Clarke: 'There'll be no U-turn on data retention'

Home Secretary Charles Clarke has acknowledged the fears of ISPs over new data retention legislation and called for a continuing dialogue between government and industry to "understand the business point of view". But he continues to resist calls to help the industry shoulder the increasing costs of compliance with the new law.

The data retention directive that the UK, Ireland and Sweden pushed into EU law last month means telecommunications companies and ISPs will have to save information about customers' phone calls and electronic communications for up to two years.

The scope of data to be retained has been expanded to include the geographical location of parties sending and receiving communications, which ISPs say has greatly increased the burden on them.

Speaking at the Internet Service Providers Association annual parliamentary advisory forum in Westminster on Tuesday night, the Home Secretary said he recognised ISP's concerns that their economic competitiveness would be affected by having to store data, and that the need for compliance would affect technological development.

He said: "ISPs are working in a highly competitive marketplace and are rightly concerned with this legislation. They have two concerns: economic constraints on competitiveness, and constraints in developing technology [caused by this directive].

"We want to work with industry closely to carry forward this legislation. We look forward to working with you and need dialogue to understand the business point of view."

Clarke said the government was not prepared to backtrack on the legislation, as it was needed to combat serious crime. "This is the massive imperative we face: if we try to fight terror or serious organised crime, we are dealing with criminals who have sophisticated and up-to-date technology to achieve their aims. We combat this by collecting intelligence. The bottom line is, we must try and use information to contest crime. We're not prepared to drop that."

ISPs are concerned about the costs of both retention and retrieval, particularly because there is no codified model for paying them.

Emeric Miszti of Tiscali said: "There is a concern that the directive makes no provision for reimbursement to ISPs for extended data retention. Data retention is not simply about disk drives. The development, management, and security costings must be taken into account."

Currently, ISPs negotiate individually with the government for data retention costs. Simon Watkin, a Home Office official working with the covert investigation policy team and the crime reduction and community safety group, said that no model for payment was needed.

He said: "At the moment our discussions are bespoke to providers. We want to carry on what we've been doing, covering the costs of our volunteers. Costs are different for different people, and at the moment some of the big people cover costs themselves."

The Home Office also recognised the development of technology may affect the legislation, and that the legislation may affect the development of technology.

Clarke said: "Our toughest problem is future-proofing, as there will be a massive change in technology. We request that all engage with us."

Richard Allan, head of government affairs at Cisco and former Liberal Democrat MP, asked the Home Secretary for an assurance that businesses which don't already retain data won't have to in the future.

Clarke said: "I can't give an absolute commitment to that because it is unclear to what extent, how, and when systems will be extended. Businesses may have to configure new systems to conform to the directive."

Tom Espiner writes for ZDNet UK