The United Nations (UN) has acknowledged the benefits of data retention when it comes to combating online terrorism, and sided with law-enforcement agencies that are pushing for greater powers.
In a report issued by the United Nations Office on Drugs and Crime (UNODC), titled The use of the internet for terrorist purposes (PDF), UNODC highlighted the way in which the internet is increasing the gap between terrorists and prosecutors.
"Potential terrorists use advanced communications technology, often involving the internet to reach a worldwide audience with relative anonymity and at a low cost. Just as internet use among regular, lawful citizens has increased in the past few years, terrorist organisations also make extensive use of this indispensable global network for many different purposes," UNODC executive director Yury Fedotov said at the launch of the report.
The report itself sides with law enforcement when it comes to data retention, highlighting the benefits of retaining data, and how it has helped solve otherwise cold cases.
"Some European Union member states have indicated that data-retention records are the sole means of investigating certain crimes involving communication over the internet, such as chat-room postings, which are traceable only through internet traffic data," the report said.
But the UNODC also mentioned the merits of data retention in protecting the innocent, stating that the same member states "have also reported using data retained by service providers to clear persons suspected of crimes without having to resort to other, more intrusive, methods of surveillance, such as interception and house searches."
In order to establish a data-retention scheme, however, UNODC stressed the importance of cooperation with the private sector. It acknowledged that this cooperation is a significant challenge, due to a lack of communication between law-enforcement organisations and service providers and the need for privacy, but believes that these problems could be solved with further talks.
"Creating a forum for formal and informal dialogue between counterparts from the public and private sectors could significantly allay such concerns. In addition to the opportunities provided through regular meetings among the partners involved, activities such as joint training programs could also assist in breaking down communication barriers and further enhancing trust between participating partnership members."
In its conclusions, UNODC stated that although some internet service providers (ISPs) are already retaining certain data as required by local laws, there is no international agreement on what data should be retained or the retention period — issues that are currently still being debated in many countries,.
To respond to this issue, UNODC said that a universally agreed regulatory framework to impose consistent obligations on all ISPs would be of significant benefit to law-enforcement and intelligence agencies.
"In the absence of a universally agreed framework for data retention by ISPs, authorities should identify, at the earliest possible stage, whether ISP data relevant to an investigation exists and where it is located, and initiate steps at the earliest possible time to preserve it for possible use as evidence."
In addition, UNODC recommended that authorities establish informal relationships or understandings with ISPs, both locally and overseas, to help them with their investigations. Failing that, authorities should at least work with foreign intelligence counterparts to attain retained data through their relationships.