Out-Law / Your Daily Need-To-Know

Out-Law News 2 min. read

Home Office denies plans for compulsory data retention


Measures announced on Monday by UK Home Secretary David Blunkett that would enable the retention of data by ISPs are causing confusion as to the nature of the Government’s intentions.

A Home Office spokesperson today told OUT-LAW.COM that there are no current plans for the Bill containing these measures to make data retention compulsory, contradicting an article which appears in today's Financial Times.

Mr Blunkett’s speech to the House of Commons described enabling ISPs to retain communications data as part of a new Emergency Anti-Terrorist Bill. He also referred to an accompanying Code of Practice, but did not clarify what he meant by “enabling” data retention. Accordingly, his speech left it unclear if the retention would be compulsory and, if so, for how long.

The Financial Times today reports that the Home Office claimed that businesses will be forced to retain data for 12 months. However, a Home Office spokesperson today told OUT-LAW.COM that the Government is consulting with industry, law enforcement and civil liberties groups with a view to preparing the Code, which may contain a “recommendation” that communications service providers retain communications data for a period of 12 months, adding that “there are no current plans to make data retention compulsory.”

According to the spokesperson, it is unlikely that the Code will be enforceable. Instead, the Government is likely to wait for the outcome of a draft EU Communications Directive which, if passed in its present form, would set out the conditions under which Member States could legislate on data retention. The spokesperson said the Government will then consider the need for compulsory data retention in light of the events on 11th September and possibly prepare suitable legislation pursuant to the Directive. The draft Directive is unlikely to be concluded this year since, although it was originally scheduled to be in force by 13th January 2002. The outcome of the Government’s consultation will influence the terms of the Emergency Anti-Terrorist Bill, but, again according to the spokesperson, the Bill is unlikely to make data retention compulsory.

No new legislation is necessary for police and intelligence agencies to collect communications data once it is retained by ISPs and telephone companies. The Regulation of Investigatory Powers Act 2000 allows records to be obtained for broad purposes including tax, health and safety, public order offences and minor crime, although the relevant section is not yet in force. Telecommunications Regulations of 1999 prohibit blanket data retention, but the Regulations also provide that a Minister of the Crown can over-ride the prohibition for National Security purposes.

Caspar Bowden, director of the Foundation for Information Policy Research criticised the plans announced by Mr Blunkett. Mr Bowden commented:

"Sensitive data revealing what you read, where you are, and who you talk to on-line could be collected in the name of national security. But Mr Blunkett intends to allow access to this data for purposes nothing to do with fighting terrorism. Minor crimes, public order and tax offences, attendance at demonstrations, even 'health and safety' will be legitimate reasons to siphon sensitive details of private life into government databases to be retained indefinitely. This would be in flagrant breach of the first and second Data Protection Principles."

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.