lifeonqueen (![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
lifeonqueen) wrote2007-02-12 10:10 pm
lifeonqueen) wrote2007-02-12 10:10 pm
Entry tags:
The US House of Representatives May Want to Read Your E-Mail
Further to my earlier post about HR 837, the "Internet Stopping Adults Facilitating the Exploitation of Today's Youth Act of 2007", or the SAFETY Act, it appears that, contrary to the report from Crooks and Liars.com (originally posted on The Seminal.com), the SAFETY Act would not "require ISPs to record all users' surfing activity, IM conversations and email traffic indefinitely" as I previously posted. Not quite anyway.
An American friend who's a lawyer IRL dropped me a line after reading my LJ today to point out that the bill, HR 837, didn't say what Crooks and Liars, Seminal, The Agonist and other blogs who had picked up the story said it did. According to my friend, the SAFETY Act, if passed, would require ISPs to maintain permanent records of customers buying webspace or Internet access from them so that if a law enforcement agency discovered, for example, that the computer with the Internet protocol address 127.0.0.1 hosted kiddie porn, they could go to the ISP's records and find out that IP address 127.0.0.1 belonged to Joe Smith, of 123 Some Street, Someplace, Some State/Province/Territory.
I thought this sounded eminently reasonable since presumably most ISPs would keep these records anyway for billing purposes, therefore, the SAFETY Act was essentially proposing to require ISPs to maintain these records in perpetuity - annoying but not necessarily a greater threat to privacy than already exists by virtue of paying a company to access the Internet through their servers. I told my friend that I would read the text of the bill and post corrected information from home tonight.
Well, after managing to navigate the Library of Congress's online archive (called Thomas after Thomas Jefferson - sidebar: I will never bitch about Hansard again), I found a text of the proposed bill. Turns out that my friend the lawyer and the bloggers are both right - sort of.
While the SAFETY Act, as written, would not "require ISPs to record all users' surfing activity, IM conversations and email traffic indefinitely," Section 6 of the proposed Act reads as follows:
So the current blog reports about the SAFETY Act that I linked to this morning are factually incorrect - it's not the content of the SAFETY Act that is troubling - IMO, it's what the Act doesn't include, like a limit on what information the Attorney General could require ISPs to keep on file if the Act is passed that's troubling. And it is particularly troubling given this administration's far from stellar record when it comes to privacy rights (domestic wiretapping, anyone?).
It's not quite a case of the bloggers who cried wolf - more the case of the bloggers who cried "that pregnant wolf over there could give birth to pups who will come and eat my sheep." I'd still write the Judiciary Committee, were I a citizen of the Republic.
An American friend who's a lawyer IRL dropped me a line after reading my LJ today to point out that the bill, HR 837, didn't say what Crooks and Liars, Seminal, The Agonist and other blogs who had picked up the story said it did. According to my friend, the SAFETY Act, if passed, would require ISPs to maintain permanent records of customers buying webspace or Internet access from them so that if a law enforcement agency discovered, for example, that the computer with the Internet protocol address 127.0.0.1 hosted kiddie porn, they could go to the ISP's records and find out that IP address 127.0.0.1 belonged to Joe Smith, of 123 Some Street, Someplace, Some State/Province/Territory.
I thought this sounded eminently reasonable since presumably most ISPs would keep these records anyway for billing purposes, therefore, the SAFETY Act was essentially proposing to require ISPs to maintain these records in perpetuity - annoying but not necessarily a greater threat to privacy than already exists by virtue of paying a company to access the Internet through their servers. I told my friend that I would read the text of the bill and post corrected information from home tonight.
Well, after managing to navigate the Library of Congress's online archive (called Thomas after Thomas Jefferson - sidebar: I will never bitch about Hansard again), I found a text of the proposed bill. Turns out that my friend the lawyer and the bloggers are both right - sort of.
While the SAFETY Act, as written, would not "require ISPs to record all users' surfing activity, IM conversations and email traffic indefinitely," Section 6 of the proposed Act reads as follows:
SEC. 6. RECORD RETENTION REQUIREMENTS FOR INTERNET SERVICE PROVIDERS.As my friend the lawyer correctly notes, the Act does not mention maintaining records of e-mails, instant messenger conversations or websurfing activity. However, the Act would authorize the Attorney General to make regulations that would "at a minimum" require ISPs to keep permanent records of your IP address and user ID. The phrase that freaks me and the blogosphere out is "at a minimum" - my understanding of American regulatory process is negligable at best but this would seem to me that, if passed, the SAFETY Act would give the US Attorney General the authority to make regulations requiring ISPs to keep permanent records of an unlimited variety of types Internet activity, which could potentially include e-mail and IM traffic - and jail and/or fine ISPs for failing to do so.
(a) Regulations- Not later than 90 days after the date of the enactment of this section, the Attorney General shall issue regulations governing the retention of records by Internet Service Providers. Such regulations shall, at a minimum, require retention of records, such as the name and address of the subscriber or registered user to whom an Internet Protocol address, user identification or telephone number was assigned, in order to permit compliance with court orders that may require production of such information. [Emphasis mine]
So the current blog reports about the SAFETY Act that I linked to this morning are factually incorrect - it's not the content of the SAFETY Act that is troubling - IMO, it's what the Act doesn't include, like a limit on what information the Attorney General could require ISPs to keep on file if the Act is passed that's troubling. And it is particularly troubling given this administration's far from stellar record when it comes to privacy rights (domestic wiretapping, anyone?).
It's not quite a case of the bloggers who cried wolf - more the case of the bloggers who cried "that pregnant wolf over there could give birth to pups who will come and eat my sheep." I'd still write the Judiciary Committee, were I a citizen of the Republic.