Interesting People mailing list archives
Re: Republicans propose data retention laws targeting ISPs, home WiFi users
From: David Farber <dave () farber net>
Date: Fri, 20 Feb 2009 12:13:25 -0500
Begin forwarded message: From: Lauren Weinstein <lauren () vortex com> Date: February 20, 2009 12:00:55 PM EST To: David Farber <dave () farber net>Subject: Re: [IP] Republicans propose data retention laws targeting ISPs, home WiFi users
Dave, A few points on this: Note that the proposed law is being (as usual) phrased in terms of protecting children, but of course is not being limited to that purpose. This has become the standard "hook" now in all such legislative efforts, it seems. Many commodity wireless routers do not have the technical ability to keep logs of DHCP (dynamic address) assignments in a form that can be easily downloaded and preserved (or in some cases, in any form at all). This makes logging for home users with current equipment entirely problematic. While a broadband ISP can identify the endpoint (which, we must be careful to note, is *not* necessarily the same as the end user!) for a wired broadband DHCP circuit (and of course static circuits), wireless access points not requiring login will typically only have a MAC address to work with, which can usually be changed in software. So a McDonalds' forced to turn over WiFi records would likely have nothing more than times and MAC addresses, with the latter being unreliable. Unless there are plans to require showing ID or using a credit card to buy a Big Mac, it's not clear that many law enforcement aims will be satisfied in such a case. Perhaps an even more interesting question is how long dynamic IP data is being retained by ISPs *now*. I have anecdotal evidence that it can be a very long time. And then there are DHCP assignments that could just as well be static. I have one DHCP-based circuit that hasn't changed its address (despite resets, power failures, "reassign DHCP address requests" -- and so on), since it was installed over a year ago. And again as I noted above, there's a big difference between knowing DHCP address assignments and knowing *who* was using the associated computer -- just ask any drive-by unprotected WiFi access point user! --Lauren-- Lauren Weinstein lauren () vortex com or lauren () pfir org Tel: +1 (818) 225-2800 http://www.pfir.org/lauren Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org Co-Founder, NNSquad - Network Neutrality Squad - http://www.nnsquad.org Founder, PRIVACY Forum - http://www.vortex.com Member, ACM Committee on Computers and Public Policy Lauren's Blog: http://lauren.vortex.com - - - On 02/20 03:37, David Farber wrote:
Begin forwarded message: From: Declan McCullagh <declan () well com> Date: February 20, 2009 2:09:30 AM EST To: dave () farber net Subject: Republicans propose data retention laws targeting ISPs, home WiFi users Dave, IPers may be interested in my article from this evening: http://news.cnet.com/8301-13578_3-10168114-38.htmlRepublican politicians on Thursday called for a sweeping new federal lawthat would require all Internet providers and operators of millions of WiFi access points, even hotels, local coffeeshops, and home users, to keep records about users for two years to aid police investigations... Translated, the Internet SAFETY Act applies not just to AT&T, Comcast,Verizon, and so on -- but also to the tens of millions of homes with WiFiaccess points that use the standard method of dynamically assigning temporary addresses. The relevant bills: http://thomas.loc.gov/cgi-bin/bdquery/z?d111:s.00436: http://thomas.loc.gov/cgi-bin/bdquery/z?d111:h.r.01076: It's unclear why Sen. Cornyn and Rep. Smith want to target home WiFiusers (plus companies, universities, schools, libraries). Smith has been at this data retention thing for over two years now, so he's had time toget it exactly right: http://news.cnet.com/2100-1028_3-6156948.html Before Democrats start bemoaning how censorial the Republicans are, let's remember affection for data retention laws is a bipartisan sentiment. The first politician in the U.S. Congress to draft such legislation was a Democrat (Diana DeGette). And the current attorney general, Eric Holder, said this when he waspreviously at DOJ: "Certain data must be retained by ISPs for reasonableperiods of time so that it can be accessible to law enforcement." (http://www.usdoj.gov/criminal/cybercrime/dagceos.html) -Declan ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Republicans propose data retention laws targeting ISPs, home WiFi users David Farber (Feb 20)
- <Possible follow-ups>
- Re: Republicans propose data retention laws targeting ISPs, home WiFi users David Farber (Feb 20)
- Re: Republicans propose data retention laws targeting ISPs, home WiFi users David Farber (Feb 20)
- Re: Republicans propose data retention laws targeting ISPs, home WiFi users David Farber (Feb 20)
- Re: Republicans propose data retention laws targeting ISPs, home WiFi users David Farber (Feb 20)