Shortly after the terrorist attacks in the U.S. on Sept. 11, the U.K. government sent a request to all U.K.-based ISPs (Internet service providers) and telecommunication companies asking them to retain all communications-traffic data for a month. On Monday the House of Commons and the House of Lords will debate a new law that seeks to make this retention of data compulsory.
The Anti-Terrorism Crime and Security Bill was introduced to Parliament by the Home Office on Nov. 12, and the government is hoping to get the bill passed before the Christmas holiday break, said a Home Office spokeswoman.
Part 11 of the bill, the Retention of Communications Data, aims to "safeguard national security" by granting the Secretary of State the power to order ISPs to hold data communications for a set period, determined by the Secretary, or risk being jailed.
When the U.K. government initially requested the retention of data in September, it did so on a voluntary basis under the Data Protection Act. This Act usually prevents these same companies from saving traffic data for longer than a month and for any reason other than billing purposes.
Should the Anti-Terrorism Crime and Security Bill become law, any request from the government for information such as IP (Internet Protocol) addresses and information on individual e-mails, such as size, destination and author, would be legally binding.
The bill is expected to hit some stiff opposition from Members of Parliament including Chris Mullins, the chair of the Home Affairs Select Committee, who expressed concern in a report presented to the House of Commons on Monday that the bill, which has major human rights implications, is being pushed too quickly through Parliament The U.K. government made its initial request for data retention through the National High-Tech Crime Unit, which said it needed to preserve data in case the U.S. Federal Bureau of Investigation (FBI) needed it as part of investigations into the Sept. 11 terrorist attacks.
The U.S. Congress is in the process of drafting similar legislation, but current bills before the House and Senate, such as the Critical Infrastructure Information Security Act, would not grant the U.S. government such sweeping powers as those being sought by the U.K. government, according to Mullins.