Mandatory data retention resurfaces; Gonzales, Mueller call for 2-year rule [priv]

[Declan McCullagh <declan () well com>]

I've been busy at work writing a series of articles about what's going 
on in terms of forcing Internet service providers to snoop on Americans. 
Basically Attorney General Gonzales and FBI Director Mueller met with 
Internet and telecom companies (including Microsoft, Google, Verizon, 
and Comcast) last Friday and called on them to store data about users' 
activities for two years:
http://news.com.com/2100-1028_3-6077654.html

Until that meeting, Gonzales and the Justice Department had been saying 
this would be useful for child porn fighting. Now they've realized (took 
'em long enough) that (a) the stored data would be useful for terrorism 
investigations and (b) it might be politically convenient to pitch it as 
an anti-terrorism measure:
http://news.com.com/2100-1028_3-6078229.html

Companies aren't very happy about this. And of course any such 
know-your-user law would presumably apply to libraries, schools, and 
coffee shops as well:
http://news.com.com/2100-1028_3-6078689.html

Looking ahead a few years, assuming that data retention is adopted, it's 
unclear that the Feds would stop there. Imagine a shocking horrible 
tragedy could have been prevented if only even more expansive laws had 
been adopted on top of data retention. The end game eventually could 
involve (a) making it unlawful to offer Internet access without 
verifying identities, effectively shutting down open WiFi nodes and (b) 
restricting the use of encryption and anonymity services -- after all, 
what good is a pile of retained data if it doesn't tell you very much?

This is sheer speculation, mind you. But then again a House of 
Representatives committee once approved a bill that would make it 
unlawful to sell encryption products without backdoors for the Feds. And 
Sen. Judd Gregg talked about restricting encryption products soon after 
9/11, so perhaps it's not _that_ unlikely either.

One other thing worth thinking about in terms of the Washington endgame. 
The Internet providers I've talked to have been generally opposed to the 
idea. But one of their primary complaints is the logical one of how much 
it will cost. If the Feds decide to write them a fat check, their 
complaints could evaporate and the legislation would instantly 
experience far less opposition. Watch for this; it would follow what 
happened with CALEA.

Here's Microsoft's statement on data retention:
http://news.com.com/2100-1028_3-6078711.html

Or, if you prefer, CNN and USA Today coverage of the topic:
http://www.usatoday.com/tech/news/internetprivacy/2006-05-31-internet-records_x.htm
http://money.cnn.com/2006/05/30/technology/justice_internet/

-Declan
_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)