The Bush administration and some congresscritters are apparently hell-bent on instituting mandatory data retention requirements for your internet service provider (ISP). That’s the story filed by CNET‘s Declan McCullagh. A bill is pending in the Colorado State Senate that would require ISPs to retain the IP addresses used by customers for at least 180 days. Most law enforcement agencies say that a one year minimum is acceptable and two years is better.
Advocates insist that such legislation would help child pornography investigations. Internet service providers seem to be mostly concerned about who’s going to pay for the data warehousing facilities. It’s unclear that retained data will benefit any properly conducted, timely, investigation. This appears to be mostly a blanket warrantless wiretap policy for law enforcement agencies that move to slowly to initiate investigations or lack sufficient cause for a warrant.
The European Union’s mandatory data retention law, scheduled to take effect in 2008, calls for ISPs to retain not just IP addresses, but also “telephone numbers dialed, contents of Web pages visited, recipients of e-mail messages and so on,” for a minimum of six months and a maximum of two years. The content data is not supposed to be retained.
Ironically, adequate federal law already exists in the United States. The Electronic Communication Transactional Records Act requires ISPs to retain records for 90 days upon any governmental request. Another section of the US Code requires ISPs to report incidents of child pornography to the National Center for Missing and Exploited Children.
0 responses. Comments closed for this article.