Service providers would be required to keep extensive telephone a...

a central database, an idea that scared civil liberties groups, ISPs and others when it emerged several months ago. The proposal comes out a effort toward an “intercept modernization program” aimed at beefing up Britain’s response to terrorism and serious crimes, the Home Office said. Technical changes allow communications companies to offer a wide range of new services such as TV, social networking, music, video messaging and Internet browsing, it said. Some will be offered by providers operating existing networks, others by overseas providers, it said. The changes make it harder for public authorities to gain access to communications data and use them, it said. A centralized database for storing all communications data would be most effective, but the privacy risks outweigh the benefits, the government said. It’s proposing legislation requiring U.K. providers to collect -- and hold as long as 12 months -- not only traffic information they already amass for business purposes but also “additional data” relating to communications services provided from overseas companies, or third-party data. Doing nothing isn’t feasible, the U.K. said. The job of collecting and storing the data would fall to fixed-line, mobile, Wi-Fi and other operators that own the network infrastructure, the government said. Because that wouldn’t deal with the problem of fragmentation, the government also proposed a new law requiring providers to process third-party information and match it with their own business data where it has elements in common. The set-up will include data beyond the scope of the EU data retention directive, it said. All information gathered will be made available on to public authorities, case by case, “subject to the same rigorous safeguards that are now in place,” it said. Initial cost estimates for the system could reach $2.9 billion, the Home Office said. Under the Regulation of Investigatory Powers Act of 2000, it must make arrangements for “reasonable contributions” toward providers’ costs, it said. The Home Office wants comments on whether communications traffic data is needed for security, emergency, intelligence and law enforcement purposes, which alternative to adopt, and whether proposed privacy protections are adequate. The Internet Services Providers’ Association welcomed the absence of a central database for storing traffic data. The group said it expects the government to reimburse ISPs for any extra costs. NO2ID said carrying out the plan would put Home Office “probes” in the data centers of every British ISP that will allow direct skimming of all traffic. The Home Office “would become a clearing-house,” it said. The organization is concerned about deep-packet inspection of traffic data beyond the usual information such as where a call was made, coordinator Phil Booth said. Another question is who will have access to the data, he said. The government recently opened a separate inquiry on changes to the list of public authorities entitled to request interception data under RIPA, and NO2ID believes the law and the intercept modernization program will intersect, he said. The consultation document leaves many questions open, he said. If the government has specific proposals, it should make them public, he said. Comments are due July 20 -- communicationsdataconsultation@homeoffice.gsi.gov.uk.