The International Chamber of Commerce (ICC) has called on the
European Union and its member states to scale down and harmonise
the rules for businesses storing Internet and e-mail traffic data
to help police and intelligence services to fight organised crime
and terrorism.
The regulations in each member state diverge widely. For example,
Finland requires all Internet service providers to retain
subscriber traffic data for two years, while Ireland wants this
data kept for four years, so that it can be mined by investigators
hunting for terrorist communications.
AT&T's Philippe Wintrebert, who heads ICC work on telecoms and
cybercrime, said, "An open dialogue and consultation with industry
is critical to ensure that law enforcement authorities get support
while at the same time avoiding unnecessary technical and financial
burdens on business."
Without this, the ICC said, ISPs operating in the most stringent
countries would be shackled by higher costs.
The chamber's call comes as the UK Government continues to consult
the computing and Internet industry about the amount of data that
should be stored in the UK. Talks started in November 2001, but
have been bogged down over the issue of whether traffic data rules
should be mandatory, (offering IT managers some safeguard against
data protection cases), or voluntary, where there would be a
greater risk.
A spokesman for the Home Office said the Government was aware of
the problems. "This is a critical part of the war against
terrorism, but there are concerns that have been raised by
communication companies and we are working with them to address
these," he said.
Maria Farrell, ICC policy assistant, told Computer Weekly that the
investment costs to small firms of gold-plated data retention plans
such as those in Ireland would be immense. "It would cause them to
go under," she warned.