[Infowarrior] - (Idiotic) Bill proposes ISPs, Wi-Fi keep logs for police

Richard Forno rforno at infowarrior.org
Sun Feb 22 17:50:25 UTC 2009 

So is every home wifi user going to be trained (at taxpayer expense)  
on how to set up logging on their wifi devices? Not to mention, most  
home-use wifi devices/access points don't have the storage capability  
to support such prolonged data retention.

IMHO this is more idiotic politicians blathering about something they  
know nothing about --- and again, wrap their delusions up in a kitzhy  
acroym designed to make it sound feel-good and effective --  The  
"Internet Safety Act" --- AKA,  the "Internet Stopping Adults  
Facilitating the Exploitation of Today's Youth Act"

Same stuff, different year.....  --rf


Bill proposes ISPs, Wi-Fi keep logs for police
by Declan McCullagh
http://news.cnet.com/8301-13578_3-10168114-38.html

Republican politicians on Thursday called for a sweeping new federal  
law that would require all Internet providers and operators of  
millions of Wi-Fi access points, even hotels, local coffee shops, and  
home users, to keep records about users for two years to aid police  
investigations.

The legislation, which echoes a measure proposed by one of their  
Democratic colleagues three years ago, would impose unprecedented data  
retention requirements on a broad swath of Internet access providers  
and is certain to draw fire from businesses and privacy advocates.

"While the Internet has generated many positive changes in the way we  
communicate and do business, its limitless nature offers anonymity  
that has opened the door to criminals looking to harm innocent  
children," U.S. Sen. John Cornyn, a Texas Republican, said at a press  
conference on Thursday. "Keeping our children safe requires  
cooperation on the local, state, federal, and family level."

Joining Cornyn was Texas Rep. Lamar Smith, the senior Republican on  
the House Judiciary Committee, and Texas Attorney General Greg Abbott,  
who said such a measure would let "law enforcement stay ahead of the  
criminals."

Two bills have been introduced so far--S.436 in the Senate and H.R. 
1076 in the House. Each of the companion bills is titled "Internet  
Stopping Adults Facilitating the Exploitation of Today's Youth Act,"  
or Internet Safety Act.

Each contains the same language: "A provider of an electronic  
communication service or remote computing service shall retain for a  
period of at least two years all records or other information  
pertaining to the identity of a user of a temporarily assigned network  
address the service assigns to that user."

Translated, the Internet Safety Act applies not just to AT&T, Comcast,  
Verizon, and so on--but also to the tens of millions of homes with Wi- 
Fi access points or wired routers that use the standard method of  
dynamically assigning temporary addresses. (That method is called  
Dynamic Host Configuration Protocol, or DHCP.)

"Everyone has to keep such information," says Albert Gidari, a partner  
at the Perkins Coie law firm in Seattle who specializes in this area  
of electronic privacy law.

The legal definition of electronic communication service is "any  
service which provides to users thereof the ability to send or receive  
wire or electronic communications." The U.S. Justice Department's  
position is that any service "that provides others with means of  
communicating electronically" qualifies.

That sweeps in not just public Wi-Fi access points, but password- 
protected ones too, and applies to individuals, small businesses,  
large corporations, libraries, schools, universities, and even  
government agencies. Voice over IP services may be covered too.

Under the Internet Safety Act, all of those would have to keep logs  
for at least two years. It "covers every employer that uses DHCP for  
its network," Gidari said. "It covers Aircell on airplanes--those  
little pico cells will have to store a lot of data for those in-the- 
air Internet users."

In the Bush administration, Attorney General Alberto Gonzales had  
called for a very similar proposal, saying that subscriber information  
and network data should be logged for two years.

Until Gonzales' remarks in 2006, the Bush administration had generally  
opposed laws requiring data retention, saying it had "serious  
reservations" about them. But after the European Parliament approved  
such a requirement for Internet, telephone and VoIP providers, top  
administration officials began talking about the practice more  
favorably.

After Gonzales left the Justice Department, the political will for  
data retention legislation seemed to ebb for a time, but then FBI  
Director Robert Mueller resumed lobbying efforts last spring.

This tends to be a bipartisan sentiment: Attorney General Eric Holder,  
a Democrat, said in 1999 that "certain data must be retained by ISPs  
for reasonable periods of time so that it can be accessible to law  
enforcement." Rep. John Conyers, the Democratic chairman of the House  
Judiciary Committee, said that FBI proposals for data retention  
legislation "would be most welcome."

Smith, who sponsored the House version of the Internet Safety Act, had  
previously introduced a one-year requirement as part of a law-and- 
order agenda in 2007.

A 1996 federal law called the Electronic Communication Transactional  
Records Act regulates data preservation. It requires Internet  
providers to retain any "record" in their possession for 90 days "upon  
the request of a governmental entity."

Because Internet addresses remain a relatively scarce commodity, ISPs  
tend to allocate them to customers from a pool based on whether a  
computer is in use at the time. (Two standard techniques used are the  
Dynamic Host Configuration Protocol and Point-to-Point Protocol over  
Ethernet.)

In addition, Internet providers are required by another federal law to  
report child pornography sightings to the National Center for Missing  
and Exploited Children, which is in turn charged with forwarding that  
report to the appropriate police agency.

The Internet Safety Act is broader than just data retention. Other  
portions add criminal penalties to other child pornography-related  
offenses, increase penalties for sexual exploitation of minors, and  
give the FBI an extra $30 million for the "Innocent Images National  
Initiative."

More information about the Infowarrior mailing list