ISPs are required under EU legislation to store the email and surfing details of every customer
UK email retention law comes into force
/v3-uk/news/1995650/uk-email-retention-law-comes-force
06 Apr 2009, Dave Neal , V3
New European Union legislation comes into force today requiring ISPs to store the details of every email sent and web site visited by their users, in case the police, or any other public organisation or body, needs to access the information.
Similar rules covering phone records are already in force. The new directive specifically requests that ISPs retain the communications data, though not the actual content, for a year. The authorities will be able to request access to the data with a warrant.
Former UK home secretary Charles Clarke pushed for the rules in 2005 following the terrorist bombings in London.
"Modern criminality crosses borders and seeks to exploit digital technology. The measure is an important step in delivering the right to citizens across the EU to live in peace and free from the negative impact of terrorism and serious crime," Clarke said at the time.
"By voting in favour of this directive, the Council of Ministers, the European Commission and the European Parliament have shown their commitment to strengthening security across the EU."
The Home Office stated today that the government's priority is to "protect public safety and national security".
"That is why we are completing the implementation of this directive, which will bring the UK in line with our European counterparts," the department said.
"Access to communications data is governed by the Regulation of Investigatory Powers Act 2000 which ensures that effective safeguards are in place, and that the data can only be accessed when it is necessary and proportionate to do so."
Some reports suggest that all businesses will be expected to retain relevant data, but a Home Office spokesman insisted that the rules apply only to internet service providers.
The rules require firms to store the time and duration of telephone calls, details of connections made to the internet, and details, but not the content, of email and internet telephony services.
Neil Cook, head of technology services for EMEA at message security firm Cloudmark, expects the directive to cause many headaches for ISPs.
"Quite clearly this new legislation opens up a whole can of worms for the ISPs when it comes to potential security implications," he said. "Considering the sheer volume of high-profile security breaches hitting the headlines in the UK, the protection and storage of data is of paramount importance to an organisation."
© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093
Do you agree?
UK email retention law comes into force
No i don't think such data should be stored, as if terrorists are going to openly communicate via email to plan out their plots. The government is just using terrorism as an excuse to exercise their control freakery and spy on it's own people. I hope this does become a headache for the ISPs.The authorities are not going to open your emails and check out the content of what site you have visited?! Yeh right.
Posted by Nick Rowland, 07 Apr 2009
The mask of 'Democracy' is slipping
Get used to it or do something about it - we are all serfs now. The government in a 'democracy' is supposed to be answerable to the electorate. Now we are answerable to the government that hides behind a shroud of secrecy and culpable denialability. So we'll just drop e-mail and resort to Bulletin Boards - like this!?
Posted by Chris D, 08 Apr 2009
Do not agree
Infringement of our rights
Posted by Star Smith, 06 Apr 2009
Surely they mean ISP-hosted email accounts, not free web-based ones??
Correct me if i'm wrong, but I would have thought that ISPs cannot filter/monitor emails offered by free web-based providers?
They can only really monitor emails that they host themselves, right?
Posted by Jacob, 07 Apr 2009
Retain this!
Why must I be subservient to this government that professes to uphold my rights by taking them away from me?
Why do they expect to know everything about me when they hide behind the cloak of secrecy themselves.
Why should I co-operate with this one sided exploitation of the good excuse of anti-terrorism when they only seem to catch dog walkers and litterbugs with it?
Will they give me a new identity when they have lost my own?
Posted by Gwyn Kemp-Philp, 07 Apr 2009
Having your own mailserver?
I wonder if you will be safe if you run your own Exchange mailserver? However, if you still use your ISP as the outgoing SMTP server, will they be recording the mail source and destination?
Also, does anyone know, if having your own mailserver makes you a service provider and means that you have to keep your mail records available for inspection?
Posted by PL, 07 Apr 2009
I do not consent
I do not consent to this, acts and statutes only have force with the consent of the governed. I do not consent.
Posted by No name, 06 Apr 2009
Hard to keep track of?
This is going to be hard to monitor. When are they going to make contact with ISP's to make them aware of this crazy law?
Posted by UK Web Hosting, 06 Apr 2009
Yet more EU red tape
I fail to see the point of this legislation if the content is not available.
You cannot pursue and charge a terror suspect on the basis they emailed a sinister character. Surely the message content would be required to demonstate intent to aiding/carrying-out terrorist activity.
Of course, we all know about Echelon - is this the EU's attempt to have ISPs do its dirty work for them?
Posted by Neil R, 08 Apr 2009
Big Brother is watching you..
Talk about Big Brother is watching you! George Orwell's 1984 is becoming a reality. How dare the Government profess to be protecting my rights whilst poking their noses in to my email and phone data with the excuse they are preventing terrorism and tightening security? I didn't vote for this, I was never offered a referendum on this...it's becoming a dictatorship not a democracy & it's wrong!
Posted by Jannerchick, 07 Apr 2009
What about ISP's not based in the EU ?
Do they have to keep the records and are they going to take any notice of a court order ordering them to hand over the records - I think not !!
Posted by Denis, 13 Apr 2009
ISP?
What does ISP stand for?
vnunet.com reply: Internet service provider.
Posted by A.A.Wright, 23 Apr 2009