ZDNet UK / News and Analysis / Business of IT / Regulation

ISPs spell out true cost of data retention

By Matt Loney, ZDNet.co.uk, 12 December, 2002 10:00

Daily Newsletters

Sign up to ZDNet UK's daily newsletter.

Topics

thus, AOL, Ripa, Data retention, atcs, clive feather, camille de stempel, APIG, Home Office

NEWS
ISPs say the true cost of storing individuals' communications data as required by the Anti-Terrorism, Crime and Security Act (ATCS) that was rushed through parliament in 2001, will cost far in excess of the £20m estimated by the Government. Giving evidence at the All Party Parliamentary Group (APIG) public inquiry on Wednesday, AOL's director of public policy Camille de Stempel, said it would cost about £30m just to set up the systems for AOL alone, and the same again in running costs. Many ISPs already retain some communications data for various purposes, but the government is keen to make them extend the length of time it is retained to at least one year. Communications data means IP addresses of Web sites that people visit, and addresses of emails; it is distinct from content, although many in the industry believe it is just as invasive. Although the government has been criticised for failing to show how ISPs would be reimbursed for the cost of retaining communications data, it is believed by many to be considering a figure in the region of £20m a year for the entire industry. This would, say ISPs, be totally inadequate. For AOL, retaining communications data for one year would add an enormous cost, said de Stempel. "There are huge amounts of data involved. AOL has 329m user sessions a day, and its customers send 597m emails, and we're just one ISP." De Stempel said that to save all communications data on its UK customers for just one day would require 100 CDs. "If you multiply that (for a year) it will have an enormous impact on our business." Further costs would be incurred because an ISP could not simply hand a whole year's worth of CDs (36,000 in the case of AOL) over to police or other law enforcement agency when a request was made because, they say, this would be an offence under Regulation of Investigatory Powers Act (RIPA). RIPA says that any requests for communications data has to be proportional. "We'd have to search for a particular piece of data," said de Stempel. Clive Feather, an Internet expert at ISP Thus who also gave evidence, said AOL's figure of 36,000 CDs was if anything an underestimate of the scale of the problem. "This is raw data. If ISPs are retaining data so it can be searched later then it has to be organised and indexed," said Feather. "And this would all have to be paid for." Feather said he had no idea where the government's estimate of £20m for the whole industry came from. "The cost would be £5m to £6m for us alone," he added. Like many other ISPs, Thus stores communications data for a couple of days in case something goes wrong and it has to restore its systems. "If we store too much, the machine fills up at 3.00am and we have to drag the engineer out of bed to fix it", said Feather. "If we were keeping data for one year we would need to build a dedicated system and have very good security because suddenly we'd have a lot of data that would be very attractive to criminals. This would be a major computing project, and a very expensive one." Costs are likely to be exacerbated by the large number of government agencies that have access to the data once it is retained, say ISPs. Even if the government creates a reimbursement mechanism for data accessed under RIPA, many government agencies such as the Benefits Agency, the Department for Work and Pensions (formerly the Department of Social Security, and the Serious Fraud Squad can demand access to retained data under other laws. The government has not said how costs incurred by agencies using other laws would be reimbursed. In written evidence to the inquiry, the UK's ISP Association (ISPA), expressed concern that there are no plans to address this problem and repeal existing powers that are reserved by some public authorities to order disclosure of data. Part 1 Chapter 2 of RIPA, and the associated code of practice and cost recovery mechanisms should be implemented as a matter of priority, said ISPA. "This will make the authorities named on the face of the Act fully compliant with the applicable data disclosure provisions." Furthermore, said ISPA, the government should introduce a memorandum of understanding between these authorities and government to commit them to the use of RIPA procedures over any existing powers they may have under other statutes.
Who's watching you? Get the latest on spy networks such as Echelon and Carnivore, as well as privacy issues for companies and individuals alike, at ZDNet UK's Privacy News Section. Have your say instantly, and see what others have said. Go to the ZDNet news forum. Let the editors know what you think in the Mailroom.

Related stories

ISPs revolt against data retention law

Home Office: We got data retention wrong

UK Government suffers data retention blow

Free Maps costs Google £400K in damages in France

Privacy watchdog to probe O2 over phone number leaks

Post your comment

In order to post a comment you need to be registered and logged in.

You can also log in with Facebook. Log in or create your ZDNet UK account below

  • Login

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Community FAQ

Get ZDNet UK's daily newsletter

Enter your email address to sign up

ZDNet UK Live

subhorup

It simultaneously worries me and uplifts me that a self-proclaimed group of internet activists name themselves after Indian mythical figures....

3 hours ago by subhorup on Anonymous activists release PCAnywhere source code
naviathan

It's actually far easier to work anonymously on the internet than you think. With tools like Tor bouncing your traffic around the world before...

6 hours ago by naviathan on Anonymous activists release PCAnywhere source code
Agnostic_OS

1000272134 and bluedalmatian with you both there but then I'm still in 10.04 land (and happy with it)

6 hours ago by Agnostic_OS on Ten factors that make Ubuntu 11.10 a hit
apexwm

Interesting article and definitely see your points on the products mentioned. One of the top products for our Help Desk (approximately 20% of all...

14 hours ago by apexwm on Ten flawed products that derail productivity
Paul Hutchinson

Absolutely - this should obviously not be handled my isp - but handled by their hosting operator. What's been suggested here is that my isp police...

14 hours ago by Paul Hutchinson via Facebook on MPs urge ISPs to take down terrorist material
Techs UK

Looks like a great phone. I don't notice any deficiencies in WP7. used IOS before, that's pretty good. I don't spend much time in Apps, all i need...

17 hours ago by Techs UK on Nokia pins US 're-entry' hopes on Lumia 900
Larry Bloggy

Now with the help of these apps you are always synced with MS outlook while on the move. Just download apps like xobni or outlookreflex and get...

17 hours ago by Larry Bloggy via Facebook on Outlook Social Connector beta 2 and the LinkedIn connector
mike40g123

Your details are wrong. The version currently being made is the one with 2 USB ports, 256MB RAM and a network port. This is the Model B. The...

19 hours ago by mike40g123 on Raspberry Pi boards set to go on sale
Moley

The thing that has been puzzling me for quite a while is how Anonymous can remain anonymous whilst not only being active on the Internet but also...

1 day ago by Moley on Anonymous activists release PCAnywhere source code
Don Dilly

If what Semantec is saying is rue, that is even worse and shows a complete disregard for thier users. If what Anonymous claims is true and the...

2 days ago by Don Dilly via Facebook on Anonymous activists release PCAnywhere source code
MattChurchy

Didn't seem particularly biased to me either. Oh though you might have mentioned some other competitors with free search and email services...

2 days ago by MattChurchy on Time for an evil umpire: Google, Microsoft & privacy
Simon Bisson and Mary Branscombe

James - exactly as much as anyone paid you for your comment; I don't feel that I need to say that I'm independant and unbiased, but just for you...

2 days ago by Simon Bisson and Mary Branscombe on Time for an evil umpire: Google, Microsoft & privacy
Carl White

Once they realise symantec are willing to pay real money, they will simply keep extorting, unless of course symantec/authorities can use the...

2 days ago by Carl White via Facebook on Symantec offered hackers $50k in source code sting
Jonathan Hassell

You can find more information on BS 8878 by Jonathan Hassell its lead-author at http://www.hassellinclusion.com/bs8878/ The page includes a...

2 days ago by Jonathan Hassell on BSI publishes first British web accessibility standard
servermanagement

Thanks for this list. Now I know, what to include on my system to make it more functional.

2 days ago by servermanagement on Ten flawed products that derail productivity
1000092626

What if it's a 4 car household? The point is, more bandwidth = more things you can do simultaneously, like streaming HD video in one room of the...

2 days ago by 1000092626 on Virgin Media beats 100Mbps schedule, hikes prices
Gary Burton

No point whatsoever increasing broadband download speed. unless ever server on the net has access to massively up rated throughput. The worlds...

2 days ago by Gary Burton via Facebook on Virgin Media beats 100Mbps schedule, hikes prices
Random_Error

They're also increasing their TV package prices, whether to help fund this or not.

2 days ago by Random_Error on Virgin Media beats 100Mbps schedule, hikes prices
Techs UK

How can you set it up wrong to intermittently connect? Should I be asking for more pay? Outlook/Exchange is a breeze.

3 days ago by Techs UK on Ten flawed products that derail productivity
JamesCheese

And how much did Microsoft pay you for that article?

3 days ago by JamesCheese on Time for an evil umpire: Google, Microsoft & privacy

Latest in Regulation

Free Maps costs Google £400K in damages in France

Privacy watchdog to probe O2 over phone number leaks

Firms face tougher data-protection rules in Europe

Featured white papers

How malware threats have changed

Symantec.cloud

How malware threats have changed

These days, cybercriminals have four core weapons: targeted attacks, infecting websites, social networking and... Read more

How enterprises can achieve cloud computing benefits

Citrix

How enterprises can achieve cloud computing benefits

Is your load balancer cloud-ready? A key to the cloud's success is having an IT infrastructure that can deliver a robust set of cloud-oriented capabilities and can support all cloud computing use... Read more

Guide to social media use in your business

Symantec.cloud

Guide to social media use in your business

Are you on Twitter, Facebook or Google ? Even if you're not, you should know about social networking's benefits... Read more

Inside ZDNet UK

Heat promises to speed up hard-disk data storage

Heat promises to speed up hard-disk data storage

Sponsor a Colossus valve to help Museum of Computing

Sponsor a Colossus valve to help Museum of Computing

BlackBerry Bold 9790

BlackBerry Bold 9790

Webcast - Managing Mobility and Network Expansion

Webcast - Managing Mobility and Network Expansion

Ten factors that make Ubuntu 11.10 a hit

Ten factors that make Ubuntu 11.10 a hit

Toshiba Portégé Z830-10P Review

Toshiba Portégé Z830-10P Review

BT's archive: Pictures from the vault

BT's archive: Pictures from the vault