Infosecurity notes that law enforcement and security experts will be able to request access to the information to help combat terrorism and cyber crime, but only with a court order.
As you might expect, the new legislation has sparked serious concerns from privacy groups, IT security firms and legal experts.
According to PGP Corporation, the veteran data encryption and IT security specialist, implementing the required data storage at UK ISPs
will cost millions of pounds and may even violate users' privacy.
Jamie Cowper, PGP's Director of Marketing for EMEA, says that, given the numerous data breaches of late, it is hardly surprising that
concern has been raised over these proposals.
"With public confidence about data security at an all time low, it is absolutely essential that ISPs take their obligations seriously," he says, adding that, if privacy violation is to be avoided, and the huge cost of this operation is to be justified, then the security of the public's data must be watertight.
Cowper claims that, whilst there are no prescribed methods to ensure compliance within this directive, at the very least it is essential
that proven technologies - such as encryption - are deployed.
This will, he explained, show both customers and industry regulators that the data the ISPs are entrusted with is continuously protected
and treated with the respect it deserves.
"After all, if the EU plans to roll out similar legislation to other sectors, they are going to have to demonstrate to the public that
every step is being taken to defend their data," he says.
If not, it is fair to say that we are just one data breach away from a major public backlash," he adds.
http://www.homeoffice.gov.uk/documents/ia-transposition-of-directive?view=Binary