Hawaii legislators bid aloha to controversial data retention bill
Proposal would have required ISPs to store 'Net browsing data for two years
Computerworld - Lawmakers in Hawaii on Thursday quietly dropped a bill that would have required Internet service providers to collect the detailed browsing histories of Internet users in the state and store the data for at least two years.
The bill, HB 2288, would have required anyone providing access to the Internet in Hawaii to maintain "consumer records" of every Internet user's subscriber information and data such as the IP addresses, domain names and host names of the sites they visit.
In theory at least, the bill would have covered not only ISPs but also libraries, coffee shops and employers, the Electronic Frontier Foundation noted in a blog post Thursday.
"This is one of the most poorly drafted pieces of data retention legislation we've ever seen," the EFF's activism director Rainey Reitman wrote in the blog.
If passed, HB 2288 would have infringed "on the privacy of hundreds of thousands of Hawaiian citizens as well as any tourists who used Internet services while visiting the Aloha State," Reitman said.
The bill was scheduled to be heard on Thursday before the Hawaii State Legislature's House Committee on Economic Revitalization & Business (ERB). It was instead tabled, in what appears to have been a response to overwhelming opposition to the bill from many quarters.
One of those opposing the bill was the U.S. Internet Service Provider Association, which earlier this week sent a letter to the committee's chairman. The bill was overbroad, raised a "myriad privacy concerns," and would be hugely expensive to comply with, wrote the ISP association's Executive Director Kate Dean.
"We do not have a cost estimate in dollars to propose to the Committee due to the sheer breadth of the legislation," Dean wrote. But the potential cost implications for ISPs would be substantial, she said.
In similar testimony, Steve DelBianco, executive director of the NetChoice Coalition, a group of privacy and consumer groups, said the bill raised serious privacy concerns.
"This bill would enable government to find out where a Hawaiian is located every time they check their email, go online with a smartphone, or pay to access the Internet in a hotel room or airport," DelBianco wrote. "Forcing companies to store this for government use opposes the goals of the 4th and 5th Amendments to the Constitution," which protect against unreasonable searches, DelBianco wrote.
Others who wrote in to oppose the measure included the Center for Democracy and Technology, Hawaiian Telecom, T-Mobile and the Hawaii State Privacy and Security Coalition.
"This Hawaiian bill is an incredibly odd piece of legislation that doesn't list penalties, outline when data could be shared, or even touch on secure handling procedures," the EFF's Reitman told Computerworld on Friday. "This is part of a growing movement we're seeing in countries across the globe to mandate Internet companies to spy on users and keep the records just in case it might be useful to law enforcement later," she said.
A national data retention proposal (HR 1981) is making its way through the U.S. House of Representatives, she said. "Governments and other stakeholders are attempting to force the Internet companies which allow us to connect and communicate online to become mechanisms for spying and censorship."
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Privacy in Computerworld's Privacy Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Topic Center White Papers | Webcasts