[Infowarrior] - U.S. Wants Companies to Keep Web Usage Records

[Richard Forno]

June 2, 2006
U.S. Wants Companies to Keep Web Usage Records
By SAUL HANSELL and ERIC LICHTBLAU
http://www.nytimes.com/2006/06/02/washington/02records.html?pagewanted=print

The Justice Department is asking Internet companies to keep records on the
Web-surfing activities of their customers to aid law enforcement, and may
propose legislation to force them to do so.

The director of the Federal Bureau of Investigation, Robert S. Mueller III,
and Attorney General Alberto R. Gonzales held a meeting in Washington last
Friday where they offered a general proposal on record-keeping to a group of
senior executives from Internet companies, said Brian Roehrkasse, a
spokesman for the department. The meeting included representatives from
America Online, Microsoft, Google, Verizon and Comcast.

The attorney general has appointed a task force of department officials to
explore the issue, and that group is holding another meeting with a broader
group of Internet executives today, Mr. Roehrkasse said. The department also
met yesterday with a group of privacy experts.

The Justice Department is not asking the Internet companies to give it data
about users, but rather to retain information that could be subpoenaed
through existing laws and procedures, Mr. Roehrkasse said.

While initial proposals were vague, executives from companies that attended
the meeting said they gathered that the department was interested in records
that would allow them to identify which individuals visited certain Web
sites and possibly conducted searches using certain terms.

It also wants the Internet companies to retain records about whom their
users exchange e-mail with, but not the contents of e-mail messages, the
executives said. The executives spoke on the condition that they not be
identified because they did not want to offend the Justice Department.

The proposal and the initial meeting were first reported by USA Today and
CNet News.com.

The department proposed that the records be retained for as long as two
years. Most Internet companies discard such records after a few weeks or
months.In its current proposal, the department appears to be trying to
determine whether Internet companies will voluntarily agree to keep certain
information or if it will need to seek legislation to require them to do so.

The request comes as the government has been trying to extend its power to
review electronic communications in several ways. The New York Times
reported in December that the National Security Agency had gained access to
phone and e-mail traffic with the cooperation of telecommunications
companies, and USA Today reported last month that the agency had collected
telephone calling records. The Justice Department has subpoenaed information
on Internet search patterns ‹ but not the searches of individuals ‹ as it
tries to defend a law meant to protect children from pornography.

In a speech in April, Mr. Gonzales said that investigations into child
pornography had been hampered because Internet companies had not always kept
records that would help prosecutors identify people who traded in illegal
images.

"The investigation and prosecution of child predators depends critically on
the availability of evidence that is often in the hands of Internet service
providers," Mr. Gonzales said in remarks at the National Center for Missing
and Exploited Children in Alexandria, Va. "This evidence will be available
for us to use only if the providers retain the records for a reasonable
amount of time," he said.

An executive of one Internet provider that was represented at the first
meeting said Mr. Gonzales began the discussion by showing slides of child
pornography from the Internet. But later, one participant asked Mr. Mueller
why he was interested in the Internet records. The executive said Mr.
Mueller's reply was, "We want this for terrorism."

At the meeting with privacy experts yesterday, Justice Department officials
focused on wanting to retain the records for use in child pornography and
terrorism investigations. But they also talked of their value in
investigating other crimes like intellectual property theft and fraud, said
Marc Rotenberg, executive director of the Electronic Privacy Information
Center in Washington, who attended the session.

"It was clear that they would go beyond kiddie porn and terrorism and use it
for general law enforcement," Mr. Rotenberg said.

Kate Dean, the executive director of the United States Internet Service
Provider Association, a trade group, said: "When they said they were talking
about child pornography, we spent a lot of time developing proposals for
what could be done. Now they are talking about a whole different ball of
wax."

At the meeting with privacy groups, officials sought to assuage concerns
that the retention of the records could compromise the privacy of Americans.
But Mr. Rotenberg said he left with lingering concerns.

"This is a sharp departure from current practice," he said. "Data retention
is an open-ended obligation to retain all information on all customers for
all purposes, and from a traditional Fourth Amendment perspective, that
really turns things upside down."

Executives of several Internet companies that participated in the first
meeting said the department's initial proposals seemed expensive and
unwieldy.

At the meeting scheduled for today with executives of Internet access
companies, Justice Department officials plan to go into more detail about
what types of records they would like to see retained and for how long, said
a Justice Department official who spoke on condition of anonymity. "It will
be much more nuts-and-bolts discussions," he said, adding that the
department would stop short of offering formal proposals.