Data surveillance introduced in UK and USA
01 September 2001
On Thursday 13 September, in the wake of the attacks in the USA, the UK government asked all communications service providers to retain details of: i) all logs of emails sent and received (not the content of those emails); ii) all logs showing the allocation of dynamic IP addresses (internet usage) and iii) telephone networks are asked to keep logs identifying source and destination and times of all calls made or routed through their networks, see text of letter below.
The Director of Europol, Jurgen Storbeck, told the German newspaper Mitteldeutschen Zeitung that not all EU member states were prepared to exchange telecommunications data. The problem, he said , was to balance civil rights and freedom with security needs and that "Only by total surveillance is there a chance of total control" which would be unacceptable, see also Statewatch reports on telecommunications surveillance: 1st report
Text of letter from the UK National Hi-Tech Crime Unit
" To: All Communications Service Providers in the U.K.
In the aftermath of the atrocities in the United States of America on Tuesday 11th September 2001 there is a strong likelihood that criminal enquiries will include the tracing of relevant communications. Due to the scale and complexity of these enquiries it may take some time to determine precisely which data is relevant. There is therefore a risk that relevant data may be destroyed as a part of normal business practice before such enquiries are made.
It is with this situation in mind that I seek your support and co-operation.
I am requesting, as far as is reasonably practicable, that as a Communication Service Provider you retain and preserve all existing (not future) communications data held within your systems.
Internet Service Providers are requested to retain all logs of email sent and received (not the content of those emails), and all logs showing the allocation of dynamic IP addresses. In respect of telephone networks I request preservation of logs identifying source and destination and times of calls made or routed across your networks.
This request is made for the purposes of the "prevention and detection of crime" and the "apprehension and prosecution of offenders". These purposes are listed in Section 29(1) Data Protection Act 1998 (All
data processed for listed purposes is exempt from the first data protection principle).
Any data preserved and retained as a result of this request will only be accessed in accordance with specific lawful authority. It is not possible to define the required retention period for this data at present. It may be some weeks before it is possible to clarify this actual requirement. However I will review this situation within one
On behalf of law enforcement in the UK your assistance in this matter at this time is greatly appreciated.
Michael G. Ford, Detective Inspector,National Hi-Tech Crime Unit"
Note 1: The phrase in the letter "not future" is confusing, that is to "retain and preserve all existing (not future) communications data held within your systems". This is interpreted by privacy commentators as being somewhere between a preservation request and a retention request. That is, it is a preservation request to preserve only existing traffic data; but it is retention request in the scope of application: it applies to the traffic data of all users.
Note 2: The Home Office-funded National Hi-Tech Crime Unit was launched on 18 April 2001 with eighty officers charged with fighting fraud, hacking and an provide an international information hotline. The High-Tech Crime Unit is a joint initiative between the National Criminal Intelligence Service and the National Crime Squad. Funded with £25m of Home Office money.
US Senate votes to permit warrantless net-wiretaps and u