[e-privacy] [[tml] FBI director wants ISPs to track users]

Anonymous cripto at ecn.org
Fri Nov 10 22:23:23 CET 2006 

----- Forwarded message -----

Date: Sun, 05 Nov 2006 12:27:50 +0100
From: "by way of tactical at tmcrew.org" <viviane at interpac.net>
Subject: [tml] FBI director wants ISPs to track users
To: tacticalmedia at squat.net

http://news.com.com/FBI+director+wants+ISPs+to+track+users/2100-7348_3-6126=
877.html

FBI director wants ISPs to track users

By Declan McCullagh
Story last modified Wed Oct 18 06:41:42 PDT 2006

FBI Director Robert Mueller on Tuesday called on Internet service
providers to record their customers' online activities, a move that
anticipates a fierce debate over privacy and law enforcement in Washington
next year.
"Terrorists coordinate their plans cloaked in the anonymity of the
Internet, as do violent sexual predators prowling chat rooms," Mueller
said in a speech at the International Association of Chiefs of Police
conference in Boston.

-----------
ISP snooping time line
In events that were first reported by CNET News.com, Bush administration
officials have said Internet providers must keep track of what Americans
are doing online.

June 2005: Justice Department officials quietly propose data retention rule=
s.

December 2005: European Parliament votes for data retention of up to two
years.

April 14, 2006: Data retention proposals surface in Colorado and the U.S.
Congress.

April 20, 2006: Attorney General Alberto Gonzales says data retention
"must be addressed."

April 28, 2006: Rep. Diana DeGette proposes data retention amendment.

May 16, 2006: Rep. James Sensenbrenner drafts data retention
legislation--but backs away from it two days later.

May 26, 2006: Gonzales and FBI Director Robert Mueller meet with Internet
and telecommunications companies.

June 27, 2006: Rep. Joe Barton, chair of a House committee, calls new
child protection legislation "highest priority."
--------

"All too often, we find that before we can catch these offenders, Internet
service providers have unwittingly deleted the very records that would
help us identify these offenders and protect future victims," Mueller
said. "We must find a balance between the legitimate need for privacy and
law enforcement's clear need for access."

The speech to the law enforcement group, which approved a resolution on
the topic earlier in the day, echoes other calls from Bush administration
officials to force private firms to record information about customers.
Attorney General Alberto Gonzales, for instance, told Congress last month
that "this is a national problem that requires federal legislation."

Justice Department officials admit privately that data retention
legislation is controversial enough that there wasn't time to ease it
through the U.S. Congress before politicians left to campaign for
re-election. Instead, the idea is expected to surface in early 2007, and
one Democratic politician has already promised legislation.

Law enforcement groups claim that by the time they contact Internet
service providers, customers' records may have been deleted in the routine
course of business. Industry representatives, however, say that if police
respond to tips promptly instead of dawdling, it would be difficult to
imagine any investigation that would be imperiled.

It's not clear exactly what a data retention law would require. One
proposal would go beyond Internet providers and require registrars, the
companies that sell domain names, to maintain records too. And during
private meetings with industry officials, FBI and Justice Department
representatives have cited the desirability of also forcing search engines
to keep logs--a proposal that could gain additional law enforcement
support after AOL showed how useful such records could be in
investigations.

A representative of the International Association of Chiefs of Police said
he was not able to provide a copy of the resolution.

Preservation vs. retention
At the moment, Internet service providers typically discard any log file
that's no longer required for business reasons such as network monitoring,
fraud prevention or billing disputes. Companies do, however, alter that
general rule when contacted by police performing an investigation--a
practice called data preservation.

A 1996 federal law called the Electronic Communication Transactional
Records Act regulates data preservation. It requires Internet providers to
retain any "record" in their possession for 90 days "upon the request of a
governmental entity."

Because Internet addresses remain a relatively scarce commodity, ISPs tend
to allocate them to customers from a pool based on whether a computer is
in use at the time. (Two standard techniques used are the Dynamic Host
Configuration Protocol and Point-to-Point Protocol over Ethernet.)

In addition, Internet providers are required by another federal law to
report child pornography sightings to the National Center for Missing and
Exploited Children, which is in turn charged with forwarding that report
to the appropriate police agency.

The Europe-wide requirement applies to a wide variety of "traffic" and
"location" data, including: the identities of the customers'
correspondents; the date, time and duration of phone calls, VoIP (voice
over Internet Protocol) calls or e-mail messages; and the location of the
device used for the communications. But the "content" of the
communications is not supposed to be retained. The rules are expected to
take effect in 2008.



Donate to Infoshop.org: http://www.infoshop.org/donate.html
_______________________________________________
infoshop-news mailing list
infoshop-news at infoshop.org
http://www.infoshop.org/mailman/listinfo/infoshop-news =



----- End forwarded message -----

More information about the E-privacy mailing list