RETENTION OF COMMUNICATIONS DATADevelopments in the Online Space
Regulations have been introduced which require certain public communications providers (read ISPs, mobilephone providers, VOIP operators…and, potentially, social networking sites such as Twitter) to retain certain dataabout the communications made over their networks (and the people making those communications) for 12months. This move may be seen by some as a threat to privacy as well as an extra compliance burden for theaffected service providers. Others would counter that it is a welcome and necessary weapon in the fight againstterrorism and other serious crime which can be incited, orchestrated or even conducted online, such as childabuse.Landline and mobile phone providers have been required to retain certain communications data (e.g. time/lengthof call, name/address of caller) since2007. TheData Retention (EC Directive) Regulations 2009“New
Regulations”) came into force on 6th April, implementing the correspondingEU Directiveinto UK law. These NewRegulations replace the 2007 Regulations, which referred only to telephone services and expressly excludedinternet services. The New Regulations capture communications made by internet, email and internet telephony(such as VOIP and efax), and require certain providers of these services to retain communications data for ayear. This ‘communications data’ relates to the who/when/where of a communication (but not the content) andranges from log on/call times and durations to the names and addresses of people sending and receivingcommunications.Only public communications providers who are notified by the Secretary of State are required to comply with theNew Regulations. These will be companies who make available “electronic communications services” to membersof the public by providing an “electronic communications network”, defined in theCommunications Act 2003as “a transmission system for the conveyance, by the use of electrical, magnetic or electro-magnetic energy, of signals of any description; and (b) such of the [apparatus comprised in the system and/or used for the switchingor routing of the signals; and software and stored data] as are used, by the person providing the system and inassociation with it, for the conveyance of the signals.” It remains to be seen which companies will receivenotification under the New Regulations from the Secretary of State, but ISPs (e.g. BT Internet) will certainly benotified, as will mobile phone providers (if they haven't already, e.g. O2) and VOIP operators (e.g. Skype). It willbe interesting to see whether the Government will extend such notification to search engines and websiteoperators – particularly social networking sites, where mass communication is key with the crowds twittering,posting and poking.
Advantages of the New Regulations
The Home Office points out in its Explanatory Memorandum that communications data has proved valuable forlaw enforcement purposes over many years, in detecting crimes, investigating suspects and prosecutingoffenders. Although many communications providers retain such information in any event, they delete it as soonas their business purposes have been met (whether because of data protection legislation or the costs of storage). The Home Office argues that long running investigations, which may require communications datasome time after a crime has been detected, tend to relate to the most serious crimes and as such there is astrong public interest in obliging relevant companies to preserve such evidence.If every email, IM, tweet and post is logged along with the sender’s name, address and geographical location atthe time, then law enforcers will find it easier to verify alibis, trace contacts and track movements. Criminals willbe unable to rely on the perceived anonymity of the Web to disguise their activities. The New Regulations send aclear message that people cannot hide behind online personalities to conduct criminal behaviour.
Leave a Comment