instrument in order to meet a March deadline.

The internet industry now awaits news of the other part of the Communications Data Bill, as it was originally envisaged. Intelligence chiefs want a vast central government database to pool retained data, and "maintain capability" to monitor communications, costing many billions.

A consultation on the plans, being developed in Whitehall as the "Interception Modernisation Programme", was scheduled to be published in January, but has so far failed to appear. A Home Office statement said: "The consultation is due to commence early this year, but a final date for the launch has still to be confirmed". ®

*Full details of the internet communications data to be retained under the UK implementation of the EUDRD are here. Scroll to Part 3.

Beginner's guide to SSL certificates

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
Apple SILENCES Bose, YANKS headphones from stores
The, er, Beats go on after noise-cancelling spat
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.