Retaining Data

April 6, 2009

ISPs are reported to be starting to retain data about their customers as of 6 April. Apparently that’s also the commencement date for a new EU-sponsored programme requiring bears to defecate in the woods.

Am I trivialising a serious issue? Possibly. But I am unable to get worked up about the fact that my ISP is retaining information as to what communications were made from which IP address, what the destination of that communication was, and its duration. I care about privacy, I abhor the abuses of data access rights that have been revealed but, though I have tried to care on this issue, it’s no good. I just can’t manage to really care about the new data retention regime.

The main root of my lack of concern is that I don’t actually believe that the ISPs retained no data until yesterday, although that is the impression given by some media reports. My ISP and my phone supplier are one and the same. I know that they retain information about me. They have a record of all the calls I make, to whom they were made and their duration. I know that they have this record because they send me a copy, annotated with details of their charges – it’s called a bill. Is it suggested that, when wearing their ISP hat, they adopt an entirely different ethos and send my data into the cyber furnace the moment it is created? They certainly seem to know quite a lot about patterns of use when I eventually battle my way through the numerous barriers and get through to customer support. And if they did not retain data for long periods, illegal file-sharers would be skipping their way to class and we would have to make {i}Norwich Pharmacal{/i} redundant. Moreover we all know that the true destruction of data is really difficult so I suspect that data has been available for long periods hitherto anyway – just harder to get to. Finally, but crucially, the fact that data is being retained for such a long period is a diversion – privacy is just as much about now and last week as it is about eight months ago.

The secondary root of my lack of concern may not reflect too well on me. I suspect that, even in the best run firms with the most organised lawyers, a fair amount of time is spent trying to work out what it was you were doing on day X. It may say in some electronic file that you spent half a day working for client Y on transaction Z but it was eight months ago. What exactly were you {i}doing{/i}? At the throbbing heart of Eastham Towers, similar situations arise with disturbing frequency. I have access to all sorts of records – e-mails, diaries and running notes, and a brain of sorts – but they do not always help. What was I doing eight months ago? Give me a break – on a busy day, it is often a struggle for me to work out what I was doing that morning. What hope is there for some civil servant months from now? What I really need is an amendment to the Directive that requires my ISP to tell {i}me{/i} what I was doing at any point during the last 12 months.