Fri Jun 17th, 2005 at 09:26:24 AM EST
The US Justice department is considering a proposal to require ISP's to retain records of customers' internet activites.
Meanwhile, the European Parliament goes head to head with the Council of the European Union on this very same issue - and gets blown off.
(X-posted at BT)
This from CNET:
Your ISP as Net watchdog
Published: June 16, 2005, 4:00 AM PDT
By Declan McCullagh
The U.S. Department of Justice is quietly shopping around the explosive idea of requiring Internet service providers to retain records of their customers' online activities.
Data retention rules could permit police to obtain records of e-mail chatter, Web browsing or chat-room activity months after Internet providers ordinarily would have deleted the logs--that is, if logs were ever kept in the first place. No U.S. law currently mandates that such logs be kept.
This represents an abrupt shift in the Justice Department's long-held position that data retention is unnecessary and imposes an unacceptable burden on Internet providers. In 2001, the Bush administration expressed "serious reservations about broad mandatory data retention regimes."
The current standard only requires Internet providers to retain any "record" in their possession for 90 days "upon the request of a governmental entity."
The crowbar they've picked is the classic hot-button issue of our time:
Justice Department officials endorsed the concept at a private meeting with Internet service providers and the National Center for Missing and Exploited Children, according to interviews with multiple people who were present. The meeting took place on April 27 at the Holiday Inn Select in Alexandria, Va.
"It was raised not once but several times in the meeting, very emphatically," said Dave McClure, president of the U.S. Internet Industry Association, which represents small to midsize companies. "We were told, 'You're going to have to start thinking about data retention if you don't want people to think you're soft on child porn.'"
McClure added that "my sense was that this is something that they've been working on for a long time."
I don't mean to minimize or make light of any facet of the issue of child abuse. But the nebulous accusation "Soft on child porn" - or the threat of such an accusation - is a wonderful stick to beat privacy rights to death with.
"Even if your concern is chasing after child pornographers, the [data] packets don't come pre-labeled that way," [Marc] Rotenberg [director of the Electronic Privacy Information Center] said. "What effectively happens is that all ISP customers, when that data is presented to the government, become potential targets of subsequent investigations."
Meanwhile, a quarter of a world away:
Europe to push ahead with ISP snooping law
Published: June 9, 2005, 10:53 AM PDT
By Sylvia Carr
Special to CNET News.com
Legislation that would require telephone companies and Internet service providers to save information about customers' communications is set to proceed despite being rejected by the European Parliament.
The legislation's draft proposal was introduced jointly by France, Ireland, Sweden and the United Kingdom to aid law enforcement in combating terrorist acts. It will require phone companies and ISPs to retain for 12 to 36 months customer data such as the time, date and location of sent and received e-mails and phone calls. The content of the communications, however, will not be retained.
The European Parliament on Tuesday rejected the proposal, partly on grounds it could be illegal.
Parliament rejected it but the legislation will go forward? What gives?
However, although Parliament's vote has been hailed a victory by organisation representing ISPs, the reality is that the body has no power over the future of the proposal. This is because it is a Pillar 3 proposal, that is, it was set in motion by member states, not the European Commission.
"The Parliament was just being "consulted" on the proposal under the Consultation Procedure and consequently has no power," explains Joe McNamee, EU policy director at the Political Intelligence consultancy. link
The third pillar comprises "Police and Judicial Co-operation in Criminal Matters", and all these matters fall under "consultation": the EP must be consulted, but its decision need not be heeded. (See here for a quick rundown of European decision-making.)
And the decision seems to be a foregone conclusion, as this rather bland press release dated 2 June 2005 (one week prior to the EP decision), which says in part:
A broad consensus emerged on the "step-by-step" approach presented by the Luxembourg Presidency. For Luc Frieden, "that does not mean that all telecommunications data should not be included immediately." First of all, the Council should start with fixed telephone lines and mobile telephones. As for the Internet and calls not completed, the representatives of the Member States agreed on a transitional period to take into account problems that some national providers may encounter in implementing this type of retention. ...
It's all over but the shouting - if we don't shout now.