The provider of the public network (is the service provider) is responsible. There is no 'onus' as that implies it can be negotiated who does what. In your case NTL *have* to do it unless they have a legal directive otherwise. If that is the response you get then you would need to get it checked out by your LA legal team.
So, ISPs will be forced to hold on to our data for a year, with or without our consent.
Meanwhile websites will have to get express consent before doing something as simple as dropping an identity cookie onto your computer.
Please kill this cookie monster to save Europe's websites | OUT-LAW.COM
Do the people who make these laws actually bother speaking to each other at all, or do they just roll dice to decide which way to go?