Firms seek standard data traffic storage across EU

The International Chamber of Commerce (ICC) has called on the European Union and its member states to scale down and harmonise...

The International Chamber of Commerce (ICC) has called on the European Union and its member states to scale down and harmonise the rules for businesses storing Internet and e-mail traffic data to help police and intelligence services to fight organised crime and terrorism.

The regulations in each member state diverge widely. For example, Finland requires all Internet service providers to retain subscriber traffic data for two years, while Ireland wants this data kept for four years, so that it can be mined by investigators hunting for terrorist communications.

AT&T's Philippe Wintrebert, who heads ICC work on telecoms and cybercrime, said, "An open dialogue and consultation with industry is critical to ensure that law enforcement authorities get support while at the same time avoiding unnecessary technical and financial burdens on business."

Without this, the ICC said, ISPs operating in the most stringent countries would be shackled by higher costs.

The chamber's call comes as the UK Government continues to consult the computing and Internet industry about the amount of data that should be stored in the UK. Talks started in November 2001, but have been bogged down over the issue of whether traffic data rules should be mandatory, (offering IT managers some safeguard against data protection cases), or voluntary, where there would be a greater risk.

A spokesman for the Home Office said the Government was aware of the problems. "This is a critical part of the war against terrorism, but there are concerns that have been raised by communication companies and we are working with them to address these," he said.

Maria Farrell, ICC policy assistant, told Computer Weekly that the investment costs to small firms of gold-plated data retention plans such as those in Ireland would be immense. "It would cause them to go under," she warned.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.