ISPs escape crippling costs of anti-terrorism law

ISPs and telcos could avoid bearing the brunt of the costs associated with the latest anti-terrorism legislation following high-level government meetings this week.

A team of senior civil servants met with industry officials on Wednesday to try to allay ISPs' concerns over the government's proposed cyber-terrorism legislation.

Home Office proposals to allow terrorist activity to be tracked on email, phone and the web have alarmed service providers and users.

With rumours circulating that the anti-terrorism Bill will include a requirement for all communications data to be stored for 12 months, a joint meeting held by officials from the DTI and Home Office insisted the scheme would remain optional.

A spokesman for the DTI told silicon.com: "This is a voluntary code of practice. We don't intend imposing a mandatory requirement on service providers."

The code of practice is still unformed, but it will include details of the types of data which should be retained, how long it should be held and what kind of access can be obtained by law enforcement authorities.

Despite assurances, most industry representatives remain unconvinced by the proposals.

The biggest worry for service providers is that unlike the Regulation of Investigatory Powers Act (RIPA), which gave authorities the power to demand data on named individuals, the new terrorism Bill will require the blanket retention of communications data on every user for up to 12 months.

Roland Perry, director of public policy at the London Internet Exchange, said government officials at the meeting were keen to stress that the changes wouldn't dramatically affect ISPs and telcos.

"They don't want companies to have to put in place new architectural processes," he said.

The cost of storing the data is likely to be dwarfed by the expense of drawing out relevant information from the morass. Although compensation was mentioned during the meeting, government officials refused to be drawn.

The CBI still has a number of concerns, including whether service providers will really be given the option not to comply with the code.

"We welcome the voluntary code of practice," a spokesman said. "But in reality what sort of pressures will be applied to make sure the industry complies?

"The industry wants to help in the fight against terrorism, but we're not entirely convinced this is going to provide a significant contribution."

More industry meetings are planned over the next month as the Home Office draws up the anti-terrorism Bill.