UK data retention laws: what they mean for ISPs

This guide is based on UK law. It was last updated in October 2008.If you think you’re making a private call, or sending a discreet message, think again. Under an anti-terrorism law passed in late 2001 in the wake of the atrocities of September 11, details of every website visited and the transmission of every email sent and every phone call made in the UK can be retained and made available to authorities. This may give individuals privacy concerns but for telcos and internet service providers faced with the consequent storage and retrieval requirements, it is cause for financial concern.The Anti-terrorism, Crime and Security Act (the ‘ ATCSA ‘) was a hurried piece of legislation which extends some powers introduced in the Regulation of Investigatory Powers Act of 2000 – better known as ‘RIPA’. The combination gives the communications industry the challenge of tiptoeing a difficult path between privacy and security. In addition, the EC Data Retention Directive, which was approved following the Madrid train bombings of 2004 and the London terror attacks of 2005 (and implemented in the UK in respect of telephone communications by the Data Retention Regulations 2007 and due to be implemented in respect of internet-related data no later than 15th March 2009) requires the retention of data by communications services providers.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.