The much heralded Data Retention regulations were published today. The Act is due to become law on 6th April and has caused consternation amongst privacy rights activists and initially amongst the Communication Provider Community.
The specifics are
4 —(1) It is the duty of a public communications provider to retain the communications data specified in the following provisions of the Schedule to these Regulations—
(a) Part 1 (fixed network telephony);
(b) Part 2 (mobile telephony);
(c) Part 3 (internet access, internet email or internet telephony).
Part 3 was the bit causing the fuss – the storage of email and web browsing habits. The CP community has somewhat calmed down since because further down in the spiel it says:
10-(1) These Regulations do not apply to a public communications provider unless the provider is given a notice in writing by the Secretary of State in accordance with this regulation.
The Government had previously said that it would only make the largest CPs comply and here they have essentially put it in writing.
11. —(1) The Secretary of State may reimburse any expenses incurred by a public communications provider in complying with the provisions of these Regulations.
So all in all, the privacy issues aside, it seems to have been a storm in a teacup for an industry that was worried about all the additional overhead that would be incurred in complying with the Act.
The full text can be seen here.