The UK government wants a massive database to store the web, e-mail, and phone histories of every person in the country – and is unveiling new telecommunications legislation to implement it.
Technology is changing too fast, said a spokeswoman for the UK Home Office, and current progress is undermining law enforcement’s ability to obtain data and “use it to protect the public.”
Such legislation would update the country’s laws, giving the government and law enforcement officials an expanded ability to obtain communications records essential for counter-terrorism and fighting crime. Under the new legislation, law enforcement would receive a brand new, centralized database of communications records, giving officers a one-stop shop for comprehensive reports on a person’s communications activities.
Ross Anderson, chairman of think-tank Foundation for Information Policy Research, thinks that such a database would require network providers to undergo substantial redesigns of their networks. As a result, service providers “would simply move abroad” rather than play ball with the government.
“It's an enormous power grab by the Home Office, and to think it will become a reality is wishful thinking,” said Anderson.
Such a database would add a considerable amount of information to the country’s already large surveillance program, complementing controversial plans for a national Identity Register and corresponding ID card that were delayed to 2012.Together, with new face-recognition technology in surveillance cameras, and comprehensive national ID and communications databases, government officials would have the ability to take a seemingly intimate view into ordinary citizens’ lives, documenting previously anonymous data with startling efficiency.
Naturally, civil rights groups, IT experts, activists, and security professionals are concerned about the initiative – particularly given previous programs’ lack of effectiveness and the government’s spotty security record.
“This would give us serious concerns and may well be a step too far. We are not aware of any justification for the State to hold every UK citizen’s phone and internet records,” said assistant Information Commissioner Jonathan Bamford. “We have warned before that we are sleepwalking into a surveillance society.”
A communications database created per the proposal would be forced to record the almost 57 billion text messages and 3 billion e-mails sent annually in the UK, a security prospect that industry officials are concerned about attracting abuse.
“Given [ministers’] appalling record at maintaining the integrity of databases holding people’s sensitive data, this could well be more of a threat to [national] security, than a support,” said Shadow Home Secretary David Davis.
“Holding large collections of data is always risky - the more data that is collected and stored, the bigger the problem when the data is lost, traded or stolen,” said Bamford.
Government police and security forces would be able to access the database only for records authorized by court warrant.
Jamie Cowper, director of European marketing at security company PGP Corp., panned the idea.
“You've got to admire the government's gall in attempting to bring in yet another 'super-database' with public confidence still in tatters over recent lapses in data protection,” said Cowper.
PC World reports that the Internet Service Providers’ Association is taking a “wait-and-see” approach before it weighs in, but it expressed concern about modifications that ISPs would have to make to their businesses and infrastructure.
Home Office officials note that much of the information desired is already available, albeit spread across different companies. This creates an unnecessary time sink and hampers investigations, it said, and a new, central database would allow law enforcement and security officials to work more efficiently.
Full details will be released as part of a data communications bill set to be announced this November. Ministers have yet to see or approve the plans for inclusion in upcoming drafts.