UK government agencies seize millions of phone records per year

Press release
mobile phone

A conference held today at the London School of Economics will hear new statistics showing that UK law enforcement and investigation agencies are demanding an unprecedented quantity of customer records from communications providers.

Privacy International has compiled figures based on estimates supplied by the Home Office, Ministerial statements, legal experts, the communications industry and the All Party Internet Group of MPs. The figures being released today indicate that police and other investigative agencies are now making around a million requests a year for telephone billing data, email logs, personal details of customers and records showing the location where mobile phone calls were made. These requests involve an estimated 100 million individual phone calls, subscriber data on nearly a million consumers, and the acquisition of an unknown number of email and Internet logs.

This mass of seized information comprises perhaps a billion individual items of data, ranging from credit card numbers to dialled numbers. Combined, this extraordinary array of data creates a comprehensive dossier on the contacts, friendships, interests, transactions, movements and personal information on almost everyone in the UK. A single customer file can involve thousands of items. BT stores records for up to seven years and these are sent automatically on request to government agencies without the need for human intervention. Mobile phone providers - O2 in particular - are able to provide authorities with information on their customers' geographic movements (while using their phone) going back months and sometimes years.

This "communications data" can include all the calls you have made and that you received, who you are in contact with, the geographic location of your mobile calls, the emails you have sent and which you received, the websites you have visited, the television programmes you have watched, personal financial data and other personal information.

The figures will be released this afternoon at the 'Scrambling for Safety' conference at the LSE. The event is the latest in a series of public meetings organised since 1997 in response to various government consultations on security and law enforcement proposals. Today's meeting involves the Home Office, the communications industry and the European Commission, and will address two current consultations relating to the retention of and access to communications data such as that mentioned above.

Privacy International's Director, Simon Davies, said the estimates were "very much on the low side" and did not include access to email or Internet activity, or investigations by security organisations such as GCHQ. "We literally halved the Home Office estimate before commencing the extrapolation, just to be on the safe side" he said.

This activity has occurred for years without legal authority and in defiance of the Data Protection Act.  The Home Office attempted in 2002 to authorise under the Regulation of Investigatory Powers Act 2000 an even more extensive list of public authorities to access this communications data, but following a public outcry was forced to temporarily withdraw the proposal. This unprecedented access would have been available - as indeed it is currently - without any judicial oversight. The Home Office is now consulting over these issues before taking further action, but its two consultation documents it has published indicate that the current surveillance regime is likely to become universal.

Privacy International believes that the privacy rights of customers should have been respected both by government and by the companies. "We see the current arrangement as a collusion of interests that will ultimately expose the most intimate details of people's lives", said Mr Davies.

Privacy International will also today launch a campaign to help UK consumers retrieve the information that is held about them. "We hope that in so doing, all of us will learn a great deal more about this covert activity. It is also likely that the exercise of our data protection rights will send a clear signal to communications providers and to government that people have a high regard for their right to privacy" added Mr Davies.