Follow Slashdot stories on Twitter


Forgot your password?
Privacy Government United States Technology Your Rights Online

FBI Pushing For 2-Year Retention of Web Traffic Logs 256

suraj.sun writes to tell us that the FBI is pushing to have ISPs keep detailed records of what web sites customers have visited for up to two years. Claiming a desire to combat "child pornography and other serious crimes," the FBI and others are pressing for increased data retention, which they have been doing since as early as 2006. "If logs of Web sites visited began to be kept, they would be available only to local, state, and federal police with legal authorization such as a subpoena or search warrant. What remains unclear are the details of what the FBI is proposing. The possibilities include requiring an Internet provider to log the Internet protocol (IP) address of a Web site visited, or the domain name such as, a host name such as, or the actual URL such as While the first three categories could be logged without doing deep packet inspection, the fourth category would require it. That could run up against opposition in Congress, which lambasted the concept in a series of hearings in 2008, causing the demise of a company, NebuAd, which pioneered it inside the United States."
This discussion has been archived. No new comments can be posted.

FBI Pushing For 2-Year Retention of Web Traffic Logs

Comments Filter:
  • Skewed rulings (Score:3, Interesting)

    by pwnies ( 1034518 ) * <> on Friday February 05, 2010 @05:17PM (#31039536) Homepage Journal
    Why only require it here? Why not make the local hot dog stand on the street keep records of who bought their food for the last two years? Because it's inconvenient and it's not effective. If laws are put in place to do this, then people will find a way around it. Any form of p2p transfer will easily let people gain access to those images without touching the loggers. Criminals are smart, stop treating them as fools and punishing the common masses because of it.
  • by ircmaxell ( 1117387 ) on Friday February 05, 2010 @05:17PM (#31039538) Homepage
    Welcome to the world of politics...

    Seriously though, what happens when you don't use the dns provider of the ISP (either running your own, or using a 3pd DNS provider)? Would that make anyone running their own DNS server (or an alternate third party) a suspicious person? They would only be able to log IP addresses then, and given the proliferation of mass shared hosts, how is this helpful? If a child porn site was on a godaddy server, and you go to another site on the same server, would you have to prove you went to the other site? More guilty until proven innocent...
  • How many PB? (Score:2, Interesting)

    by InvisibleSoul ( 882722 ) on Friday February 05, 2010 @05:18PM (#31039548)
    Two years worth of logs for every single page visit for every single user? The ISPs, especially the larger ones, are going to need some serious storage arrays for that.
  • by sopssa ( 1498795 ) * <> on Friday February 05, 2010 @05:33PM (#31039734) Journal

    And what about https? Or would it be mandatory for ISP's to do man-in-the-middle attack so they can store the data?

  • Re:Think of the kids (Score:4, Interesting)

    by ottothecow ( 600101 ) on Friday February 05, 2010 @05:34PM (#31039758) Homepage
    The thing is...for how much they go after the child pornography it really that much of a problem?

    It is much more rare that I see stories about the actual pornographers being caught and while the viewers are certainly depraved (and you can argue that by consuming the child porn, they encourage those who make it), aren't the pornographers the ones we would rather catch? It wouldn't surprise me if the amount of children actually being forced into child porn is VERY small since the already existing library of images probably contains enough to keep the perverts trading for a long time.

    If that is true...then this definitely is an excuse to encroach on peoples rights and use the old "think of the children" excuse because if this much effort was really being put in to catching so few potential would be a huge waste compared to what those officers could be doing elsewhere.

  • by Anonymous Coward on Friday February 05, 2010 @05:37PM (#31039780)

    As someone that works in the Adult hosting industry, this is going to be poorly received. A lot of our clients are already hurting for money and as such have scaled back their server footprint. We're pushing servers (disk IO) a lot harder than before -- one easy solution we have is to just disable access logs. Writing 1GB+ of log data per hour swamps disks and just adds huge amounts of overhead. Since these logs are of clients browsing through porn ... it'll cost a decent amount of money to actually be able to start logging again AND to store raw log data for two years.

  • by Ron Bennett ( 14590 ) on Friday February 05, 2010 @05:44PM (#31039854) Homepage

    Deep packet inspection for URL not required, in theory, if the U.S. government mandates both ISPs *and* websites to maintain logs.

    That may be how they'll rope websites, and other types of internet services for that matter, into complying with log retention.

    Another route, though I've never seen it mentioned in context to log retention laws, is to require web browsers to log the information in tamper-resistant (think DRM) hidden files. MSIE, in a matter of speaking, already does with index.dat files (some suggest their real purpose is, in large part, to help law enforcement), which the regular computer user has no clue of, let alone know how to get rid of, since Windows makes it difficult to delete them.


  • by Locke2005 ( 849178 ) on Friday February 05, 2010 @05:54PM (#31040008)
    The people downloading "kitty porn" for free are doing nothing to encourage the creation of more of it. Go after the money trail instead -- the people that deserve to go to jail are the people that are paying for it, and I don't believe tracing the flow of funds requires monitoring every single internet connection. Also, laws are publicly recorded -- as soon as you announce you're going to start doing this, anybody that knows they are breaking a law is just going to start encrypting their connections and going through anonymous proxies, meaning that this technology is only effective against people who don't think they are doing anything wrong!
  • by morgan_greywolf ( 835522 ) on Friday February 05, 2010 @05:59PM (#31040090) Homepage Journal

    Deep packet inspection can be a very, very resource intensive thing. I seriously doubt that any such laws will be likely to require deep packet inspection. For one, it would put quite a few smaller ISPs out of business for good.

    I have a feeling I know why the FBI wants this. It used to be that all the traffic passed through telco routers owned by Verizon and AT&T. Nowadays, most traffic is being handled by companies like Level3 or UUNet. They had it easy with the telcos, who always had a close relationship with government regulators. Businesses like Level 3, Google, etc., are far less likely to be cooperative.

  • by davidwr ( 791652 ) on Friday February 05, 2010 @06:26PM (#31040436) Homepage Journal

    1) It's easier to catch dumb people than smart ones. People who run anything larger than home-made porn are probably going out of their way not to be caught.

    2) If the media is right, a large percentage of circulating child porn is produced outside the United
    States. In some countries 16- or 17-year-olds can, or could until recently, be porn stars. Such pictures are illegal in America.

    3) When someone is busted for "made at home" child porn, the media won't publish his name to protect the kids. They may even suppress the story or bury it as a blurb in another article.

    The feds can do something about #1. As for #2, only international crackdowns will help here. As for #3, it's probably a good thing this doesn't make the papers.

  • Re:Evidence Already? (Score:1, Interesting)

    by Anonymous Coward on Friday February 05, 2010 @06:26PM (#31040444)

    Hmmm, let's take a look at this.
    In the 1920s Al Capone was, in every way imaginable, the top criminal in the mid-western United States. It is reasonable to say that Mr. Capone's activities and businesses were responsible for, or at least connected to, over 50% of the crime in the mid-western states in the last half of that decade. The FBI at that time was a weak organization compared to the powers the organization wields these days. Still the FBI was powerful and it was backed by the full goodwill and monies of the government of the U.S. But with all of the crimes Mr. Capone and his organizations and businesses, partners and friends and acquaintances, all across the mid-west were involved in what did the FBI finally jail him for?
    Tax evasion.
    Now let's apply this lesson to today's FBI. What are they really looking for on the web? Tax fraud? Money laundering? Interstate liquor transport? What one law can these agents convict someone of with absolutely no chance that a jury will fail to convict based on even nominal evidence?
    Child Pornography.
    And what better crime to punish. Currently people convicted of even looking at child porn are branded as sex offenders and are required to register with local law enforcement whenever they move. The FBI then gets to keep track of these guys forever and not pay a dime for it. Want to know where criminal 12345 is? Check the sex offender DB or just call the local PD. They are required to know. And it gets worse every day. And even better, you can convict someone of looking at child porn even if the person in the pictures is eighty years old as long as they were under eighteen when the photo was snapped. And they want to extend it to cartoons, computer graphics, and written stories. All child porn.
    Don't kid yourself. child porn is a big thing for the FBI -- just not for the reasons you think.

  • by bzipitidoo ( 647217 ) <> on Friday February 05, 2010 @06:52PM (#31040700) Journal

    While they're at it, why not ask that vendors of red light cameras and security cameras keep 2 years of footage from every camera they install?

    Enforcers are always wishing to be allowed to do things they think will make their jobs easier. One of those things is the Fishing Expedition. Two times in over 20 years I've been held up where the police erected a roadblock ostensibly to check for drunk drivers, a valid driver's license, current inspection sticker, and current insurance. They didn't try to get inside the car to look for drugs, but who knows, maybe they would have if any of those other items hadn't checked out. I hear that they sometimes block I10, to check for illegal immigrants. I think they'd like to do roadblocks more often, but the public backlash is too much. Making people late to work would get them in a lot of trouble.

  • by Jah-Wren Ryel ( 80510 ) on Friday February 05, 2010 @07:00PM (#31040776)

    meaning that this technology is only effective against people who don't think they are doing anything wrong!

    Which perfectly suits the needs of 'law enforcement' - we've got a long history of them going after the defenseless and ignorant - like civil forfeiture laws where the property is charged with a crime (literally, lawsuits are titled like US vs One Jeep Wrangler I think being non-sentient qualifies as being 100% defenseless) or even the child porn laws where they go after kids for sexting pictures of themselves rather than hunt down the people who actually abuse kids in the manufacturing of child porn.

  • by happyslayer ( 750738 ) <> on Friday February 05, 2010 @09:07PM (#31041888)

    Good "think of the children" dilemma for Haiti:

    Human trafficking, sex slavery, and other forms of abuse happen. When you start transporting large numbers of people over borders, it's pretty much inevitable that some are going to end up in a living hell.

    OTOH, kids in Haiti have lost parents, government has pretty much collapsed, and there will probably be plenty of horror stories of infection, disease, and abuse for the kids stuck in other words, children denied the opportunity to get out of the country will end up in a living hell.

    So here's the question for all those 'think of the children' moralizers out there:

    • How many children are you going to condemn to die in Haiti to protect those who would end up abused by human traffickers and their customers?
    • How many children are you going to condemn to suffering and abuse at the hands of the worst of humanity in order to save those who would die or suffer horribly otherwise?

    There is no good answer--"think of the children" is usually an excuse to get what you want anyways--without considering the consequences.

  •     I'd expect the logs would require IP's and/or hostnames.

        HTTP, it's trivial to sniff hostnames.
        HTTPS, it's trivial to see the destination IP.

        HTTPS only works one IP per host, so that gives a positive track to where they were going.

        Of course, domains change ownership, and IP's change, so what an IP is today, could be anything else tomorrow.

        I'm curious to if by "ISP", they mean the residential line providers, or both ends? At my old job, they'd end up with about 2Gb of log files per day per server. There were 15 redundant servers. That was just for one site. I don't even care to think about how much storage was required for all the logs across 150 servers. No, it didn't scale evenly. The web server logs were dumped every few hours, just so it didn't fill up the drives, but left enough for forensics, if we needed them.

        (15 * 2) * 365 * 2 = 21,900Gb. I would love to still be there, and have them ask for 22Tb of logs. :) I was joking with someone about how to deliver those. I suggested burnt CD's. 14,500 CD's would be fun to offer up. We then thought a little harder, and though paper tape would be the way to go. :) I know there would be better methods, but we were looking for the entertainment value in it. :) I'd feel really sorry for the guy who had to feed 14,500 CD's into a machine to burn for the feds on demand. :)

        Logistically, this would become a nightmare for almost any provider, except for mom & pop shops.

  • Not only that, if they are not recording what the actual website looked like when you visited it what is to keep the IP address from changing to something naughty two years from now? After all IP addresses change all the time, and what was...say some stupid fan site a year ago...who knows what it will be two years from now?

    And how would you "prove" your innocence? They show up with a list of IP addresses from a year and a half ago, how do I prove they are/aren't mine? How do I prove where I did/didn't go a year and a half ago? Hell I don't even have the same PC I did a year and a half ago as it finally gave up the ghost!

    This smells a little too much to me like a "bust anyone you don't like for free" card as defending yourself against some list held in a cop's hand will prove damned near impossible. What's next? "Oh he used CCleaner [] to empty his temp files and Defraggler to defragment his hard drive, which just proves he was destroying evidence!". Give me a fricking break! How come we supposedly won the cold war and now I have the urge to do " In Soviet Amerika" jokes?

Basic is a high level languish. APL is a high level anguish.