Surveillance and data retention costs taxpayer £18.5m
The UK government has spent more than £18.5m over the past five years in subsidies to internet service providers (ISPs) and telecoms companies to fund the retention of communications data under anti-terrorism laws, according to a response to a recent parliamentary question.
Lord West, the parliamentary under-secretary of state at the Home Office, revealed the figures in response to a question from Lord Northesk, a Conservative peer and civil rights campaigner who is a member of the All Party Parliamentary Internet Group (APIG). According to the Home Office, the figures were initially given late last month, but were not published in Hansard due to a clerical error. They were finally published on Monday by Richard Clayton, a security researcher at the University of Cambridge, on the UK Crypto email mailing list.
The Home Office says grants began in 2004 following the parliamentary approval of a code of practice for data retention in 2003, and initially totalled £84,582 for five grants, or an average of just under £17,000 per grant. The size of the grants rose steadily year on year, totalling £5,282,100 for four grants in 2006, or an average of more than £1.3m per grant. Initially the payments were made under Section 106 of the Anti-terrorism, Crime and Security Act 2001 (ATCSA). In October 2007, the Data Retention (EC Directive) Regulations 2007 (EUDRD) came into force, one result of which was that the number of grants more than doubled. For the financial year 2007, under both the ATCSA and the EUDRD, the Home Office made 10 payments totalling £8,346,495, an average of £834,650 per grant. This year, up to 1 July, the Home Office has paid five grants totalling £4,072,554, an average of £814,511 per grant, according to Home Office figures.
Clayton remarked that the rising expenses may be partly accounted for by the huge number of text messages transmitted in the UK, currently at 1.5 billion messages per week and rising at 30 per cent per year, according to figures from the Mobile Data Association. Telecommunications firms are required to retain data such as the time, date, source number, destination number, geographic location of the source and destination and the length of the text message, though not the content. Clayton commented "That starts to mount up," – "And that's before counting phone calls, both fixed and mobile."
At present in the UK, telecommunications and internet connection data collected under data retention laws are stored by individual telecoms providers and ISPs, and separate warrant applications are required if the police or other security agencies wish to access them. Government proposals for a central data storage have been the subject of criticism, particularly in light of numerous incidents in which public bodies have lost citizens' personal data.
In July Commissioner Richard Thomas, of the UK Information Commissioners Office (ICO), criticised the government's plans for a central database (PDF) holding all of the information collected by telephone companies and ISPs under telecommunications data retention regulations. According to the Thomas, central storage of all telephone and internet communications of the entire population would go "a step too far for the British way of life".