Government looks to ISPs as it cuts comms database plan

The government is set to require all telcos to record data between communications mobile phones, text message, emails and instant messages, as well as internet browsing sessions to social networking sites such as Facebook.

The details of the Intercept Modernisation Programme were laid out in a consultation document released today. The government will be accepting advice on the plans until July 2009.

Any firm considered a communications service provider (CSP) such as internet service providers (ISPS) and mobile operators would be required to hold onto such data in case the government needed it, for anti-terror or policing reasons, for example.

Such CSPs will also be required to collect data from services that are based overseas but use UK networks.

A document from the Home Office stressed the data held would include who, when, where and how communications connections were made but not the content. For example, the information held on an email would include who sent it, to whom they sent it, and when it was sent, but the content of the email would not be stored.

The Home Office said that the data would not be stored in one place, contrary to previous plans that were slated by the IT industry because of the complexity of such a database - not to mention the cost, which some have put at 12 billion for the project. Instead, service providers would be expected to process and hold the data at the ready in case the government requires it.

Government necessity?

Jacqui Smith, the Home Secretary, said in a statement: "My key priority is to protect the citizens of the UK and communications data is an essential tool for law enforcement agencies to track murderers and paedophiles, save lives and tackle crime."

She added: "Advances in communications mean that there are ever more sophisticated ways to communicate and we need to ensure that we keep up with the technology being used by those who would seek to do us harm." Indeed, Smith said she ranked security concerns above privacy. "We recognise that there is a delicate balance between privacy and security, but to do nothing is not an option as we would be failing in our duty to protect the public," she said.

Her views were echoed by Sir Stephen Lander, the chair of the Serious Organised Crime Agency (Soca). "Communications data and intercept intelligence are essential tools in 95 per cent of the most serious crime investigations in the UK," he said.

Criticism for the plans

The plans have frequently met with opposition over the past several months, including from the Information Commissioner, who has previously called the plans "a step too far for the British way of life."

Guy Herbert, general secretary of NO2ID, said: "Just a week after the Home Secretary announced a public consultation on some trivial trimming of local authority surveillance, we have this: a proposal for powers more intrusive than any police state in history."

"Ministers are making a distinction between content and communications data into sound-bite of the year. But it is spurious. Officials from dozens of departments and quangos could know what you read online, and who all your friends are, who you emailed, when, and where you were when you did so - all without a warrant. Tracking your your every move is more efficiently creepy than reading your letters."

From an industry standpoint, the plans have been critised for the potential cost to communications firms. The Internet Services Providers' Association (ISPA) said that it hopes the government will reimburse service providers for the added costs.

"ISPA advocates a proportionate approach to data retention. To ensure that any updated law enforcement requirements do not place extra financial burdens on internet service providers, ISPA stresses the importance of cost recovery," said ISPA general secretary Nicholas Lansman, in a statement.

Click here to read everything you need to know about the government's ID card plans.

Click below for more IT PRO privacy stories:

Google's privacy and copyright challengePhorm spurs EU privacy action against UK ICO: Google Street View doesn't breach privacyShould we be worried about Google Street View?Facebook put to the vote: Do users stand a chance?