Reference: 066/2003 – Date: 11 Mar 2003 11:16

The Government has responded to public concerns over access to phone and internet records with a wide-ranging overhaul of its plans, Home Office Minister Bob Ainsworth said today.

The Government today published revised plans on how public bodies should access such information records under the Regulation of Investigatory Powers Act (RIPA) 2000 as well as how such data should be retained by communication service providers under the Anti-Terrorism Crime and Security Act (ATCSA) 2001.

The original proposals under RIPA were withdrawn last summer by the Home Secretary who promised to strike a better balance between the privacy of the citizen and the need to investigate crime and protect the public. The new proposals radically revise the access and type of information available to public bodies, as well as providing for extra scrutiny of such requests. It also delivers the Government’s promise to provide much more information about the type of records requested by public authorities and what it is used for. [more … …]

Notes to Editors:

The order withdrawn last summer is the addition of public authorities to Part 1 Chapter 2 of RIPA, (Access to Communications Data). Attached is a summary of the new proposals.

Section 103 of the Anti-Terrorism Crime and Security Act provides that the Secretary of State shall publish a draft code of practice on data retention and consider any representations made to him about it.

Both consultation documents can be found on the home office web site: – Access to Communications Data under RIPA at www.homeoffice.gov.uk/ripa/part1/consult.htm and the Voluntary Code of Practice for Data Retention at www.homeoffice.gov.uk/oicd/antiterrorism/consult.htm

The deadline for responses for both consultations is the 3 June 2003.

‘Snooper’s charter’ scaled down


Tuesday March 11, 2003


Ministers today announced a radical scaling down of plans to give state agencies powers to access telephone, internet and email records.

The plans were condemned as a “snooper’s charter” last June, when the home secretary, David Blunkett, was pressured into reducing their severity.

Officials had planned to allow a vast range of public bodies – including seven Whitehall departments, local councils and 11 quangos – the right to demand access to private communications records.

Such powers had previously been the domain only of the police, MI5, MI6, government listening-post GCHQ, customs and excise and the inland revenue.

Today Home Office minister Bob Ainsworth revealed a new shorter list, which the public have been asked to comment on before it is approved.

Only a handful of bodies – each with a serious crime-fighting role – would gain automatic power to access such sensitive data.

They are the UK atomic energy constabulary, the Scottish drugs enforcement agency and the maritime and coastguard agency.

Fire authorities and NHS trusts will also get full access to investigate suspicious fires or hoax 999 calls.

Organisations named under the Regulation of Investigatory Powers Act (RIPA) can access subscribers’ names and addresses, and details of telephone calls and emails made and received.

They can also get hold of mobile phone operators’ data which pinpoints a user’s location within a few hundred metres.

Mr Ainsworth announced a second list of organisations which will have far more limited powers to access data about phone and internet subscribers, such as names and addresses.

This will include all 468 local councils in the UK, five government departments, the Environment Agency, the Royal Mail, Food Standards Agency and the Office of Fair Trading.

Last June, Mr Blunkett admitted the government had “blundered” in its plans to expand the Act and “dug itself into a hole”.

His decision had been influenced by warnings from his son Hugh, 24, who works in IT, he added.

Today the home secretary said: “I take concerns about intrusion into privacy very seriously.

“To succeed in allaying fears of a ‘big brother’ approach by public authorities, government needs to secure public confidence that the boundary between privacy and protecting the public is set correctly.”

Full access to communications records – such as itemised phone bills – will only be granted after judicial approval.

Senior members of each organisation will have to authorise access and there will be regular checks by the interceptions commissioner to ensure the system is not abused, said officials.

A second consultation document published by the Home Office today set out a proposed voluntary code to govern how long communications companies – such as phone companies, mobile networks and internet service providers – should keep data on calls, emails and web access.

Information about subscribers – including names, addresses, dates of birth, installation and billing addresses and payment records – should all be retained for a year, it said.

Phone companies should keep records for 12 months on date and time of calls, duration, numbers dialled, and – in the case of mobiles – the location of the user.

Other information, such as on text messages, should be kept for six months, as should records on email logons, plus sent and received email.

Web activity – such as the URL of web sites visited – should be kept for four days.

The paper stressed the importance of such data in the war on terror.

The director of civil rights group Liberty, John Wadham, said: “The original snooper’s charter proposals were appallingly excessive.

“We welcome much of the government plan to step back from them.

“But authorities accessing this data should need a warrant from a judge – that’s the only truly independent safeguard that can produce public confidence.

“It remains a little unclear why, for example, NHS trusts need access to this information – surely the health service should be concentrating all its resources on providing healthcare, with police investigating crime.”

The CBI today said the new government proposals went a long way to address industry concerns.

Jeremy Beale, head of e-business, said: “The Home Office is now showing a genuine commitment to engaging with industry concerns.

“This appears to be a more business-friendly approach to data protection that tries to avoid loading firms with excessive burdens.”

He added: “Business is quite happy to pay its share of the cost of preventing criminality but the price of compliance must be proportionate.

“The government must now work with business to find meaningful ways of cutting any unnecessary expense.”

Previous entries on related matters:

‘Location Data’ on the use of a mobile phone

Mobile Phone: Crime, Theft and ‘Location Data’ Guardian article

Mobile masts- part of the way ‘location data’ is administered