Law Enforcement Still Wants Mandatory ISP Log Retention 226
schwit1 writes with this snippet from CNet: "Law enforcement representatives are planning to endorse a proposed federal law that would require Internet service providers to store logs about their customers for 18 months. ... Michael Brown, sheriff in Bedford County, Va., and a board member and executive committee member of the National Sheriffs' Association, is planning to argue that a new law is necessary because Internet providers do not store customer records long enough. 'The limited data retention time and lack of uniformity among retention from company to company significantly hinders law enforcement's ability to identify predators when they come across child pornography,' according to a copy of Brown's remarks. Any stored logs could, however, be used to prosecute any type of crime."
And there it is... (Score:5, Insightful)
hinders law enforcement's ability to identify predators when they come across child pornography
The root password to the Constitution.
Would You Want To Be Followed Everywhere? (Score:5, Insightful)
It becomes an argument for anonymous browsing on everything you do, until they figure out how to either track, or ban, that too.
It's ALWAYS about child pornography (Score:5, Insightful)
Every time there is a push to reduce our privacy rights online, it's ALWAYS in the guise of child pornography. I mean seriously, how serious of a problem is it? Why does law enforcement need to know I go to slashdot.com daily or watch porn every other day? Why don't they just store data for child pornography sites?
Cool, let's make new law enforcement rules (Score:5, Insightful)
1. All speed traps are video recorded and offer the ability to clock the car with a stopwatch to verify it was actually speeding. Sort of like reverse VASCAR.
2. Every interaction with a police officer will be recorded with video and audio--they're doing this in Burnsville, MN. Thing is we need to have these videos recorded to WORM discs and those need to be made available to the public in every single situation without charge.
3. Anytime a law enforcement officer tells a lie to scare someone they can be sued.
---
I could continue but it's pointless. It's easier for the ISPs to simply tell them 'no'.
Yeah? (Score:5, Insightful)
Law Enforcement Still Wants Mandatory ISP Log Retention
Yeah? And I still want every law enforcement officer perpetually monitored and recorded to prevent abuse of power ect. Yet, they're still fighting simply being recorded.
Re:And there it is... (Score:4, Insightful)
The part that bothers me about this is the unreasonable double-standard. Law enforcement typically keeps records of their phone calls and radio traffic for between about 1 to 2 years, which is usually driven by statues of limitations. After that, the records are gone. The reason is simple - they often need to keep that data for liability issues such as when someone sues the police for misconduct. They purge that data after that retention period for exactly the same reasons the ISPs do not want to hang onto it - having it means they become responsible for it and becomes more of a problem than the data is worth.
As a public agency, law enforcement agencies have clear retention period policies, as well as policies outlining exactly who can and cannot access that data, in order to serve the public. As private entities, why should the ISPs be held to some arbitrary standard outlined by an outside party? Honestly, if an ISP wants to purge that data after 6 months (or even less) to serve *their* public - their paying customers - let them! The convenience store down the street isn't required to keep a minimum amount of surveillance video in case someone does something shady in the bathroom. They keep that video to protect themselves and their business from people that want to do harm. When police are called, the video is shared voluntarily because it's in their best interests to do so.
The only thing I would be in favor of is requiring ISPs to simply define a data retention policy and make it public to everyone, including the law enforcement community. The ISPs can then live and die by the policy they set for themselves and law enforcement will know exactly how long they have before that information is purged. I would also suggest that once an ISP is made aware that a warrant for certain information is coming, the ISP should retain the relevant data regardless of the policy. They don't necessarily have to share it until they receive the warrant, but the request alone should trigger a temporary hold on the data for a set period of, say, 60 days. This is no different than how law enforcement handles their data retention when a request is made of them, so ISPs should be treated the same way.
I'm not sure what I would want the penalties to be if any of the data retention policies were violated (purged early or accessed inappropriately), but it should fit the severity and scope of the violation and be defined in actual law.
Re:It's ALWAYS about child pornography (Score:4, Insightful)
In the black and white world of "you're either with us or against us", you are either for this bill and against child pornography or you are against this bill and for child pornography. If you try bringing some sanity into it, they will pound that point and make it seem you're eluding it.
It'd be like starting an attack on this bill with "Are you in favor of Soviet-style mass surveillance of ordinary citizens?" and you can hear the question is loaded as all hell. It just turns into a game of piling up the most bad stuff on the other side.
Re:It's ALWAYS about child pornography (Score:4, Insightful)
The only dangerous people who produce child pornography won't visit those sites because they already have it on local media
There, fixed it for you. If we spent as much time going after the producers as we do prosecuting thoughtcrime, we might be able to actually prevent child abuse, instead the police as always go after the non-harmful crimes rather than those who are actually abusing the children.
Re:And there it is... (Score:4, Insightful)
Child porn is a scourge on society, and I strongly support any reasonable means of stomping on the bastards behind it, but we have to stop allowing any new law being justified on the basis of "Think of the children!" and then going on to allow that law to be used for anything beyond it's original intended scope.
The problem I have with this data retention proposal is that it is the digital equivalent of being required to keep a GPS tracker on everyone that records your every movement and keep records of those movements for 18 months, so the authorities can check if you were at the scene of any crimes that may occur.
It would not be acceptable to track people physically in this way with no cause, at least not in my country - so it should not be allowable to track them in the same way online either, without some kind of warrant or reason.
As long as this information is recorded and kept, it lies open to abuse by hackers who gain unauthorised access to the information, and also mis-use by those in authority, who use the information outside of the original scope for which it was intended (ie. to stop child porn)