The UK is planning to fast-track emergency legislation aimed at communications service providers in order to ensure they retain metadata for 12 months and allow police and security services to access it.
The legislation is being introduced after a ruling by the European Court of Justice in April that said communications service providers (CSPs) did not have to adhere to the 2006 Data Retention Directive, which required CSPs to hold on to customer data for between six and 24 months, according to a report by the BBC. The ruling stated that this law was too broad and threatened citizens’ privacy rights.
According to the BBC, “the new law will also produce what is being described as a ‘clearer legal framework’ to allow access to the content of calls, texts and emails after a warrant is signed by a senior government minister. Telecoms companies are said to have warned ministers that after the Edward Snowden revelations they are vulnerable to legal challenge by their customers.”
Concerns around online privacy have continued to escalate as more information comes out about the breadth of the government surveillance programs. Earlier this week an investigative report by the Washington Post revealed the kind of intimate data that the NSA collects and retains on ordinary US and non-US citizens.
UK Prime Minister David Cameron said that without a new law, important information could be destroyed by communications companies, putting the country at risk. Currently, there is no evidence that CSPs have deleted any data, but some believe that without legislation in place, CSPs could be coerced into deleting data relevant to investigations into criminal or terrorist activity.
Rather than escalate powers held by authorities, the new legislation is supposed to maintain their ability to obtain data that has been retained by CSPs. The emergency legislation will only last until the end of 2016, when the government will revisit it.
To quell privacy concerns, the plan is to release a transparency report each year to list the number and type of requests made to CSPs, much like reports already published by companies like Verizon in the US.
Director of human rights organization Liberty, Shami Chakarabarti, told AP: “We are told this is a pedophile and jihadi ‘emergency’, but the court judgment they seek to ignore was handed down over three months ago and this isn’t snooping on suspects but on everyone. We are promised greater scrutiny and debate but not until 2016, as it seems that all three party leaders have done a deal in private. No privacy for us and no scrutiny for them.”
Last week, seven ISPs filed a complaint with the UK Investigatory Powers Tribunal, calling for an end to the mass surveillance conducted by GCHQ on communication service providers. The complaint involves GCHQ’s “apparent targeting of internet and communications service providers in order to compromise and gain unauthorized access to their network infrastructures in pursuit of its mass surveillance activities.”