Forgot your password?
typodupeerror
Privacy The Internet

ISP Tracking Legislation Hits the House 332

Posted by ScuttleMonkey
from the someone-is-always-watching-in-your-hotel dept.
cnet-declan writes "CNET News.com reports that Republicans in the U.S. House of Representatives announced yesterday legislation to force ISPs to keep track of what their users are doing. It's part of the Republicans 'law and order agenda,' with other components devoted to the death penalty, gangs, and terrorists. Attorney General Gonzales would be permitted to force Internet providers to keep logs of Web browsing, instant message exchanges, and e-mail conversations indefinitely. The draft bill is available online, and it also includes mandatory Web labeling for sexually explicit pages. The idea enjoys bipartisan support: a Colorado Democrat has been the most ardent supporter in the entire Congress."
This discussion has been archived. No new comments can be posted.

ISP Tracking Legislation Hits the House

Comments Filter:
  • Good luck (Score:5, Insightful)

    by ivan256 (17499) on Wednesday February 07, 2007 @05:17PM (#17925902)
    They may as well legislate that gravity be lessened to solve the obesity problem. It's just as feasible from a technical sense.
    • Re:Good luck (Score:5, Insightful)

      by doublem (118724) on Wednesday February 07, 2007 @05:22PM (#17925980) Homepage Journal
      Shhhhhh!

      Don't give them ideas.

      the problem is, they don't realize the massive hardware costs that would be involved.

      What's more if they did understand the expense and barriers of such a plan, they wouldn't care.
      • Re:Good luck (Score:5, Insightful)

        by ivan256 (17499) on Wednesday February 07, 2007 @05:31PM (#17926108)
        Screw the hardware costs. It's just plain impossible. How can the ISP know which data is e-mail, IMs, etc?

        I don't know about you, but I connect to a mail server using SSL, and the server is not operated by my ISP. Are they going to log some unintelligible bits? Are they going to force people to use their ISP's mail server? Who is an ISP? Anybody who resells bandwidth? How will they know you're reselling bandwidth? Etc...
        • by Nasarius (593729)

          I don't know about you, but I connect to a mail server using SSL, and the server is not operated by my ISP. Are they going to log some unintelligible bits?
          It's fairly easy for an ISP to set up a man-in-the-middle attack, if they don't mind giving you a bad SSL cert. It's evil and obvious, but certainly possible if they're required by law to do so.
          • Re: (Score:3, Interesting)

            by naChoZ (61273)

            ISP's keep logs anyway. When we get a subpoena from the feds for "any and all" logs related to a customer's usage, they know they're just going to get things like dhcp logs and mail server logs. On the *extremely* rare occasion where they require full blown network activity, they get a network trace dump. I remember one instance where the person's network traffic was fairly light, so the dump was a few hundred MB for a couple of days. While in another instance, we were required to trace someone's traf

        • by imroy (755)

          ...I connect to a mail server using SSL, and the server is not operated by my ISP. Are they going to log some unintelligible bits?

          No, but if you're on this list they'll just assume you're doing something wrong. They'll summon the FBI, who will take away your computer(s) for analysis and question you. Hello police state!

        • Re:Good luck (Score:4, Insightful)

          by Sancho (17056) * on Wednesday February 07, 2007 @06:24PM (#17926928) Homepage
          You're thinking of "ISP" in the wrong light.

          Whoever your e-mail provider is is also an ISP. They provide an Internet service. Therefore, they are required to maintain whatever logs are mandated by the government. If that includes storing backups of e-mails, so be it. The company that provides you access to the Internet doesn't have to maintain that information--they're just a conduit.

          Of course, the government might try to claim this, and then they will simply shut down any ISP for which they go after this information. It's pretty well impossible to capture and maintain all of the traffic that crosses the ISP's gateway for any useful length of time.
          • Re: (Score:3, Informative)

            by ivan256 (17499)
            But e-mail doesn't need a provider. Any system with an IP address can send a properly formatted message to any system that is willing to listen on port 25.
        • Re:Good luck (Score:4, Insightful)

          by MoxFulder (159829) on Wednesday February 07, 2007 @07:47PM (#17928042) Homepage

          I don't know about you, but I connect to a mail server using SSL, and the server is not operated by my ISP. Are they going to log some unintelligible bits? Are they going to force people to use their ISP's mail server? Who is an ISP? Anybody who resells bandwidth? How will they know you're reselling bandwidth? Etc...
          Bingo. Even if the government gives you bad SSL certs and otherwise attacks and cripples every KNOWN secure protocol, it'll only get them so far.

          If that happens, some company will spring up outside the USA that will charge a monthly fee to tunnel your Internet traffic through their servers via SSH. And they'll send you the server's public key fingerprint via postal mail so that you can verify that there's no man-in-the-middle attack. That will be foolproof unless the US govt decides to start opening mail and altering anything that looks like a public key fingerprint or SHA sum or whatever. And then the foreign companies will start broadcasting their public keys via short-wave radio. And then the govt could ban short-wave radios. And then... this is beginning to look like North Korea...

          Note that I do not believe any of this will really happen. I do not believe we Americans will accept a totalitarian government. I don't even believe we'll accept small steps in that direction in the long run. I think the proposed policy is destined to fail and is the result of (a) a power-hungry administration (whose time is up in 2 years anyway) and (b) a desire to catch terrorists and (c) an extraordinarily bad understanding of technology.

          It's amazing to me how legislators and policy-makers fail to understand crucial points about technology. They believe that DRM can be effective (or, failing that, they make it illegal to break), they blithely ignore the global reach of the Internet, and they don't know how easy it is to use strong encryption. They need to pick and choose their battles differently.
          • Re:Good luck (Score:5, Insightful)

            by Kjella (173770) on Wednesday February 07, 2007 @11:21PM (#17929984) Homepage
            Note that I do not believe any of this will really happen. I do not believe we Americans will accept a totalitarian government. I don't even believe we'll accept small steps in that direction in the long run.

            How about a little bipartisan power grab, who'll continue to pass the ball back and forth every four or eight years. They'll keep the people entertained by focusing on social issues (are we pro-gay or anti-gay this year?) while the actual running of government is left to Party lead... sorry, political families like the Kennedys, Bushs and Clintons putting relatives in key positions whenever their side wins an election. Presumably in close cooperation with corporations who run large lobby groups and are the only ones with a considerable sway in day-to-day politics and pay attention to rider bills and the like. Between an election system where it's almost impossible to create a third party and so much of the mass media controlled by corporate interests, it'll seem like the will of the people. I don't think the question is "would people oppose a totalitarian government" as much as "would Americans recognize a totalitarian government before they were neck deep in one?".
          • Re: (Score:3, Interesting)

            by russotto (537200)

            Note that I do not believe any of this will really happen. I do not believe we Americans will accept a totalitarian government. I don't even believe we'll accept small steps in that direction in the long run.
            We're not even inching towards it any more. We're running towards it with joy in our hearts. In both the big issues (like surveillance) and the little (trans-fat bans, banning iPods while crossing the street), freedom has little constituency and no champion.
      • Re: (Score:2, Funny)

        by creimer (824291)
        ... the massive hardware costs ...

        Bits and bytes don't weigh anything, so it's all free. Besides, I'm sure the hard drive companies will offer steep discounts for bulk purchases.
      • Re:Good luck (Score:5, Informative)

        by monkeydo (173558) on Wednesday February 07, 2007 @05:51PM (#17926374) Homepage
        The sky is not falling.

        Here's what the bill says:

        SEC. 6. RECORD RETENTION REQUIREMENTS FOR INTERNET SERVICE PROVIDERS.
        (a) REGULATIONS.Not later than 90 days after the
        date of the enactment of this section, the Attorney General
        shall issue regulations governing the retention of records
        by Internet Service Providers. Such regulations shall, at
        a minimum, require retention of records, such as the name
        and address of the subscriber or registered user to whom
        an Internet Protocol address, user identification or telephone
        number was assigned, in order to permit compliance
        with court orders that may require production of such information.

        First note that the information they are primarily interested in is being able to tie a user to an IP address. It is trivial for an ISP to keep this information, and any responsible ISP already does so that they can investigate fraud and abuse complaints.

        Second, the regulations are to deal with record retention, not tracking. So, if an ISP currently tracks user activity, the AG could require the ISP to keep that information for x days. But this bill does not seem to give anyone the power to order ISPs to start tracking users in ways they aren't already.
        • Re:Good luck (Score:5, Informative)

          by Derek Pomery (2028) on Wednesday February 07, 2007 @06:08PM (#17926620)
          As the text you notes quotes, that's the bare minimum. The concern is more laws allowing even more to be tracked.
          From TFA.
          "Because there is no limit on how broad the rules can be, Gonzales would be permitted to force Internet providers to keep logs of Web browsing, instant message exchanges, or e-mail conversations indefinitely. (The bill does not, however, explicitly cover search engines or Web hosting companies, which officials have talked about before as targets of regulation.)

          That broad wording also would permit the records to be obtained by private litigants in noncriminal cases, such as divorces and employment disputes. That raises additional privacy concerns, civil libertarians say. "
    • by Poruchik (1004331) on Wednesday February 07, 2007 @05:30PM (#17926098) Homepage
      This legislator has been sponsored by Toshiba, Seagate, Western Digital, and Network Appliances.
      • And don't forget the new addendum , "File everything in triplicate", courtesy Canon/HP/Lexmark/Epson/Brother/Kodak.
      • by EmbeddedJanitor (597831) on Wednesday February 07, 2007 @06:31PM (#17927014)
        The storage requirements are easily achieved with Curved Space Storage (CSS) or the secure equivalent CSS/DES.

        This storage method is based on the accoustical storage method that was proven over 50 years ago, now updated with more recent innovations to provide better bit density and bandwitdh. The way this works is that the digital stream is moduled onto a laser that is pointed upwards. As we all know, space is curved, so eventually the laser beam comes back to earth where it can be reread after a long trip through space. There's lots of space out there and it is free.

        • by Jtheletter (686279) on Wednesday February 07, 2007 @07:05PM (#17927552)
          First, I love this idea, bravo. ;)

          However, there is a flaw, the earth, solar system, and galaxy itself are moving at incredible rates, the point in space we occupy now will not be the same point that the laser will return to in a hojillion years give or take. BUT! I think you have come up with a very novel approach at creating the proverbial write-only memory. Quick, patent it!

          To keep on topic (some mod has been busting my chops lately for trying to have actual interesting conversations), since the bill sets no maximums on the retention requirements I think it's very likely that Gonzalez et al are going to ask for a rediculous amount of data retention. They've been dropping hints about it for years now, something like a permanent record of every website visited would be the first thing they try to mandate. That alone will be a gut-busting storage requirement, and force many non-mega ISPs right out of business. This bill has the potential to radically affect the businesses that provide internet access, and radically alter the privacy people expect when using the internet. While I hope this bill dies quickly, I fear it will ride the tide of "think of the children" with few obstacles. :(
    • But it should be highly compressible, and a terabyte costs $300 retail these days. I'm scared that it would be feasible to store logs of URLs visited (at most a few hundred per customer per hour?).
      • by ivan256 (17499)
        Yeah, that would do a great job of logging all the boring traffic of law-abiding people. How are going to log the traffic of the law-breakers who use an SSL enabled proxy? Just because it's the law doesn't mean it is possible.
      • Re: (Score:3, Informative)

        by futuresheep (531366)
        Sure, if you're using off the shelf SATA drives in a USB enclosure attached to a server, but enterprise class? A decent attached storage array will start at $1700.00 per terabyte, (based on a 4.5 TB Polyell 3U SATA unit), then add in the cost of racks, rackspace, bandwidth, power, cooling, new networking equipment, admins to manage it, tape units for offsite backups, etc...the costs are much higher than $300.00 per TB.
      • Re:Good luck (Score:4, Informative)

        by smellotron (1039250) on Wednesday February 07, 2007 @06:12PM (#17926722)

        I'm scared that it would be feasible to store logs of URLs visited (at most a few hundred per customer per hour?).

        You underestimate the web pages you visit. I did an experiment a few weeks ago along these lines using Firefox's LiveHTTPHeaders. After hitting the front pages of Slashdot, MSN, Yahoo, and two other portal sites, I had 150 requests. That's 30 requests per page. Just now, loading yro.slashdot.org took over 50 requests.

        People generate an enormous amount of web traffic without even thinking about it. To expect every ISP to archive that information just because is crazy. It's only really feasible for someone like Google, who is in the business of profiling potential customers (or AT&T, who is in the business of letting the Feds spy on you).

    • Actually, wouldn't increasing gravity be a better solution? And to do that, all we really need to do is crash the moon into Asia. That should increase gravity by, like a lot.
    • They may as well legislate that gravity be lessened to solve the obesity problem. It's just as feasible from a technical sense.

      Google logs every search made by its logged-in users. I expect it's quite feasible to set up a database to record every url requested by every person for quite some time. Unfortunately.

    • Physicist and hard sci-fi author Robert L. Forward [wikipedia.org] envisioned a method to do this that violates no laws of physics. It was in one of his non-fiction collections of essays, either Future Magic or Indistinguishable from Magic. It's a bit far fetched, but quite interesting.

      First, find a big asteroid. Put a bunch of metal plates around it with a carbon on the inside and nuclear bombs on the outside. Set off the bombs. If you've set it up right, the plates slam into the asteroid, compressing it tremendously. The
  • by the_humeister (922869) on Wednesday February 07, 2007 @05:20PM (#17925934)
    You know, I'd like find out what kind of porn or other illicit sites these legislators are surfing and then dredge that up those records to news agencies. See how that flies in their faces.
    • Re: (Score:3, Insightful)

      by db32 (862117)
      When they refuse to examine election fraud on the grounds of "it would damage voter confidence" I think it would be safe to assume they will find a way to keep themselves out of this. In fact, it would probably even extend protection to them after they are out of office. My first guess would be seeing this tossed out on grounds of national security given that this administration has classified more crap than any other administration.
    • How long do you think it'll take before and ISP gets broken into, records get stolen, and very public names get exposed doing things on the internet that they may not be proud of?
  • by aborchers (471342) on Wednesday February 07, 2007 @05:20PM (#17925938) Homepage Journal
    This is just sick. Every time I hear this shrill siren about protecting the children I know they're coming for another liberty.

    I, for one, don't want my kids growing up in a country run by the thought police.

    • by sconeu (64226) on Wednesday February 07, 2007 @05:25PM (#17926018) Homepage Journal
      Didn't you know that "Child Porn" is the root password to the US Constitution?

      With "Terrorism" and "Think of the Children" as the alternates?
      • Re: (Score:3, Interesting)

        by jhantin (252660)
        Even if you didn't, Schneier mentions these issues in the article linked earlier -- any threat that is rare but spectacular or directed at children (among a few others) tends to provoke irrational reaction in most people. GP calls it a shrill siren, but it's going off so often and so loudly I'm beginning to wonder if isn't more like a Nebelwerfer [wikipedia.org] pointed in the general direction of privacy.
  • Now that lobbying is going to be regulated, the parties have to make money somehow. Buy shares in HDD manufacturers and network hardware providers and then regulate to send their sales through the roof - profit!
  • by Anonymous Coward on Wednesday February 07, 2007 @05:21PM (#17925956)

    The draft bill is available online, and it also includes mandatory Web labeling for sexually explicit pages.

    What they need is exactly the opposite: optional Web labeling for non-sexually explicit content.

    If you think your site is safe for children then you can add a label to that effect. There could even be a well defined process where, if you labeled your site as safe-for-children and it wasn't, then you could be required to take down the safe-for-children label.

    Ideally, there wouldn't just be one safe-for-children label but a variety of specific government defined labels that identified a site as being free of specific types of content (e.g. no nude photos versus no sex photos).

    • Re: (Score:3, Informative)

      This is so sensible. No wonder Congress didn't think of it. It is worth making a phone call about, anyway. But there are already non-government labels akin to MPAA movie ratings, like http://www.icra.org/ [icra.org] or http://www.safesurf.com/ [safesurf.com] . I guess the problem is too many choices.
  • Even assuming that this is done on a tape backup or something as stupid as that, this is pointless and useless because it would be almost impossible to search through all of this info without having it easily importable into a database where you could search through records or have a universal format tha all these log files could be output into, for easy import and read, etc.
    Also considering that these records are kept 'indefinitely' the storage and money spent on this should be subsidized in some sense
    • by pluther (647209)
      It's easy.
      Just email your logs to the Attorney General each evening.
      Solves both the problem of where to store them and how to get them to him when he wants to see them.
      Simple.
      • Nah. Print them out and post them. Without a stamp, so the recipient has to pay postage. One envelope per age of print-out.
    • All it has to do is contribute, decisively or not, to a single sensational child abuse case and everyone will think it's good.
  • huh? (Score:3, Interesting)

    by User 956 (568564) on Wednesday February 07, 2007 @05:22PM (#17925968) Homepage
    Republicans in the U.S. House of Representatives announced yesterday legislation to force ISPs to keep track of what their users are doing. It's part of the Republicans 'law and order agenda,' with other components devoted to the death penalty, gangs, and terrorists.

    Why don't they just put everyone in prison? Then we wouldn't have any crime at all. Problem solved.
    • Re:huh? (Score:5, Insightful)

      by Tackhead (54550) on Wednesday February 07, 2007 @05:41PM (#17926256)
      > Why don't they just put everyone in prison? Then we wouldn't have any crime at all. Problem solved.

      The Party's goal isn't to eliminate crime by throwing everyone in jail -- it's to eliminate people who piss it off by merely being able to throw anyone in jail.

      "Did you really think that we want those laws to be observed?" said Dr. Ferris. "We want them broken. You'd better get it straight that it's not a bunch of boy scouts you're up against - then you'll know that this is not the age for beautiful gestures. We're after power and we mean it. You fellows were pikers, but we know the real trick, and you'd better get wise to it. There's no way to rule innocent men. The only power any government has is the power to crack down on criminals. Well, when there aren't enough criminals, one makes them. One declares so many things to be a crime that it becomes impossible for men to live without breaking laws. Who wants a nation of law-abiding citizens' What's there in that for anyone? But just pass the kind of laws that can neither be observed nor enforced nor objectively interpreted - and you create a nation of law-breakers - and then you cash in on guilt."

      - Ayn Rand, Atlas Shrugged, 1957

      You don't have to like Rand to apppreciate that she was onto something when it came to how governments think during the design phase of legislation.

    • by Beryllium Sphere(tm) (193358) on Wednesday February 07, 2007 @05:43PM (#17926270) Homepage Journal
      President Eisenhower speaking:

      "If all that Americans want is security, they can go to prison. They'll have enough to eat, a bed and a roof over their heads. But if an American wants to preserve his dignity and his equality as a human being, he must not bow his neck to any dictatorial government."
    • by MBGMorden (803437)
      Instead of throwing everyone in prison they're already working on building the prison around everyone. If they boil them slowly they won't jump out the pot.
    • by Bobzibub (20561)
      we already are in prison, aren't we?
  • If I had a broker, I'd be calling him and buying up stock in EMC, Quantum ATL and every other company involved in storage and retention of large quantities of data.
  • by topical_surfactant (906185) on Wednesday February 07, 2007 @05:22PM (#17925984)
    I imagine many people would simply start tunneling all their traffic to countries without such idiocy.
    • Hell, just default to ssh tunneling all traffic between all hosts. they won't be able to prove you downloaded anything, just that you pulled 500mb from port 22 of bigbazoongas.com. For all they can prove, you were aggressively reloading robots.txt.
      • Re: (Score:3, Informative)

        by Nasarius (593729)
        I think you're both looking for Tor [eff.org]. Works great, if you don't mind speeds comparable to dialup.
  • I thought this wasn't a problem. I thought most websites do post warnings. Is Congress just trying to solve a non-existent to show they are doing something supposedly worthwhile?
    • by User 956 (568564)
      Is Congress just trying to solve a non-existent to show they are doing something supposedly worthwhile?

      It really must be non-existent-- the word doesn't even show up in your post.
  • by FellowConspirator (882908) on Wednesday February 07, 2007 @05:24PM (#17926006)
    Mandatory labeling of sexually explicit images will make them much easier to find.
    • by jandrese (485)
      That is pretty much the reason the .xxx domain failed initiative failed. Even though it was going to be voluntary there were people who were worried that it would create a "red light district on the web". I'm still not sure why that is such a bad thing, but I suspect that similar pressures will derail this bill.
  • by RichPowers (998637) on Wednesday February 07, 2007 @05:25PM (#17926026)
    Folding this bill into a larger "law and order" agenda makes it more difficult for people to criticize it; "what, you against law and order, you filthy terrorist?"

    If similar bills had no chance in a Republican-controlled Congress, does it really have a chance now? Doubtful, especially since the Democrats have a comfortable majority in the House.

    Besides, I'm not a fan of impractical laws that are extraordinarily difficult to enforce. If this bill became law, do you think certain users would create scripts that visit hundreds of thousands of sites, just to clog the log books?
  • COntact your representitives and tell them why this is a bad bill.
    As also, be professional and use there perferred method of contact.
    If in doubt send a letter.If it is real important send a certified letter.

  • Nice work (Score:5, Insightful)

    by Amoeba (55277) on Wednesday February 07, 2007 @05:30PM (#17926096)
    I can only imagine how politicians think:

    "Hey how can we kill off a lot of small businesses so our big behemoth telecomm contributors can make more money in the long run? Ooh! increased operating costs! Our friends have the coffers to handle this while their smaller competitors die off. We'll have to make it look like something else though. Tie it to crime. Everyone hates criminals."

    • No (Score:3, Insightful)

      by rodentia (102779)
      Here is how politicians think:

      "What sort of grandstanding can I do to get my name in today's local/state media cycle? Let's see, my likely opponent has introduced a bill in the statehouse mandating that sex offenders register their online accounts. . . . Hrm, what trumps pedophiles? Sure, Terror, domestic Terror! that's the ticket!"

      Actually, that is the politician's Chief of Staff thinking; the politician is thinking:

      "Does this tie make me look soft on crime? If that minxy little intern thinks
    • Exactly. And, they want to legalize all of the
      NSA spying at the same time.
  • constitution (Score:5, Insightful)

    by mobydobius (237311) on Wednesday February 07, 2007 @05:34PM (#17926164) Homepage
    we havent had a decent amendment in a while. time for a push for an explicit right to privacy?
  • Confusing (Score:2, Interesting)

    by Anonymous Coward
    Doesn't this just amount to wiretapping using different wires, only instead of just doing it for individuals suspected of something illegal, it's being done en masse to the masses. Certain members of Congress have been very vocal about how they're against the President listening to the conversations of suspected terrorists or foreign nationals because it might violate their rights...but it's okay to monitor everyone else?

    We here at the Future Crimes Department take pride in knowing you're going to do someth
  • SSL. Seriously, why the f*ck aren't people using SSL for everything? It isn't that complicated. Even if they're just self-signed certs, it's still vastly more secure then sending almost everything plaintext.
  • by Irvu (248207) on Wednesday February 07, 2007 @05:48PM (#17926340)
    My first reaction was "Good because wading through terrabytes of useless data will really help win the war on terrer!" However on sober reflection I realize that the very technical infeasability of this is part and parcel of the problem.

    For those of you that haven't seen Terry Gilliam's Brazil [imdb.com] you must it is an essential requirement for anyone who would just react with the snarkiness I mentioned above.

    They can't parse all of that data. A single major ISP on a single day would generate terrabytes of data if everything was logged. In that event any actual law enforcement methods would be swamped by the sheer beureucratic waste of it all. Massive computer systems performing continuous number crunching would still come up with garbage.

    But that doesn't matter!

    It isn't necessary for this to work. What is necessary is for them to make people perceive that it works at least enough to get it put in place. At that point the system becomes self feeding. Don't like it, well that can get you put on the short list for a check of your habits. Because they can look at a single person's habits, they may be wrong but they can and will do it. But in general the system will be a large self-feeding monstrosoty and any "errors", because there are always errors will be dealt with in the same way that the no-fly-list errors are handled: "not my department, next please!"

    Eventually success of this process ceases to be the object only its continuation. Once a large enough beureucracy is established staffed with enough place-men and place-seekers to protect themselves then this will take over. Consider the Drug war as an example. Yes it hasn't hit full steam but think of ho many things today are justified by means of the "Drug War". And take a look at the way justifications for the war are handled. Money for the Partnership for a Drug-Free America (led by America's Drug Czar) is spent convincing us to back the drug war or not to vote for legalization. In turn the DEA's budget (paying America's Drug Czar) goes up and who the hell cares if the drugs are stopped. And they aren't even fighting "Terrorists".

    In many respects it reminds me of East Germany. At the height of their power the East German Stasi employed one in fifty members of the population as full or part-time spies. This doesn't count the large beureucratic staff that they had or the massive infrastructure that was built and run just to sort through it all. The social costs were enormous as any infraction was targeted for no good reason. The economic costs in turn were insane and deprived the state budget of much of the money that might have been spent say building an infrastructure or feeding the population. No nation on earth had more complete information on its citizens and no nation on earth spent more obtaining it.

    Ultimately crime was still committed and even the dissident groups grew because they a) hated the government that much, b) were often flooded with spies sent in by the Stasi, and c) could get away with it. None of the objectives of the Stasi were acheived and East Germany fell, it fell and noone misses it.

    This "Law and Order" bull must be stopped, and it must be stopped now! We cannot sit back and think that this is okay or that it will "work its way out. Those of us with a technical mindset are in the best position to explain why this will not work and what a costly destructive system this will be, and we cannot put it off.

    For those in the U.S. go Here [house.gov] to find your house rep and place a phone call or send a letter. Then for good measure go Here [senate.gov] and tell the Senate not to go there either. Following that try sending a letter to you local paper's letters to the editor. While many of us no longer read the dead-tree press it can and will make a big impact for those that do (read: most people over 35).
    • Re: (Score:3, Insightful)

      by Tackhead (54550)
      > In many respects it reminds me of East Germany. At the height of their power the East German Stasi employed one in fifty members of the population as full or part-time spies. This doesn't count the large beureucratic staff that they had or the massive infrastructure that was built and run just to sort through it all. The social costs were enormous as any infraction was targeted for no good reason. The economic costs in turn were insane and deprived the state budget of much of the money that might have
    • Re: (Score:3, Funny)

      by smoker2 (750216)
      While I realise you spent a good deal of time and effort composing your thoughts there, I must just say, I am unable to accept your comments without a valid stamp from the Ministry of Acceptable Criticism. If you would like to come back and post later, when you have such a valid stamp, then I will be glad to ignore your comments correctly, and within the law.
    • Does this help?

      Problem: "Attorney General Gonzales would be permitted to force Internet providers to keep logs of Web browsing, instant message exchanges, and e-mail conversations indefinitely."

      Solution, from 3 stories down on Slashdot: "UK will start jailing the people who trade in email addresses, or any other personal data. The new regulations will result in a two year prison sentence for violating the Act."

      Not counting the minor detail of countries involved, does anyone else read this as : "Attorney Ge
  • Everybody knows that politicians know very little about the Internet (tubes anyone?). There's a misconception that an IP address is as reliable as a fingerprint. The reality is, most criminals can bounce their connection around and evade lame measures like this.

    IP addresses aren't unique nor do they necessarily identify a user at a particular moment in time. If coming behind an AOL proxy, the only way to discover the actual user, is for AOL to log all outbound TCP & UDP connections. It can't be done...
    • What is there to be done then? What is the clearest course of action that will have positive results?
      Is the political system too broken to even bother writing to our congressthings?
      If it isn't, what's the best way to get the point across?
      If it is in fact too broken to do any good then what do we do?
      99% of folks in the US don't know how to set up good crypto or would be intimidated about it. So then we ask is this a discussion we only want to have within the tech community or do we want the average joe to ca
  • by Slithe (894946) on Wednesday February 07, 2007 @05:55PM (#17926426) Homepage Journal
    Look at what they have also introduced! Beware H.R. 393 [loc.gov]!!
    • Re: (Score:3, Insightful)

      by Reziac (43301) *
      I don't think the *concept* of required national service is necessarily bad; certainly the younger generation would get a better picture of the Real World if they were forced to go forth and help construct it. (Frex, this could be a way to get kids back into the many entry-level, farm labour, and general labour jobs that kids used to do, but are now the province of illegal aliens.) It'd also be a good way for them to earn a nest egg for higher education.

      However, in the current political climate, I foresee i
  • Remember that whether or not Big Government ends up forcing your ISP to spy on you, the ISP has the capability anyway. There's no new threat here, merely a new statement of malicious intent and contempt for citizens (which has been pretty implicit for quite some time anyway).

    Also remember that Big Government isn't the only entity that may feel it has something to gain from spying on you. No matter what sort of legislation exists for limiting or opening government intrusion into our lives, regardless of a

  • the RIAA and MPAA would find this kind of law very useful.

    Hmm.
  • Last time this came up, it was estimated to cost over $400M/year. The estimated number of arrests it would help generate? 700. The FBI said just give them the $400M for agents & they could do a hell of a lot better. The truth is that the 60-90 day cycle that most of these companies already have is enough to cover the vast majority of the requests by the police - this is asking the industry to absorb $400M in costs for an infitesimal gain.
    Funny the AG didn't want to do that... guess it didn't sound as g
  • by segfault_0 (181690) on Wednesday February 07, 2007 @05:58PM (#17926476)
    The post refers to IM and chat logging but they are mentioned no-where in the bill draft. The bill asks that IPs be logged to subscriber names and nothing else. The words instant messaging and chat dont even appear in the text of the the bill at all. The post then links to a previous post about what some people in government would like to monitor - including the IM and chat logs. You cant just draw a line between the two without support facts.
    • by nhudson35 (1033162) on Wednesday February 07, 2007 @06:24PM (#17926924)
      I interpret bills for a major civil rights lobby, and this bill's language is ambiguous. It requires, at a minimum, the retention of personal identification linked to IPs. Whereas I do see your point, that it does not enumerate retention of IM and chat logs, this draft bill is STILL scary. If the legislation passes, it is up to Alberto Gonzales to interpret it. This, the man that recently advocated the revoke of Habeus Corpus, citing the lack of its specific constitutional enumeration. The problem is that the bill's language is broad, and the AG could ASSSUME that it gives him certain powers. The bill would be less scary if it was amended with language that limits the amount of liberal interpretation that could take place. In the end, this draft represents a common problem, and a scary possibility. Politicians struggle balancing individual liberty and safety, and if passed, this bill could establish a precedent of invasion of personal privacy. All of this must be qualified by the following-- I understand the desire to protect our children at all costs. It is an emotionally charged issue, but we must not allow rational thought to be trampled by emotionally charged debate. I do not believe this bill will make us safer. I'd be interested to see how many times and ISP could not produce personal information on the IPs they regulate, and how many times failure of an ISP to produce personal information translated into the loss of a conviction for child predators. This bill represents the beginning of a slippery slope for internet privacy, and a more general affront on free speech.
  • Why is widespread surveillance acceptable to politicians and a good portion of the public when dealing with the internet?

    Can you imagine the uproar if smirking ass-face Gonzales (sorry, his first name escapes me right now) proposed that every letter sent through the U.S. postal system must be photocopied, indexed, and stored? Or if all telephone conversations must be recorded in case the Justice Department needs access to them at a later date? People would be livid, and justifiably so.

    Yet the internet has
  • by mpapet (761907) on Wednesday February 07, 2007 @06:26PM (#17926946) Homepage
    From the ISP's side, they will take the time/effort to simply provide a way for the data to be delivered in bulk to a gov't contractor. From there the contractor does the actual storage. The ISP's will jump at that because it's costs practically nothing. On the contractor's side, when you are buying storage by the petabyte, it's pretty cheap.

    It still boggles my mind that this is somehow offensive behavior in the /. echo-chamber. The time to have done something about it was maybe 10 years ago.

    Most of us have *no* clue about the scale and scope of data collection is like in the U.S. right now and I believe most would be very nervous if we actually knew besides what's already been leaked. What brings me some comfort is gov't agencies are not known for their effectiveness or ability to coordinate much beyond a luncheon.
  • by beej (82035) on Wednesday February 07, 2007 @07:30PM (#17927842) Homepage Journal
    I can't tell from the definitions if the record-keeping would apply to my machine that runs out of my house for me and my friends (email/web stuff).

    My hardware matches the description of Internet Content Hosting Provider and Internet Email Provider, but the record-keeping portion of the bill refers to "Internet Service Provider" which I presume is defined elsewhere (not in this bill.)

    *sigh*.

  • by nhudson35 (1033162) on Wednesday February 07, 2007 @07:35PM (#17927902)
    Lamar Smith's bill's language is ambiguous. It requires, at a minimum, the retention of personal identification linked to IPs. The contention that that Smith's bill does not explicitly mandate the retention of IM and chat logs ignores a very important fact. The Attorney General gets to interpret the bill. Alberto Gonzales is the man that recently advocated revocation of Habeus Corpus, citing the lack of its specific constitutional foundations. Gonzales has an expansionist view of the Constitution, as evidenced by his moronic opinion that specific protections not enumerated in the constitution are open season for federal government. I have a feeling that his interpretation would augment the executive branch's power. This is just is one major problem with this bill-- it's ambiguous language is too broad, and Gonzales could liberally interpret the legislation however he feels. More generally, this bill is part of a national problem-- the belief that politicians are justified in sacrificing our privacy. This "struggle" they face, balancing individual liberty against security, is a nonexistent red herring. We can be both safe and free. The bill also represents a scary possibility. If passed, it would establish a legal precedent for acceptable invasion of personal privacy. Socially, this precedent has already been established. The technology industry has already justified, and is currently implementing, the widespread, viral invasion of our personal computer-- in the form of DRM protection of music and software. All of this must be qualified by the following--Smith's bill is aimed at stopping child predators, and I understand and wholeheartedly support his desire to protect our children. This bill's reach extends far beyond the sick and twisted world of pedophiles, though-- it requires retention of everyone's records. Alberto Gonzales could theoretically interpret the bill to include widespread monitoring of internet use. Including AIM conversations and E-mails. I do not believe this bill will make us safer. I am interested to see how many times an ISP could not produce personal information on their customers, and how many times failure of an ISP to produce personal information translated into the loss of a conviction for child predators. My guess is none. One of two things can happen with Lamar Smith's bill in the short term. First, it could die, or second, It could be amended-- perhaps with limits on the retention of records to convicted sex offenders. This bill represents the beginning of a slippery slope for internet privacy, and a more general affront on free speech. We must not let our leaders continue the abolition of rational thought.
    • Re: (Score:3, Insightful)

      by alshithead (981606) *
      "Lamar Smith's bill's language is ambiguous."

      Of course it is! It's written by a technologically ignorant fuck. Also, it's not as if the US government has never passed ambiguous laws/rules. The burden placed on ISPs and possibly others is so onerous as to be laughable, if it wasn't so sad. To put it in a context some elected officials MIGHT understand, it's similar to telling the US government to document every work conversation for every government elected official and worker. I told my politically and
  • by eldenbu (468295) on Wednesday February 07, 2007 @08:00PM (#17928230) Homepage
    So, way back, I ended up with a block of IP's and have been my own ISP ever since. I, of course, would never do anything illegal but if I did, and the police wanted my surfing records, is there not a 5th amendment situation here?

This screen intentionally left blank.

Working...