I know no-one will take the slightest fucking notice of this (except to deny that it is accurate and is me acting as a "shill"
) but if you
really want to know what is being proposed and why / how it is useful ...
1. It is not the keeping of content (as has been noted)
2. It is keeping records of connection / activity (e.g. numbers called, internet sites connected, etc.). Most (but not all) of this is done already as part of service providers billing / admin / technical systems.
3. The stuff is currently only held for as long as needed for the service providers purposes. This is usually a matter of weeks or a couple of months at most (but it varies between data category and service provider).
4. The suggestion is that service providers be required to keep it for 12 months.
5. The original plan, that it would all be supplied to a central data storage dump, has been binned (too expensive, control passes to law enforcement entirely). It is now to be kept by service providers and they will be reimbursed for the cost (of storage and of processing applications for access).
6. There is no change to how it will be accessed / used.
7. It will NOT be routinely trawled or analysed.
8. Access will be by specific application under the relevant DPA, RIPA or other authorisation process. It will be targetted (i.e. the application will ask for specific data on a specific name, phone number, IP address or whatever).
9. That is the case now - the applications are made for, and granted to, access to data held for the service providers own purposes whilst it exists.
10. Effectively all that this proposed change does is extend the time that it is there to be accessed.
11. There is nothing new about the access of law enforcement to data held for other purposes to assist in criminal enquiries - it has always happened (e.g. access to bank account details in fraud cases) and is a core part of the evidence gathering process.
12. It is extremely valuable evidence (in terms of both it's evidential value and in terms of how it shortcuts other lengthy alternative investigative methods (such as weeks and weeks of convential and / or technical surveillance). It is useful in putting suspects in particular places at particular times and in revealing links with associates, etc.
13. In complex enquiries (and terrorist cases are a very high-profile example, but by no means the only one) it is frequently some weeks or months before a suspect is identified and so a targetted request for the data can be made - at present it is very common for the data to already have been destroyed by the time it's relevance is recognised.
14. There is no reason at all why it should not work - it works now (though there is a cost implication) and all that would be needed was additional storage capacity (thus more cost implication) - but no more complexity so no reason to think it wouldn't work.
There are basically three questions you should ask yourself:
a. Is it right that law enforcement should be able to access data held by other organisations in the investigation of specific crimes? (If you answer no to this then you should think carefully about how exactly you expect the police to be able to investigate anything!).
b. If so, is it right to ask that data holders keep the data they have for non-law enforcement purposes for longer than they otherwise would so that it is available to enquiries when it's relevance is identified later?
c. If so, for what period? Is 12 months right? Would 6 months be enough? Should it be 3 years? (As an investigator I would say that it would be a very exceptional case which needed stuff going back more than 3 years ... but I think there will still be some significant number of cases where the need is only identified more than 12 months later. I would say 12 months is a good start ... but some empirical evidence of the number of / nature of cases where it was not enough should be gathered to see if an extension is needed in future).
