ISPs blast police ignorance

Police accused of incompetence at House of Lords forum

ISPs accused police investigators of making ridiculous and potentially illegal requests for information on customers Tuesday, despite the director of NCIS stating that he doesn't wish to see intrusive Internet surveillance.

At the fifth annual Parliamentary ISPA (Internet Service Providers' Association) forum in the House of Lords, Rachel Basger, regulatory manager at World Online says that, when requesting information on suspects, police have often been clueless about what information an ISP holds and what authority is needed to obtain confidential data.

"I don't know whether I got the short straw but I got a really stupid request," she says of one officer who asked her to locate an email address from the postcode of someone who was not actually a customer. Basger says she is concerned that the officer asked her to hand over information without the proper authorisation and worries that it is not an isolated incident. "It sounds like it is more widespread," she says.

Mark Gracey, legal liaison manager for Thus, the telco which owns Demon Internet, says he has also received impractical requests. "We want to help, but need to think about our customers rights and our business," he says.

Storing records of customer emails and browsing looks set to become the next area of contention for the government's cybersurveillance plans. The Regulation of Investigatory Powers Act (RIPA) will give police access to Internet communications although details of how ISPs will be asked to store or hand over this information remains to be resolved.

Despite proposing that law enforcers should be allowed to store all UK email and browsing traffic data for up to seven years, director of the National Criminal Intelligence Service (NCIS) Roger Gaspar said Tuesday he doesn't wish to see law enforcers spying freely on UK Internet browsing.

Gaspar authored a confidential report, which was recently leaked to a Sunday newspaper outlining proposals to store Internet and communications traffic, including email and phone calls, for up to seven years, for criminal investigations. The proposals sparked fears that law enforcers might build profiles of Internet users by trawling through records of Internet browsing.

"We have no intention of doing that," said Gaspar when challenged on the issue at the meeting.

Gaspar, however, said that only three years storage could be justified on the grounds of carrying out an investigation and said the figure of seven years had been based on the needs of the Criminal Cases Review Commission, which investigates suspected miscarriages of justice.

Nevertheless, Gaspar defended the need to store information such as email and traffic logs. He said that this information was vital for carrying out high-tech investigations and policing in the information age. He also questioned whether the plans had caused much public concern. "I don't believe it is sensational," he says. "Nothing has come through NCIS. I don't believe the Home Office has had much correspondence either."

Caspar Bowden, director of government thinktank the Foundation for Information Policy Research (FIPR) calls for NCIS to release its plans to the public and allow feedback. "It seems hypocritical of NCIS to call for a public 'debate' when the document only surfaced as the result of a leak," he says.

Tony Snape, a representative from the UK Internet Service Providers Association said that the industry is unanimous in its opposition to the mandatory retention of bulk data, because of the cost of implementation. Snape said that many ISPs may migrate their servers to the US or elsewhere in Europe if mandatory retention of data is enforced.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the ZDNet News forum.

Let the editors know what you think in the Mailroom. And read what others have said.