The government has launched a consultation on UK privacy and interception law, after being referred to the European Court of Justice over its response to behavioural advertising tests.
The Home Office consultation, launched on Wednesday, seeks to clarify the Regulation of Investigatory Powers Act (Ripa) so that people must give explicit consent for companies to intercept communications.
The move comes in response to the European Commission referring the government to the European Court of Justice over inadequate implementation of European data protection law. The case originally stemmed from complaints over secret BT tests of behavioural advertising service Phorm.
The Home Office recognised that UK data protection laws such as Ripa do not adequately transpose European data laws, including the Data Protection Directive and the E-Privacy Directive.
One of the problems lies in Ripa saying that interception of communications is permissible if the organisation performing the interception has "reasonable grounds for believing" that consent has been given. European laws states that consent must be "freely given, specific and informed".
"The current provisions do not provide the required clarity," said the consultation document. "This is because 'reasonable grounds for believing' is open to different interpretations."
In addition, although intentional interception without consent is unlawful for communications service providers (CSPs), unintentional interception without consent is not adequately covered by UK law, said the document.
The government proposed two options for interception without consent: the imposition of a criminal penalty, or a civil penalty. The criminal sanction would carry a maximum fine of £10,000 for interception without consent, unless carried out by police. The civil penalty should also carry a maximum fine of £10,000, and be overseen by the Interception of Communications Commissioner, said the Home Office.
A spokesman for the Internet Service Providers Association (ISPA) said that the industry body was in the process of formulating a response to the Home Office consultation.
The Information Commissioner's Office (ICO), which regulates data protection in the UK, said it too would respond to the consultation. "We will be responding on points where the consultation crosses over into data protection," an ICO spokesman told ZDNet UK on Thursday.
BT caused controversy when it tested Phorm behavioural advertising in two trials in 2006 and 2007 without getting customer consent. "We are aware of the consultation, and will be considering shortly whether we want to contribute," a BT spokeswoman told ZDNet UK.
TalkTalk, which was criticised by the ICO over URL scanning in September, had not responded to a request for comment at the time of writing.