In a move that even the most nonchalant of privacy advocates is crying foul over, the UK has put into effect a European Union directive which mandates the archival of information regarding virtually all internet traffic for the next 12 months. The program formally goes into effect today.
The data retention rules require the archival of all email traffic (the identities of the sender and receiver, but not the contents of the messages), records of VOIP telephone calls (traditional phone calls are already monitored), and information about every website visited by any computer user in the country. The rules are being pushed down "across the board to even the smallest company," as every ISP large or small will be required to collect and store the data. That data will then be accessible -- to fight "crime and terrorism," of course -- by "hundreds of public bodies" to investigate whatever crimes they see fit.
Technically the new directive applies to all countries of the EU, but individual nations appear to be complying with the rules to various degrees. Privacy-obsessed Sweden is reportedly ignoring the rule completely, for example.
The privacy implications of the rule are enormous, as everything UK citizens do online will now be under the watchful eye of EU's powerful Home Office. One privacy advocate, whose anger is clearly barely being held back, called it "the kind of technology that the Stasi would have dreamed of." Naturally, the government counters that this kind of information has already proven invaluable in tracking down criminals, including the killer of an 11-year-old boy a couple of years ago.
Privacy concerns aside, another issue becomes one of how exactly to manage all this data. A report dating back to 2004 estimated that a single, large ISP in the UK would need up to 40 million gigabytes of storage capacity to store the traffic data from a year of user activity. Even in 2009, that kind of storage doesn't come cheap, nor does the challenge of managing it all come easy.