Monday, June 17, 2002		Article

MILLIONS of personal e-mails, other Internet information and telephone records are to be made accessible to the police and intelligence services in a move that has been denounced by critics as one of the most wide-ranging extensions of state power over private information.

Plans being drawn up by Europol, the police and intelligence arm of the European Union, propose that telephone and Internet firms retain millions of pieces of data - including what is said in the Internet chat rooms, on mobile phones and in text messages.

In a move that has been condemned by privacy campaigners, a draft document passed to The Observer newspaper in London reveals that the EU is now drawing up a 'common code' on data retention that will be applicable in all member states.

Security and police sources said new powers on accessing personal data will come into force in Britain towards the end of the year.

'It is typical that such a significant change in the control over private information is being worked out in secret,' said Dr Ian Brown, a leading expert on data privacy and director of the Foundation for Information Policy Research.

'It does seem to have been Britain that has put pressure on other member states to put in place this type of legislation. In 99 per cent of cases it will be used properly, but what about the other 1 per cent? There is not enough scrutiny of what is going on.'

The Europol document was drawn up at a private meeting of police, intelligence services and customs and excise officials from across the Europe in The Hague last April. It lists 10 areas where companies will be required to keep information to help fight international terrorism, domestic crime and drug running.

Companies that run Internet sites will be required to retain passwords used by individuals, record which Website addresses are visited, and keep details of Web pages looked at and any credit card or bank details used for subscriptions.

The information retained about emails will include who sent the message, where the email went, its contents and time and date it was sent. It is believed that Britain will push for the data to be kept for up to five years. At the moment much of it is only kept for one or two months, for billing purposes, by the companies that run the Internet and e-mail services.

Sources at the National Hi-tech Crime Unit, which is overseeing implementation of plans for data retention in Britain, point out that the growth of so-called 'cyber crime' means they need new powers to keep ahead of the criminals.

One official also said that investigations into crimes such as the murders carried out by the British doctor Harold Shipman, relied on the retention of old telephone records.

'We need to codify how this happens, so all countries in Europe are dealing with the same set of rules,' the source said. 'The Internet does not recognise national boundaries and international companies don't need the confusion of dealing with separate codes in different countries.' The Europol document says the use of telephones - on landlines and mobiles - will be strictly monitored. Numbers dialled, when and where they were dialled from and personal details such as the address, date of birth and bank details of the subscriber who paid for the call will also be kept.

The document, headed 'Expert Meeting on Cyber Crime: Data Retention', suggests mobile phones records could be used by police and intelligence services to track the geographical location of people making calls.

Mobiles use a network of masts to convey the calls, placing the user in geographically distinct 'cell' at the time of the call. Records using such geographical locations were used to acquit the teenagers' accused of murdering Damilola Taylor.

The UK Association of Chief Police Officers is also drawing up a manual of standards so that police forces across the country use similar methods when accessing the data. — ONS