ISPs uneasy about data retention

New laws could conflict with Data Protection Act

Pipex: Will comply with new rules

ISPs are concerned about plans to make it a legal requirement to store and provide data about communications to police and security services on request.

At the moment communication providers usually provide such information voluntarily since the Anti-Terrorism Crime and Security (ATCS) code of practice was instigated after the 11 September security attacks.

But the government wants to initiate a statutory scheme.

‘ISPs will be required to keep records of who contacts who via their services and provide this and other database information to police,’ said Philip Virgo, secretary general of parliamentary lobbying group Eurim.

ISPs are worried about the costs of a mandatory scheme, and a spokesman for the Internet Service Providers Association says there is confusion about how the ATCS fits in with the Data Protection Act.

‘Our policy says we would not want our members to become involved in data retention because of the pitfalls, including the costs of compliance and data protection issues, but we are working with the Home Office to resolve these issues,’ he said.

A spokesman for ISP Pipex says that provided the correct processes are established, the firm has no problem complying with any new rules.

‘We already provide information to the appropriate authorities and have the infrastructure in place,’ he said.

‘There are ongoing costs associated with retaining this data and some areas of conflict with the Data Protection Act.’