Industry outraged by 'impossible' snooping proposals

ISPs and technical experts have condemned proposals by law enforcement agencies which would force all communications companies to store details of every email, phone and internet transaction they handle for seven years.

ISPs and industry analysts say the proposal - from the National Criminal Intelligence Service (NCIS) - is a non-starter that will place an unreasonable and potentially impossible burden on telcos and ISPs. In August, NCIS submitted a proposal to the Home Office asking for clarity in the law on retaining details of communications data. Law enforcement officials would like the ability to look back at an individual's history of emails and phone calls. The Regulation of Investigatory Powers (RIP) Act only allows for monitoring of present communications, and does not include provisions for holding data about phone and email behaviour for any amount of time. But industry has branded the database idea as unaffordable, unsearchable and unworkable. According to Oftel, there is currently no regulatory requirement for telecoms firms to hold on to phone records, although telcos do so for billing purposes as long as the information is held in accordance with data protection laws. ISPs, though, do not routinely hold that information, as billing is not tied to the destination or origin of a specific email. Many email services - such as Hotmail - do not hold and do not verify customer information. Shaun Fensom, CEO of UK ISP Poptel, was unimpressed with further requests from law enforcement in the wake of the RIP Act. "This is yet another burden on ISPs, quite aside from the civil liberties issue. This would require a great deal of effort at a very high cost. It's not a technical impossibility, but it does seem absurd. When our customers make a point of their concerns to us, we will pass those concerns on to government." Dick Emery, the group ecommerce manager at ICL, claims it's technically impossible to make the idea a reality. "There can't be a central database, because that means that for every email sent or phone call made, there would have to be another communication to send that information to the database. Traffic would double overnight. So you need a distributed database. Then you have the problem of who is authorised to access it and then you have security problems." Emery added that industry wants to cooperate with law enforcement, but that the proposed solution is not proportionate to the problem. NCIS says this is just a proposal and it expects debate on it. "What we're proposing is not something that contravenes existing legislation," a spokeswoman said. However, for the proposal to be adopted, it is likely new legislation would need to be passed by Parliament.