House Advances Internet Surveillance BillAugust 4, 2011 - by Donny Shaw
Under the title the “Protecting Children from Internet Pornographers Act”, Congress is advancing legislation that would make it easier for law enforcement to access information about the online activities of all Americans, regardless of whether or not they are suspected of having committed a crime.
By a 19-10 vote, the bipartisan bill was approved by the House Judiciary Committee on July 27th, as the media frenzy around the debt ceiling debate was consuming virtually all the attention being paid to Capitol Hill. It will now move to the full House floor for a vote on passage. Unless perceptions of the bill shift dramatically, it is expected to pass and move to the Senate.
At the heart of the bill is a requirement that all commercial internet service providers to retain information about all people who use their service in case they are ever asked to hand it over to the authorities:
‘(h) Retention of Certain Records- A commercial provider of an electronic communication service shall retain for a period of at least one year a log of the temporarily assigned network addresses the provider assigns to a subscriber or customer of such service that enables the identification of the corresponding customer or subscriber information under subsection ( c)(2) of this section.
As Rep. Zoe Lofgren [D, CA] noted during the markup, that language is not limited to just IP addresses. “That last phrase, Subsection ©(2), is a reference to 18 U.S. Code 2703( c)(2), which says, ‘A provider of electronic communication service or remote computing service shall disclose to a Government entity the name, address, local and long distance telephone connection records, or records of session times and durations, lengths of service, telephone or instrument number, means and source of payment for such service, including any credit card or bank account number.’” An amendment to limit the data that ISPs would have to collect under the bill to IP addresses only was rejected by a 7-16 vote.
Here’s the Electronic Frontier Foundation:
Mandatory data retention would force your Internet Service Provider to create vast and expensive new databases of sensitive information about you. That information would then be available to the government, in secret and without any court oversight, based on weak and outdated electronic privacy laws.
That same data could become available to civil litigants in private lawsuits—whether it’s the RIAA trying to identify downloaders, a company trying to uncover and retaliate against an anonymous critic, or a divorce lawyer looking for dirty laundry. These databases would also be a new and valuable target for black hat hackers, be they criminals trying to steal identities or foreign governments trying to unmask anonymous dissidents.
Under the bill, businesses required to retain data would be given complete liability relief in the case of data leaks. That could mean that less effort would be made to secure people’s personal information, making it easier for hackers to break in and steal it. Furthermore, during the markup, Judiciary Committee Chairman, and bill sponsor, Rep. Lamar Smith [R, TX], pretty much admitted that the bill would be used more broadly than its title suggests. The data retention by ISPs would be used to “assist State and Federal law enforcement officials with child pornography and other Internet investigations.”
Rep. John Conyers [D, MI], the top ranking Democrat on the Judiciary Committee, believes the bill is a sneak attempt at making it easier for the government to monitor citizens. “The bill is mislabeled,” he said. “This is not protecting children from Internet pornography. It’s creating a database for everybody in this country for a lot of other purposes.”
Along those lines, take a look at the amendment below. It was rejected, of course.