Metadata, Traffic Data, Communications Data, Service Use Information… What Is the Difference? Does the Difference Matter? An Interdisciplinary View from the UK

Abstract

In the wake of the Snowden revelations, it has become standard practice to rely upon the dichotomies metadata/data or metadata/content of communications to delineate the remit of the surveillance and investigation power of law enforcement agencies as well as the range of data retention obligations imposed upon telecommunications operators and in particular Internet service providers (ISPs). There is however no consensual definition of what metadata is and different routes can be taken to describe what metadata really covers. The key question is whether or to what extent metadata should be treated akin to content data for the purposes of identifying the categories of data which shall actually be retained by telecommunications operators and to which law enforcement agencies can have access. In an attempt to answer the question, this paper provides an understanding of what metadata is and what their diversity is by following two steps. First, adopting an interdisciplinary approach, we argue that three types of metadata should be distinguished in relation to the nature of the activity of the service provider processing them and their level in a network communications—network-level, application-level metadata, and service-use metadata—and we identify three types of criteria to classify these metadata and determine whether they should be deemed as akin to content data. Second, we compare these categories with legal concepts and in particular UK legal concepts to assess to what extent law-makers have managed to treat content data and metadata differently.