Privacy watchdog calls for better justification of data collection plan

The Information Commissioner's Office (ICO) has expressed concerns over the Government’s proposal to collect communications data under the Interception Modernisation Programme (IMP).

The privacy watchdog said it didn't believe that the Government had considered all the options and safeguards that this would require.

The IMP is an initiative to enhance the Government's capabilities for intercepting and storing communications data, and has deeply concerned privacy groups.

There are already various laws that require communications service providers (CSPs) (companies such as internet service providers (ISPs) and phone companies) to retain data. An EU Data Retention directive introduced in March compels them to retain communications data for 12 months so that can be examined by authorities if needed.

Although the Government has ditched its plans for a database of all internet communications, it is currently considering using the IMP to force communications companies to collect more information on internet activity and process it for authorities to examine.

The Government has launched a consultation to which the ICO has responded. It said the Government had not yet made a good enough case for the routine collection and retention of further communications data covering the entire population.

The ICO said it: “recognises the value that communications data has for the prevention and detection of crime and the prosecution of offenders. However, this in itself is not a sufficient justification for mandating the collection of all possible communications data on all subscribers by all communication service providers.”

The ICO said the Government does not appear to have fully investigated other options that may exist between the two extremes of a single, centralised database of all communications data and doing nothing.

The privacy watchdog is also concerned about possible “gaps in the current regulatory regime that not only have the potential to affect the rights of individuals and their avenues of recourse, but also the clarity of roles and responsibility of CSPs.”