Demands that the police and intelligence services should have access to historical records of every telephone call, Internet communication and e-mail sent in the UK, have unleashed a storm of protest from businesses.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The proposals are contained in a confidential paper written by Roger Gaspar, deputy director-general of the National Criminal Intelligence Service (NCIS). They have the backing of the Association of Chief Police Officers, Customs & Excise, and the intelligence services MI5, MI6 and GCHQ.
The paper, which was dated 21 August, rejects self regulation in favour of new laws that would force communications service providers (CSPs) to keep records of calls, faxes, e-mail and Internet traffic for seven years, and to make them available, when needed, to the police and intelligence agencies.
"Legislation should require every CSP to retain all communications data originating or terminating in the UK, or routed through UK networks, including any data that is stored off-shore," Gaspar says.
Failure to provide an adequate legislative framework, he adds, "will result in the early destruction of data and in consequence a serious impact on law enforcement".
But Internet and telecommunications companies claim those demands fly in the face of human rights and data protection laws and could seriously damage the UK's potential for e-commerce. They fear the proposals will encourage businesses to opt for overseas internet providers, or avoid the UK altogether.
The paper calls for the Home Office and the Department of Trade & Industry to work with the communications industry to develop "a statutory framework for the retention of communications data". The paper's claims that a data store will make it easier for people wrongly accused to prove their innocence have been given short shrift by civil liberties campaigners, but other arguments appear more convincing.
Gaspar highlights the Omagh bomb investigation as an example of the need for law enforcement agencies to access historical telephone records. In this case police were able to use mobile phone records to establish the location of suspects at the time of the bombing. Deletion of this sort of data, the report claims, would seriously damage the ability of agencies to investigate acts of terrorism.
Similarly organised terrorist groups, drug traffickers, migrant smugglers, peado-philes, money launderers, race hate groups, and computer hackers are exploiting the Internet to hide their activities. Agencies, the report says, need access to Internet records because they are often the only evidence available of criminal activities.
The paper calls for communications companies to store traffic data for seven years either in-house, outsourced to a trusted third party or delivered to a national government data warehouse. Although the idea of a government communications data warehouse is politically contentious, it probably represents the cheapest solution for the communications industry. NCIS estimates that such a facility could be set up for only £3m with annual running costs of £9m - though some experts suggest these figures are a grossly underestimated.
The proposals come as telecoms and Internet service providers face increasing regulatory and financial pressure to store data for shorter periods. Although some telecoms companies retain records for as long as five years, most retain records for 12 months.
Draft European data protection legislation will add to the pressure by requiring companies to destroy data once it ceases to be of commercial value - generally after three months. Internet service providers routinely delete their records within 24 hours.
NCIS is probably stretching a point with its claim that law enforcement agencies need access to records for seven years. An analysis of police requests for telephone records contained in the report shows that for serious crime, 85% of requests are made within two years. Only a handful of cases require data up to five years old.
Yet even storing five years' worth of data could mean significant extra costs for communications companies. The paper does not make it clear what proportion of the costs would be covered by government and what would fall to the communications companies. What is clear, is that the law enforcement agencies want to pay as little as possible for access to the data. The report notes "while all agencies recognise the commercial sense of charging for special services, some question the moral position of companies charging for subscriber and billing data".
The chances of any of these proposals becoming law so soon after the government's controversial Regulation of Investigatory Powers Act, are slim. But the NCIS paper is a clear indication of where the law enforcement agencies would like to go.
To see the report click www.cryptome.org/ncis-carnivore.htm