Sept. 11 attacks prompt changes in other nations

Civil liberties groups accused them of using the fight against terrorism as an excuse to increase police powers.

E.U. legislation was slow to follow but, from September 2007, telecom carriers and ISPs (Internet service providers) must keep data on all mobile and fixed-line calls for between six months and two years. From March 2009, they must keep data on VOIP (voice over Internet Protocol) calls, Internet connections and e-mail messages. Law enforcement officials will be able to demand the date and time of calls and messages, but not their content, and identifying information of the calling or sending and receiving parties.

In India, the Sept. 11 attacks were not a watershed event because the country experienced frequent attacks by Kashmiri separatist groups demanding independence.

Even before Sept. 11, some of the large Indian IT services companies had hardened data centers supporting their offshore businesses, said T. R. Madan Mohan, an analyst at Frost & Sullivan Inc. After Web sites of a ministry of the Indian government and an Indian atomic energy agency were hacked, and anti-India messages posted on these sites, Indian businesses showed increased concern about the need for intrusion detection and related security measures, he added.

Infosys Technologies Ltd., India’s second largest outsourcer, already had disaster recovery and business continuity plans in place before Sept. 11, said a spokeswoman for the company in Bangalore.

However, those attacks brought the threat of terrorism into sharp focus for India’s export-oriented industries, such as software outsourcing, because U.S. and European customers began worrying about the preparedness of their Indian suppliers for terrorist attacks.

(Reported and written by John Blau in Dusseldorf, Germany; Peter Sayer in Paris; Jeremy Kirk in London; and John Ribeiro in Bangalore, India, and assembled by Grant Gross in Washington, D.C.)