ISPs and telecoms companies are to be compelled to provide information on their users' phone and internet activity under a new law announced by the Prime Minister last week. The information is likely to be held in one large central database, compromising billions of records.
The law, the Communications Data Bill, is an extension to existing laws which state that telecoms providers must store the details of phone calls and text messages for 12 months.
The Bill will take those requirements one stage further by requiring suppliers to provide a wider array of information. For phone calls, both fixed and mobile, service providers will have to provide information on who called who, when, and for how long. For internet usage, the law will mandate keeping a record of users' activity. The actual content of phone calls and internet usage will not have to be monitored.
The information will be made available to the police and security services if they obtain permission from the courts.
The draft bill is set to be released later this year, though ministers have yet to discuss the plan. The Bill will implement the remainder of the European Union's Data Retention Directive, for which the European Commission has set a deadline of March 2009 for implementation.
The Home Office said that the evolution of communications and the internet was hindering the Government's effectiveness in protecting citizens, and as a result it was planning to bring forward the Bill.
But the Government's privacy watchdog was not impressed with the plans. "If the intention is to bring all mobile and internet records together under one system, this would give us serious concerns and may well be a step too far," said Jonathan Bamford, assistant information commissioner. "We have real doubts that such a measure can be justified, or is proportionate or desirable. Proper safeguards would be needed to ensure that the data is only used for the proper purpose of detecting crime."
The Conservatives also came out fighting against the plans. David Davis, the Shadow Home Secretary, quoted in The Times, said: "Given [ministers'] appalling record at maintaining the integrity of databases holding people's sensitive data, this could well be more of a threat to our security than a support."
The Government has been widely criticised for other centralised databases, such as the NHS patients' database, part of the National Programme for IT (NPfIT), and the ID cards scheme.