By Jane Wakefield
Technology reporter, BBC News
The government has made headlines for data failures
Plans for a super-database containing the details of all phone calls and e-mails sent in the UK have been heavily criticised by experts.
The government is considering the changes as part of its ongoing fight against serious crime and terrorism.
Assistant Information Commissioner Jonathan Bamford has warned that the UK could be “sleepwalking into a surveillance society”.
Others have questioned how such a database could be made secure.
“While the public is “sleepwalking” into a surveillance society, the government seems to have its eyes wide open although, unfortunately, to everything except security,” said Jamie Cowper, data protection expert at data protection firm PGP Corporation.
“The bottom line is – information of this nature should only be held if – and only if – it can be demonstrated that an appropriate system of checks and balances is in place and the security of the information being stored is of paramount concern,” he added.
Public confidence in the governments’ ability to look after data has been dented in recent months with high profile failures, including the loss of a CD carrying all the personal details of every child benefit claimant.
The latest plans being mulled by the Home Office will form part of the proposed Communications Bill, which is due to be considered by MPs later this year.
It is, said a Home Office spokesman, crucial “to ensure that public authorities have access to communications data essential for counter-terrorism and investigation of crime purposes.”
The more people who have access to it the more risks there would be
Chris Mayers, Citrix Systems
It would extend the powers of RIPA (the Regulation of Investigatory Powers Act) which currently allows hundreds of government agencies access to communications data.
Some believe such legislation, which requires government authorities to request information from communication providers, is more than adequate for law enforcement purposes.
“The fight against terrorism doesn’t require a centralised database,” said Chris Mayers, chief security architect at Citrix Systems, an applications delivery firm.
“Such a database would face threats from both outside and inside. The more people who have access to it the more risks there would be,” he said.
The Internet Service Providers’ Association said it was seeking more information about the proposals.
“In particular we want to know more about the Government’s intentions regarding “modifying the procedures for acquiring communications data,” said a spokesman.
In the run-up to RIPA being approved by parliament, human rights campaigner Privacy International argued that such an act would be a dangerous first step towards a “Big Brother” society.
According to Gus Hosein, a senior fellow at Privacy International, the latest proposals could be even more controversial.
“The idea that ISPs need to collect data and send it en masse to central government is, without doubt, illegal,” he said.