The Guardian, 15 October 2008
Security services want personal data from sites like Facebook
Ministers say terrorists and other criminals are using free websites as a way of concealing their communications
The government is drawing up plans to give the police and security and intelligence agencies new powers to access personal data held by internet services, including social network sites such as Facebook and Bebo and gaming networks.
The move, heralded in this morning’s speech on international terrorism by Jacqui Smith, the home secretary, is prompted by concern that criminals and terrorists are using websites as a way of concealing their communications, according to Whitehall security sources.
At present, security and intelligence agencies can demand to see telephone and email traffic from traditional communications services providers (CSPs), which store the personal data for business purposes such as billing.
The rapid expansion of new CSPs – such as gaming, social networking, auction and video sites – and technologies such as wireless internet and broadband present a serious problem for the police, MI5, customs and other government agencies, the security sources say.
Sites such as Bebo and Facebook provide their services free, relying mainly on advertising for income. They do not hold records of their customers, many of whom in any case use pseudonyms.
"Criminals could use a chat facility – they are not actually playing the game but we can’t actually get hold of the data," said one official.
"Criminal terrorists are exploiting free social networking sites," said another Whitehall security official, who added that the problem was compounded by the increasing use of data rather than voice in communications.
"People have many accounts and sign up as Mickey Mouse and no one knows who they are," he said. "We have to do something. We need to collect data CSPs do not hold."
Whitehall officials say that with the help of GCHQ – the electronic eavesdropping centre with a huge information storage capacity – the government is looking at different options that will be put out for consultation. They declined today to spell out the options but said that whatever is decided will need new legislation.
Despite this reticence, it is clear that the government wants to be able to demand that the new generation of CSPs collect data from their customers so the security services can access them.
The response from the networks is likely to be hostile, not least because of the potential costs involved.
If the government, as expected, offers to pay for any new data access scheme, it is likely to cost taxpayers billions of pounds.
The plan will need international cooperation since many of the new CSPs are based abroad, notably in the US.
Government officials insist that what they call the interception modernisation programme, or IMP, is important since access to communications data is a crucial tool in combating crime such as paedophilia, kidnapping and drug trafficking.
They say the planned new legislation would apply only to communications data – such addresses and names – but not to the actual contents of the communications. Intercepting the contents would still need ministerial warrants. Access to communications data would be available, as now, to senior police, local council officers and other public bodies.
Clearly concerned about a public backlash against the plan, officials stress that the government is not building up a single central database containing personal information of everyone in the country.