In-depth

Spooks, snoopers, and the Communications Data Bill

Inside the Enterprise: Privacy bodies have raised their concerns about the proposed law. But the impact on business also needs further scrutiny.

Governments, in many ways, are in a no-win situation when it comes to security and privacy.

The growth of electronic communications has made it harder and in some cases impossible to track the actions of criminals and terrorists. The days of steaming open envelops or rudimentary taps on phone lines really do seem to belong in the era of John Buchan's 39 Steps, rather than in the world of email, Facebook and BBM.

Law makers and investigators argue that they need new powers, in order to stay ahead of a tide of electronic information. Privacy advocates, though, argue that governments tapping into that information poses a real risk to individuals' rights.

There are particular concerns about the Bill's first clause, which gives the Home Secretary power to order service providers retain any form of electronic communications data. A Parliamentary Joint Committee, which reviewed the Bill, has suggested that the clause should be narrowed, and more restrictions placed on which public sector bodies can demand to see communications data.

The new law meant storing everything that users did on line for 12 months on the off-chance that one of them might turn out to be a criminal.

But even if the scope of the Bill is narrowed, there are still real concerns about the potential costs of implementing the measures, and storing and producing communications data. If internet service providers and online services are forced to store more data for longer, and produce that data for government agencies, there will be costs. Those costs are likely to be passed on to their customers, both businesses and consumers.

"For business generally it would have meant that many more companies would need to set up storage facilities to warehouse vast amounts of data that are not currently being stored," notes Patrick Clark, a partner in the IT, Telecoms and Competition group at law firm Taylor Wessing.

"Operators, ISPs and social networks will be relieved that the CDB does not now look like it will be enacted in its current form," he adds. "The new law essentially meant that they could be required to store historical data of everything that users did on line for 12 months, essentially on the 'off-chance' that one of them might turn out to be a criminal."

Then there is the question of the exact scope of the bill. Access to emails or user logs on social networking sites is one thing; storing traffic from IM services or VoIP calls is quite another. Technology experts have also questioned whether, under the Bill, service providers might be forced to store and then hand over location-based information.

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now

Recommended

Department of Health and Human Services must improve cyber security info sharing
Security

Department of Health and Human Services must improve cyber security info sharing

30 Jun 2021
JEDI contract's future becomes murky after AWS court win
Policy & legislation

JEDI contract's future becomes murky after AWS court win

11 May 2021
Trump's election defeat isn't going to get Huawei back in the UK
Security

Trump's election defeat isn't going to get Huawei back in the UK

17 Nov 2020
TechUK panel slams "woeful" gov response to digital IDs
identity and access management (IAM)

TechUK panel slams "woeful" gov response to digital IDs

4 Sep 2020

Most Popular

UK gov considers blocking Nvidia's takeover of Arm
Acquisition

UK gov considers blocking Nvidia's takeover of Arm

4 Aug 2021
RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Tesla Megapack goes up in flames at Australian battery site
Hardware

Tesla Megapack goes up in flames at Australian battery site

30 Jul 2021