The United Kingdom's Home Office has ordered providers to retain records of all e-mail sent and received in the country for at least 12 months, beginning March 15. The government said it aims to increase national security and help prevent terrorism by requiring ISPs to capture and store the information. New European Commission rules will allow public agencies to access ISP data if they make a legal request.
The plan, which could cost the country's government $34 million, has drawn fire from ISPs and privacy advocates. Aside from being an invasion of privacy, the mandate can't guarantee the records would be protected from data breaches, critics said. They also point out that such a database could actually increase risks of criminal activity by placing an extraordinary amount of personal information in one place.
The requirement applies to e-mail sent by foreigners to U.K. citizens, but it doesn't cover the actual content of the e-mail.
The Information Commissioner's Office, which aims to protect privacy, issued the following statement opposing the plan:
"It is likely that such a scheme would be a step too far for the British way of life. Creating huge databases containing personal information is never a risk-free option, as it is not possible to fully eliminate the danger that the data will fall into the wrong hands. It is therefore of paramount importance that proposals threatening such intrusion into our lives are fully debated."