Argh! Our beloved leaders have just started a consultation on making it mandatory for internet service providers to keep email and web logs for a year and deliver them to local councils and police on request. Large ISPs have already been doing this, in order to make friendly-friendly with gov.uk, (do their customers know they are being watched?) but requiring it of all ISPs might put some small user co-operative hosting services out of business because it will drive up costs (need more disk to store that data and staff time to distribute it on request). Not what I expected from a Labour and Co-operative Party government.
Fortunately, the Lib Dems and Tories are speaking sense like this:-
“Ministers have proven time and time again that they are not to be trusted with sensitive data, but they seem intent on pressing ahead with this snoopers’ charter. ” (Source: BBC)
However, I’m pretty sure when the EU-level parts of this were being discussed, the Lib Dems and the Tories agreed with it. Something I’ll ask Neil Parish MEP when asking him about the progress of the promised reply to my three strikes by the backdoor questions. You can see why I’m sceptical about the “but it doesn’t mean what it appears to say” assurances, can’t you? They were worthless last time, and the time before that, and the time before that (yes, I’ve been doing this so long that I supported ST@ND).
The consultation closes after this year’s Parliament and the Internet conference, which could also be an interesting place to ask questions about it. And it’s another consultation I should ask the Phone Co-op (aff) about.
Please reply to the consultation and give a loud “NO” – if you have particularly good reasons, please let me know in a comment. I’ve no argument against policing, but a year’s logs? Local councils? There are too many holes in this to let it pass unchallenged. Thanks.
Much as I would like to, I fear the consultation doesn’t have the power to answer “no” – the draft instrument is more or less a line for line copy of the EU directive, which is passing into force.
I suspect the battle on this was lost at an EU level back in 2006. We can do things like request retention for 6 months instead of 12, but that’s kind of rearranging the deckchairs.
So are the opposition parties just grandstanding, making these statements? Weren’t they complicit in getting the related EU directive through?
6 months instead of 12 would reduce costs (not by 50% though). How low are we allowed to go?
From what I read, 6 months is the absolute minimum, 24 months the maximum. The draft legislation says 12 months, but gives the Secretary of State power to vary it in that range, which is pretty standard. As you say, halving it doesn’t really help massively.
Are the opposition grandstanding? I don’t know: surely they understand the wiggle room we have (i.e.: not much), and according to The Web the Tories voted in favour of the legislation which brought into force the voluntary retention system:
http://www.publicwhip.org.uk/division.php?date=2001-11-19&number=65
Granted, voluntary != mandatory, but their complaints about data security would still seem to apply. Perhaps with hindsight they would vote on such a bill differently now, but I would suspect not.
The Lib Dems do seem anti- this kind of thing, but that really seems to be a moot point :S
It would be interesting to know how often local authorities are using these powers to request the information from ISPs. Maybe an FoI request in several different localities would enable us to find out?
What is the definition of a “Public Communications Provider” as the article referred to “regulation 2” and I must have missed the reference there.
Seems to me the government are offering to pay for log storage — whilst it is intrusive I can see some ISPs liking this. Although the government seems to have budgeted only a few tens of millions – surely some mistake here.
I also fail to see how communications records will exonerate someone. All they can show is someone communicated with someone else, they can’t show that two people didn’t communicate. And why is the Post Office exempt – damn sneaky terrorists might revert to using the Royal Mail (or whatever they are called this week).
@Dave – I’m up for FoI action – how about others? Best do it soon, if we want to include it in a response. Shall I post a new article?
@Simon – I think these boil down to the terms defined in Communications Act 2003 s 151 http://www.statutelaw.gov.uk/ as follows:-
“public communications provider” means—
(a) a provider of a public electronic communications network;
(b) a provider of a public electronic communications service; or
(c) a person who makes available facilities that are associated facilities by reference to a public electronic communications network or a public electronic communications service;
“public electronic communications network” means an electronic communications network provided wholly or mainly for the purpose of making electronic communications services available to members of the public;
“public electronic communications service” means any electronic communications service that is provided so as to be available for use by members of the public;
which then recurses to s.32 and covers pretty much any electronic communications used by ordinary people, as far as I can tell.
There’s an update on this in the latest EDRI-Gram http://www.edri.org/edrigram/number6.16/uk-data-retention
[…] I’m telling people Gov.UK Consults on Forced ISP Snooping: Please Say NO. If anyone has any doubt that the database state will be abused, look at some examples of […]