Are our civil liberties now under attack?

UK campaigners claim the Government has reacted to the terrorist attacks of last September with an unprecedented attack on civil...

UK campaigners claim the Government has reacted to the terrorist attacks of last September with an unprecedented attack on civil liberties.

Soon after the attacks, the Government sent a request under the Data Protection Act to all UK-based Internet service providers and telecommunications companies asking them to retain all communications traffic data for a month.

The request was extended in part through the Anti-terrorism, Crime and Security Act passed last December, which the Government has sought several times to make permanent and compulsory.

These requests, which are not legally binding, sought to track the path and locations of data traffic. However, the Regulation of Investigatory Powers Act (RIPA), which was passed in July 2000, could be used to look deeper into the content of communications traffic data.

RIPA, which is still in the process of being implemented, requires ISPs in the UK to track all data traffic passing through their computers and to route it to the Government Technical Assistance Centre at MI5.

Under the provisions of RIPA, the Home Secretary can demand encryption keys to any and all data communications, with a prison sentence of two years for those who do not comply with the order.

The European Union is now considering proposals that include the retention of all communication information for a year.

The US government would not get away with similar proposals, said Ian Brown, spokesman for the Foundation for Information Policy Research in London.

"In the US, all they can do is gain access to the information that ISPs keep for a few weeks for doing their billing. The government can't tell them to keep all that information. They wouldn't get away with it if they tried - there would be outrage. But here it was just pushed through."

However, the actions of UK politicians have provoked a reaction from the public and some IT and telecoms professionals.

Public outcry last June forced the Government to back down on proposed legislation that would extend the powers of RIPA by giving access to confidential online information to seven Whitehall departments, every local authority in the country and all of the NHS agencies in Scotland and Northern Ireland.

That idea has not been dropped, but the Government has backed off for now.

The Government insists the events of 11 September were not the reason for the new legislation. "RIPA is about access to data, not about data retention, and wasn't in any way, shape or form in reaction to 11 September," a Home Office spokeswoman said.

"Not all parts of RIPA have been enacted yet and the consultation about extending access to additional government departments will be brought before Parliament again, though at this point we have no idea when that may be," she added.

"They've pulled back, but it's only temporary," said Roger Bingham, spokesman for civil rights group Liberty.

The retention of data by UK ISPs is still done on a voluntary basis and the Government has promised not to consider legislation to make it compulsory until there has been a "lengthy consultation period with industry", according to the Home Office.

Read more on IT risk management