Uncertain privacy laws add to telcos' cost

As privacy laws around the world start firming up, the extent of obligation required by Internet Service Providers and telcos in investigations has become increasingly debatable.

SINGAPORE--Internet Service Providers (ISPs) and telcos have been dragged into the growing privacy debate on how much they should collaborate with law enforcers, which could potentially lead to higher monetary and efficiency costs and reputation damages.

According to Pauline Reich, law professor at Waseda University and founder-director of Asia-Pacific Cyberlaw, Cybercrime and Internet Security Research Institute Japan, ISPs have become increasingly implicated in a complex situation as differing laws arise across different jurisdictions.

A key development was marked in May when the Council of Europe , whose legislation model often helps set a benchmark for others to follow, requested that ISPs cooperate with law enforcements to hand over data of individuals for investigation purposes on a voluntary basis, she explained at the Cybersecurity and Cyberterrorism Conference here on Friday.

Different countries started interpreting the legislation differently, giving rise to uncertain privacy laws, she noted. While Japan has strong privacy laws, and countries such as India and China monitor traffic strictly, the United States has a "mixed bag" of privacy protection and unclear constitutional protection, she noted.

For instance, the U.S.'s 4th amendment protects users against unreasonable searches but it is not clearly defined in the online space, as such may not apply in all situations. For example, it does not specify what online content is considered private.

She compared e-mail to snail mail, where an envelope would distinguish contents sealed to be private, but in the case of an electronic message, it has yet to be clearly defined.

Reich pointed out that even within the U.S., the different courts do not agree on how much privacy individuals should be entitled to during police investigations.

Countries are still "navigating the complicated privacy debate" and trying to find the appropriate legislations, and nothing is fixed on whether ISPs should hand data over with or without a warrant or if they are accountable to users' privacy, she noted.

Burden of added costs for telcos
This could potentially lead to greater costs for ISPs and telcos, Reich told ZDNet Asia at the sidelines of the event. The extent of the reactions however differs from country to country due to the different legislations, she maintained.

There could be monetary costs from litigations and lawsuits which could last for very long, she explained, citing till today since the case was reported in 2009, there are pending lawsuits in the U.S. for its National Security Agency (NSA) wire tapping telephones without warrants.

The ISPs and telcos would also have to retrieve, search for and download the required data through e-mails, Internet history, and this could cost not just money but time and efficiency, she added, noting that they may even have to employ new workers or deploy technology to perform this task.

The general public may also start to trust their ISPs or telcos less if they are aware of the fact that their data may potentially be given to law enforcers, which could lead to the reputation of these companies being affected, Reich noted.

It is not likely, however that the number of telco subscribers will decline because the dependency on technological communication channels such as e-mails, Internet and mobile phone lines will ensure continued usage, Reich said.

People will start using these communication channels with caution such as refraining from typing lengthy e-mails since they realize there is possible surveillance on their data, she added. "Until the Internet and network is what they think it should be, they will be less comfortable with the freedom they are getting," she said.

Show Comments