Q630 Baroness Cohen of Pimlico: We are wondering what the implications would be of requiring a British-based CSP to store some of your data that go across it. Are you suggesting that your reaction would at the very least be to encrypt to protect your customers?

Colin Crowell: I do not know how we would ultimately decide to deal with a situation like that. We may have duties in other jurisdictions to protect data that may reflect on how we provide our service. The other aspect, which Mr Milner alluded to, is that our users also have the ability to encrypt. So even if Twitter were not to do so, a user could encrypt on their own.

Q631 The Chairman: We assume that the order is given to the Vodafones, the BTs and the Everything Everywheres of this world to say that the data of yours that they intercept or that pass through their network have to be stored in the UK. Would you have a view on that? Would you want to see that in the Bill, or would you have concerns about how data from your network might be stored by a United Kingdom telecoms provider, shall we say, on their farm in India or outside the UK?

Simon Milner: From our point of view, that is a far lesser consideration than the fundamental issue of their being asked to store it at all. The location where they store it is less important than that.

Q632 The Chairman: So storing it in London is just as bad as storing it in Mumbai?

Simon Milner: Absolutely.

Stephen Collins: Before we consider that question, another question to ask is: how can we guarantee that the CSP has identified the right packets to be stored? Multiple providers, Skype included, use obfuscation techniques precisely to avoid being detected by deep packet inspection equipment. My question is a technical one: how would they guarantee that they would be storing the correct data under the order?