Executive summary
As terrorists and organised criminals take advantage of cyber space more and more to facilitate their real-world crimes, the data held by Communications Service Providers (CSPs) across Europe becomes increasingly valuable to those public authorities charged with detecting, investigating and prosecuting crimes.
Directive 2006/24/EC, issued by the European Parliament in 2006, requires mobile- and fixed-line CSPs to retain records of all telephone calls and Internet data – referred to as communications data – although not the content of those calls or websites, for up to 24 months. The Directive also requires CSPs to provide retained data in a timely manner to the Law Enforcement Authorities (LEAs) and other government emergencies while preserving its evidential integrity and complying with relevant data protection legislation. The Directive already has been, or will soon be, adopted into law across all European Union member countries.
However, the crime and security threats we face today are growing in sophistication and show an increasing tendency to come from internationally, or even globally, networked groups. This means that the tell-tale signs of criminal activities are becoming harder and harder to spot amidst the vast quantity of communications data from wholly law-abiding citizens. For a large CSP, their database may need to store tens of Terabytes of data for telephone call records alone. When Internet data is included, the storage requirement is forecast to increase exponentially given the anticipated growth in Internet Protocol (IP) traffic over the next few years.
In addition to securely storing such a considerable amount of data, CSPs will also need to respond quickly and confidentially to requests from LEAs and government agencies to access their data – potentially hundreds of such enquiries every day, with the most urgent ones needing to be satisfied in minutes. Although the required data records already exist in many CSP estates, they tend to be fragmented across a number of systems in the ‘switch-to-bill’ chain and the marketing domain; locating, correlating and extracting the appropriate data in response to a LEA request is both labour-intensive and time-consuming. Furthermore, at the end of the retention period, CSPs will need to ensure that the data is destroyed.
