UK wholesale ISP Entanet has branded the government's internet data retention plans as "pointless" and criticised the lack of clarity for ISPs over the scheme.
Entanet, which delivers data connectivity, IP telephony and telecoms services through resellers, said that the government's £2bn scheme would fail to deliver on its snooping goals as cybercriminals will simply find ways around being tracked.
"It is our belief this whole Bill is pointless. The true criminals will simply circumnavigate such surveillance by using VPNs and proxy servers," Neil Watson, head of service operations at Entanet, wrote in a blog post on Wednesday. "Why would they incriminate themselves when they know they're being monitored? Instead it will be the innocent general public that will take the brunt."
At present, technical implementation of the plans has not been revealed — only that ISPs will be responsible for maintaining a "local log" of online activity, Watson said, adding that clarification over who will be responsible for paying for the extra measures has not been communicated by the government.
"In our view it should not be funded by ISPs in any way," he said.
This is not the first time that the extension of interception powers has left ISPs in the dark over the details. In February, an ISPA spokesman told ZDNet UK that ISPs had not been consulted over the government's plans to intercept Twitter.
It is our belief this whole Bill is pointless. The true criminals will simply circumnavigate such surveillance by using VPNs and proxy servers.– Neil Watson, Entanet
Watson also said that removing the need for a warrant to access people's internet activity should be considered a breach of privacy rights. A warrant will still be required to read the contents of emails, however.
"Without the use of warrants to view this sensitive information, it's going to be wide open to abuse," Watson said.
The plans, which are a part of the Communications Capabilities Development Programme (CCDP), will extend the reach of Regulation of Investigatory Powers Act 2000 (RIPA) to force ISPs to provide real-time access to a subscribers' web address history, including social-networking sites, online game sessions, and VoIP services.
The EU Data Retention Directive and RIPA's current powers mean that ISPs must keep subscribers' web and email access information, such as time, date and IP addresses of sender and receiver for 12 months. Currently, the information is only accessible via an interception warrant.