The Government plans for a Communications Data Bill, outlined in its draft legislative programme, have received a pretty distrustful reaction from the ICO.
The ICO’s John Bamford, Assistant Information Commissioner, commented on the proposed government database:
‘If the intention is to bring all mobile and Internet records together under one system, this would give us serious concerns and may well be a step too far. We are not aware of any justification for the state to hold every UK citizen’s phone and internet records. We have real doubts that such a measure can be justified, or is proportionate or desirable. Such a measure would require wider public discussion. Proper safeguards would be needed to ensure that the data is only used for the proper purpose of detecting crime.
We have warned before that we are sleepwalking into a surveillance society. Holding large collections of data is always risky; the more data that is collected and stored, the bigger the problem when the data is lost, traded or stolen. Defeating crime and terrorism is of the utmost importance, but we are not aware of any pressing need to justify the government itself holding this sort of data. If there is a problem with the current arrangements, we stand ready to advise on how they can be improved, rather than creating an additional system to house all records’.
The Government outline in its legislative programme states that the purpose of the Bill is to allow communications data capabilities for the prevention and detection of crime and protection of national security to keep up with changing technology through providing for the collection and retention of such data, including data not required for the business purposes of communications service providers; and to ensure strict safeguards continue to strike the proper balance between privacy and protecting the public.
The main elements of the Bill involve modifications to the procedures for acquiring communications data and increasing powers for this data to be retained. It wil also transpose EU Directive 2006/24/EC on the retention of communications data into UK law. The Government claims that the main benefits of the Bill are that ‘communications data plays a key role in counter-terrorism investigations, the prevention and detection of crime and protecting the public. The Bill would bring the legislative framework on access to communications data up to date with changes taking place in the telecommunications industry and the move to using Internet Protocol (IP) core networks. Unless the legislation is updated to reflect these changes, the ability of public authorities to carry out their crime prevention and public safety duties and to counter these threats will be undermined’.
That early outline has since, reportedly, been fleshed out but no public document is available. See here and here for more.