UK Government will store all phone, Internet traffic data
(Dieser Artikel ist auch in deutscher Sprache verfügbar)
An announcement on 19 May 2008 by the UK government may herald the next step in governmental attempts to grab hold of traffic data. Despite the strongly negative reactions against the EU data retention directive, which governments must transpose into national law by 15 March 2009, the UK government (which has been a key driver of data retention) now demands even more.
Gordon Brown wants all traffic data - itemised phone bills, mobile phone records and Internet traffic logs - to be collected and stored in a central government database. The plan, which appeared in Monday's Times, has been criticised by the opposition as `more of a threat to our security than a support' while the privacy regulator said that `We are not aware of any justification for the State to hold every UK citizen's phone and internet records' and opined that the proposal `may well be a step too far'.
The UK Regulation of Investigatory Powers Act already enables public officials to obtain traffic data from service providers, and has come in for recent criticism as the scope of its use has become clear. When it was passed in 2000, only nine organisations were allowed to use it but that number has risen to 792. For example, a local council has used it to check whether a child lived within a school's catchment area.
In private briefings to ISP and telco staff, government officials have said they want to trace criminals' contact networks faster and more cheaply, and having all traffic data on one database will be much more convenient than having to make repeated enquiries of multiple phone companies, ISPs and other service providers. They also want to make global enquiries such as `show me everyone in the UK who sent emails at 21:07, 21:22 and 21:55 last Tuesday'. The ISPs for their part have complained that harvesting large quantities of data that they do not at present keep for business purposes will require massively expensive network re-engineering. There are also serious doubts about the UK government's ability to build a system capable enough to cope with billions of emails, texts and phone messages, given its long history of failed software projects.
One argument behind the data retention directive was that a purely national system of data retention could not be very effective, as ISPs would simply move their operations to other Member States to save the cost of compliance. It remains to be seen whether the same arguments will once again be used to argue for centralised data retention on a European scale. It is also quite unclear whether a government database of all citizens' phone and Internet records is consistent with European law.
`Big Brother' database for phones and e-mails (20.05.2008)
Anti-terror law used to snoop on fishermen (14.05.2008)
Government orders data retention by ISPs (15.05.2008)
EDRI gram: Data retention for one year for UK telecom companies (1.08.2007)
(Contribution by Ross Anderson - EDRi-member FIPR -UK)