Posted: 16th Jul, 2008 By: MarkJ
UK ISPs will shortly be required to start logging basic customer access, web and email activity on their networks for up to one year (see this
article for more), which is a system that must be put in place by 15th March 2009 (2006/24/EC).
It's now been confirmed that one unnamed "lucky" ISP will soon be selected to take part in a feasibility study of the system that could continue until 2010. Naturally the whole plan continues to face heavy criticism, with most concern centralising around its security and cost:
"
Part of the problem is that the Home Office would be able to self-authorise to do any searches in the database, which is very dangerous indeed," said Lord Errol of Hay. "
At the moment, someone checks the access requests."
Security expert Richard Clayton agreed with Errol that the proposals were "
completely not proportionate". "
If the government is going to do this, it would be far better to force all mosques, churches, and public houses to fit microphones and tape recorders," he told
ZDNet . "
East Germany used to have a comparable system."
Perhaps of even more concern is that the government still appears to be pressing for a centralised database, which should be cause for considerable panic; they don't exactly have the best track record with keeping our personal details secure.
It's interesting to note that such a database is presently illegal under the Data Protection Act (DPA), which will need to be adjusted through the new 'Communications Data Bill' for it to become lawful.
Even the Information Commissioner's Office (ICO) has grave concerns about the plans and states that it has not been consulted, which is the same mistake our government made prior to losing a few million personal records not so long ago. Putting our data in the hands of a second hand car salesman would be preferable to this.