[ISN] "Big Brother" database for phones and e-mails (fwd)

From: InfoSec News (alerts@private)
Date: Tue May 20 2008 - 01:30:17 PDT


By Richard Ford
The Times
May 20, 2008

A massive government database holding details of every phone call, 
e-mail and time spent on the internet by the public is being planned as 
part of the fight against crime and terrorism. Internet service 
providers (ISPs) and telecoms companies would hand over the records to 
the Home Office under plans put forward by officials.

The information would be held for at least 12 months and the police and 
security services would be able to access it if given permission from 
the courts.

The proposal will raise further alarm about a “Big Brother” society, as 
it follows plans for vast databases for the ID cards scheme and NHS 
patients. There will also be concern about the ability of the Government 
to manage a system holding billions of records. About 57 billion text 
messages were sent in Britain last year, while an estimated 3 billion 
e-mails are sent every day.

Home Office officials have discussed the option of the national database 
with telecommunications companies and ISPs as part of preparations for a 
data communications Bill to be in November’s Queen’s Speech. But the 
plan has not been sent to ministers yet.

Industry sources gave warning that a single database would be at greater 
risk of attack and abuse.

Jonathan Bamford, the assistant Information Commissioner, said: “This 
would give us serious concerns and may well be a step too far. We are 
not aware of any justification for the State to hold every UK citizen’s 
phone and internet records. We have real doubts that such a measure can 
be justified, or is proportionate or desirable. We have warned before 
that we are sleepwalking into a surveillance society. Holding large 
collections of data is always risky - the more data that is collected 
and stored, the bigger the problem when the data is lost, traded or 

David Davis, the Shadow Home Secretary, said: “Given [ministers’] 
appalling record at maintaining the integrity of databases holding 
people’s sensitive data, this could well be more of a threat to our 
security, than a support.”

The proposal has emerged as part of plans to implement an EU directive 
developed after the July 7 bombings to bring uniformity of 
record-keeping. Since last October telecoms companies have been required 
to keep records of phone calls and text messages for 12 months. That 
requirement is to be extended to internet, e-mail and 
voice-over-internet use and included in a Communications Data Bill.

Police and the security services can access the records with a warrant 
issued by the courts. Rather than individual companies holding the 
information, Home Office officials are suggesting the records be handed 
over to the Government and stored on a huge database.

One of the arguments being put forward in favour of the plan is that it 
would make it simpler and swifter for law enforcement agencies to 
retrieve the information instead of having to approach hundreds of 
service providers. Opponents say that the scope for abuse will be 
greater if the records are held on one database.

A Home Office spokesman said the Bill was needed to reflect changes in 
communication that would “increasingly undermine our current 
capabilities to obtain communications data and use it to protect the 

Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com

This archive was generated by hypermail 2.1.3 : Tue May 20 2008 - 01:33:30 PDT