Proposed law might make Wi-Fi users help cops
The bill is aimed at cracking down on Internet-based predators and child pornographers
IDG News Service - A proposed U.S. law would require Internet service providers to store information about every user of their services and keep that data for at least two years, in a bid to crack down on Internet-based predators and child pornographers.
The language of the law may even apply to owners of home Wi-Fi routers, according to a digital rights attorney.
U.S. Sen. John Cornyn and Rep. Lamar Smith, both Republicans from Texas, held a news conference on Thursday to announce separate bills in the Senate and House of Representatives, both called the Internet Safety Act. Along with sections stipulating stiffer penalties for activities related to accessing child pornography on the Internet, the law would require Internet and e-mail service providers to retain "all records or other information" about anyone using a network address temporarily assigned by the service.
The provision about retention would apply to any provider of "an electronic communication service or remote computing service," as well as someone who receives the content and recipient list of e-mail messages that it "transmits, receives or stores," according to the text of the Senate bill.
"While the Internet has generated many positive changes in the way we communicate and do business, its limitless nature offers anonymity that has opened the door to criminals looking to harm innocent children," Cornyn said in a statement.
Cornyn and Smith said the law would require ISPs to hold on to subscriber records similar to those retained by telecommunications carriers. But civil liberties advocates pointed out that those phone records are not retained for use in investigations.
"There absolutely is no data retention requirement for phone companies for the purposes of law enforcement," said Kevin Bankston, senior staff attorney at the Electronic Frontier Foundation.
Both carriers and ISPs already are required to preserve any information related to specific communications on their networks that are involved in a criminal investigation, he said. Preservation requests last just 90 days but can be renewed, giving prosecutors as much as six months to obtain a court order to seize the information as evidence, Bankston said.
The Internet Safety Act would amount to service providers storing personal information about their customers just in case they are later accused of crimes, said Leslie Harris, president of the Center for Democracy and Technology.
The law might impose a heavy burden on private citizens and enterprises with wireless networks, even those that are password-protected, Bankston said. It could mean Wi-Fi routers would need hard drives to store data on every user who gets on the network.
"It's incredibly overbroad, and it doesn't just reach the AT&Ts and Comcasts of the world; it reaches your corner coffee shop, and even you at home," he said. "The current definition of electronic communication providers certainly reaches people who run wireless routers."
Because the bills are being pushed by Republicans, without any co-sponsors from the Democratic Party, which controls the House and Senate as well as the White House, they are unlikely to make it very far. But Bankston said the Internet Safety Act won't be the last proposal of its kind.
"Data retention proposals are sort of like zombies, in that they're kind of easy to knock down, but they tend to come back," Bankston said.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts