Friday, February 20, 2009

Bill proposes ISPs, Wi-Fi keep logs for police

It's WAY too late in the day - and week - to come across an article like this! I don't know if its just me, but this goes way over the line in my mind. So, just to be safe, you may want to sit down and strap yourself in for this one.

Yesterday, a group of Republican lawmakers called for "a sweeping new federal law that would require all Internet providers and operators of millions of Wi-Fi access points, even hotels, local coffee shops, and home users, to keep records about users for two years to aid police investigations."

I'm going to refrain from my usual privacy defending and Constitution hailing rants today. Let's just go to the article in CNET.

Declan McCullagh, CNET News' chief political correspondent reports:

The legislation...would impose unprecedented data retention requirements on a broad swath of Internet access providers and is certain to draw fire from businesses and privacy advocates.

...

Two bills have been introduced so far--S.436 in the Senate and H.R.1076 in the House. Each of the companion bills is titled "Internet Stopping Adults Facilitating the Exploitation of Today's Youth Act," or Internet Safety Act.

Each contains the same language: "A provider of an electronic communication service or remote computing service shall retain for a period of at least two years all records or other information pertaining to the identity of a user of a temporarily assigned network address the service assigns to that user."

Translated, the Internet Safety Act applies not just to AT&T, Comcast, Verizon, and so on--but also to the tens of millions of homes with Wi-Fi access points or wired routers that use the standard method of dynamically assigning temporary addresses. (That method is called Dynamic Host Configuration Protocol, or DHCP.)

...

The legal definition of electronic communication service is "any service which provides to users thereof the ability to send or receive wire or electronic communications." The U.S. Justice Department's position is that any service "that provides others with means of communicating electronically" qualifies.

That sweeps in not just public Wi-Fi access points, but password-protected ones too, and applies to individuals, small businesses, large corporations, libraries, schools, universities, and even government agencies. Voice over IP services may be covered too.

Under the Internet Safety Act, all of those would have to keep logs for at least two years. It "covers every employer that uses DHCP for its network," Gidari said. "It covers Aircell on airplanes--those little pi co cells will have to store a lot of data for those in-the-air Internet users."

I'm a little startled by these bills, and feel the need to do some more research and snooping around before I comment too much. I'll be back with more on this issue...and certainly will follow the progress of these two proposals...they reek of Big Brother to me...

Click here to read more.

No comments: