Industry watch Toolkit

Who will pay price for EU data-retention plans?

Manek Dubash ZDNet.co.uk

Published: 05 Jun 2009 09:21 BST

...in technology which allowed them to be more accurate and precise about what information they released, and which could index the information faster to comply with the DRD.

Pauley said costs to ISPs of compliance could vary enormously, depending on the size of the ISP and the route it took to resolve the issue. He added that part of the equation is that ISPs will end up with bigger databases and that issue would have to be managed.

Privacy-rights campaign group No2ID took a different approach. The campaign's press officer Michael Parker said: "[Home secretary] Jacqui Smith proposed to build a huge database containing all information about everyone, but it's very difficult to build. So with some fanfare the Home Office eventually said that, having listened, it would drop that idea.

"But all it's done is drop the idea of a central repository. Instead the ISPs will do it for them, and the cost passes on to you."

'Quite a cross to bear'
Parker said ISPs have to keep "a huge amount" of information about users already, but they now have a legal duty to do so. "ISPs have to keep databases, and they still need to be managed. The responsibility that all this involves means they have quite a cross to bear," he added.

Read this

Why scammers find rich pickings on Facebook

People shed their normal caution on social-networking sites, leaving the scammers and worm-writers to rub their hands with glee...

The rationale for the directive is that it helps protect against terrorism. However, according to Parker, there is evidence that the directive is part of a wider move to increase the surveillance powers of central governments across Europe.

Today, under Ripa, government agencies need to ask ISPs for any data before they can use it. Parker said this procedure will no longer apply: "Under the Interception Modernisation Programme — a future upgrade to Ripa — there's no requirement to establish a need for surveillance. This is still going on but it's all frightfully vague, very thin in detail and large of proposition."

Bigger than ID cards
According to one press report: "The scope of the project — classified top secret — is said by officials to be so vast that it will dwarf the estimated £5bn ministers have set aside for the identity cards programme."

No-one we contacted saw the directive as anything other than cementing existing practices into a legal framework. However, campaigners such as StateWatch argue that more surveillance is on its way. For example, the campaign describes the EU's Future Group as "pursuing unfettered powers to access and gather masses of personal data on the everyday life of everyone — on the grounds that we can all be safe and secure from perceived 'threats'".

From the practical point of view of cost, the directive may not result in increased broadband charges. However, it seems highly likely that, in addition to the privacy issues, the increasing cost of government-mandated surveillance will be borne by the customer.