Back in November 2008 a colleague of mine, Neil Watson (Head of Operations at Entanet International Ltd), published an article on Entanet’s opinion blog about the government’s proposed plans to centrally store records of all electronic communications throughout the UK. The Interception Modernisation Programme (IMP) will be the largest surveillance system ever created in the UK and calls for a ‘live tap’ to be placed on every electronic communication in Britain including telephone calls, emails and visited websites.

At the time he raised obvious concerns over the impact on privacy, the security of the data, the enormous cost involved and the feasibility of the project. His concerns were echoed by LINX, a major UK peering organisation who stated “We view the description of the government’s proposals as ‘maintaining’ the capability as disingenuous: the volume of data the government now proposes CSPs should collect and retain will be unprecedented, as is the overall level of intrusion into the privacy of the citizenry.”

Then in December 2009 it emerged all of the UK’s mobile operators had also announced their concerns over the project. Vodafone, Orange, 3 and T-Mobile all voiced their concerns in the form of submissions to the government’s consultation.

The mobile operators also questioned the IMP’s feasibility, accuracy of estimated costs, morality, legality and even its usefulness, questioning whether or not access to all communications records is even necessary for law enforcement and intelligence.

T-Mobile stated “We have not yet seen persuasive evidence of credible research into the extent to which these new communications technologies will actually be used for the purposes of serious and organised crime.”

After such widespread industry and public criticism it was expected that development of the IMP would slow down and that the project may even be placed on hold until after the election. However last month news emerged that the IMP was far from on hold. The government instead announced the establishment of the Communications Capabilities Directorate (CCD) which will provide a structure for the implementation of the IMP which is apparently continuing as planned.

As a communications provider Entanet has a number of obvious concerns regarding the IMP which are reportedly shared by many of our colleagues within the industry. The government expects providers such as Entanet to maintain massive databases of our customers’ online communications including social networking, emails, VoIP calls and browsing, basically anything our customers do online. Currently CPs are required to keep basic communication records for use by the authorities but this is a huge increase in the level of ‘snooping’. This raises a number of obvious privacy concerns and raises the question: Where do we draw the line between protecting our privacy and ensuring security?

A home office spokesperson states “The Directorate will continue to consider the challenges posed by new technologies, working closely with communications service providers and others to bring forward proposals that command public confidence and demonstrate an appropriate balance between privacy and security.”

However many critics would argue that we are a long way off a ‘balance’ between privacy and security with the proposed IMP. If anything the scales are swaying vigorously in favour of security at the expense of the public’s privacy.

Ignoring for a minute the huge privacy and ethical argument that this ignites, we also have concerns over the usefulness of the data in terms of fighting crime and even the feasibility of collection and storage. This will be the largest IT project ever undertaken by the UK and previous attempts leave us far from confident in its success, take the NPfIT in the healthcare sector for example.

We will be watching the progress of the IMP and the CCD very closely over the next few months.