UK ISPs will shortly be required to start logging basic customer access, web and email activity on their networks for up to one year (see this article for more), which is a system that must be put in place by 15th March 2009 (2006/24/EC).

It's now been confirmed that one unnamed "lucky" ISP will soon be selected to take part in a feasibility study of the system that could continue until 2010. Naturally the whole plan continues to face heavy criticism, with most concern centralising around its security and cost:


Perhaps of even more concern is that the government still appears to be pressing for a centralised database, which should be cause for considerable panic; they don't exactly have the best track record with keeping our personal details secure.

It's interesting to note that such a database is presently illegal under the Data Protection Act (DPA), which will need to be adjusted through the new 'Communications Data Bill' for it to become lawful.

Even the Information Commissioner's Office (ICO) has grave concerns about the plans and states that it has not been consulted, which is the same mistake our government made prior to losing a few million personal records not so long ago. Putting our data in the hands of a second hand car salesman would be preferable to this.