The Register® — Biting the hand that feeds IT

Feeds

Congress mulls stringent data retention rules

US politicians have proposed legislation that would oblige both ISPs and people running Wi-Fi hotspots to keep access logs for two years. The stringent data retention rules are among provisions to two companion bills submitted to the House of Representatives (H.R.1076) and the Senate (S.436). Both bills are known as Internet …

This topic is closed for new posts.
Anonymous Coward
Alert

Lock us up

Typical home users who barely know how to password their wireless networks will become criminals just for not logging traffic.

Awesome.

Anonymous Coward
Linux

That is the US for you...

arrive late in the game, but then do it to the extreme =S

Anonymous Coward
Anonymous Coward

Safe and Secure? or Free and a Little Less Secure?

As the EU have already paved the way to having access to a rich vein of communications data that can be mined for intelligence on criminal, commercial and espionage activities, the USA have little option but to go ahead.

These distributed data warehouses of intercept data may indeed help catch low grade criminals and agents acting for foreign powers. However it's real value will be highlighting those using surveillance countermeasures or exhibiting anti-surveillance behaviours who can be targeted for deeper investigation.

While many may say it is only a slight inconvenience having people rooting around in their communications "underwear drawer" if it catches criminals, there are real dangers in having over zealous intelligence gathering. At some time in the future malevolent use or manipulation of this all-encompassing communications data could threaten the future of democracy itself. To help prevent a nightmare, there must be robust safeguards and judicial oversight to ensure that there is only controlled and limited access to intercept data and the derived intelligence analysis. Civil rights must be protected, even at the expense of a having a little less security.

Anonymous Coward
Stop

Internet Stalking Act?

Throw that proposal out!

Being a UK citizen, I have some idea of what it feels like to live in a "surveillance society" (as we often call it). It does not feel good. I do not feel any safer. I do not feel protected by the state. Instead, it feels more like we're all being stalked on behalf of a "stalker state".

When citizens have to keep each other under surveillance, you know you're not living in a free country anymore.

STOP THE INTERNET STALKING ACT!

Nick Stallman
Stop

Err what?

If someone downloads kiddie porn in a internet cafe on their laptop, and the police investigate then they've got virtually nothing from these logs.

If it takes too long they will even lose the security footage of the time.

2 years later there is no one to interview about who the person was, no footage of him, nothing.

All you know is what private ip he had at the time.

Chris C

Arrest everyone

Why don't we just force mandatory sterilization upon birth? That way, people won't be able to have children, thereby completely eliminating the exploitation of children. Until that time, I suggest we create a law to prevent motor vehicles from going faster than 5 MPH. Anything more than that is just too damaging if a child runs out in front of you. And for the love of all that is sacred, we must rid ourselves of plastic bags, lest the little kiddies suffocate themselves. Don't even get me started on chainsaws...

Look, I'm all for protecting children. And I'll do whatever I reasonably can to stop the exploitation of children. But we've become a surveillance society and eliminated many of our freedoms on the basis of "something MIGHT happen, so we need to be prepared". A car MIGHT drive through the front of your house, too, but you haven't done anything to prevent it. A child MIGHT stick their finger in the electrical outlet, too, but that doesn't mean you've decided to forgo electricity and live like the Amish.

You know, gloves can be worn to avoid leaving fingerprints while committing a crime. Maybe we should require all merchants who sell gloves to retain all data relating to the sale of gloves. And rope can be used to tie people up, better add rope to that list. And what child doesn't like candy? As such, candy can be used to lure a child into your car, so we better start collecting data on everyone who buys candy since they're all suspected pedophiles. If you're not doing anything wrong, then you've got nothing to hide.

Matthew
Thumb Down

and yet many home users don't even know how to put a password on their router

Im sure this will work great. will it be a crime when your hard drive fails then? or a crime not to have DHCP enabled?

Anonymous Coward
Flame

Loopholes

The snippet of the law appears to criminalize the failure to encrypt an AP connection unless the user somehow identifies the user that war hunts the AP and keeps years of records on them. This also ignores apartments, where non technical users even if they have their own AP use whatever their computer connects to, not understanding what is going on.

Also, they shouldn't mention DHCP-- does this mean a statically assigned IP can be used without keeping records?

And of course they are making business cases for VPN sellers whose endpoint is outside the grasp of the local police state.... oh wait, anyone using a VPN must be a criminal hiding something...

Why not doesn't Congress and the EU just stop KIDding themselves and pass the PiSSFUK (Police State Surveillance For the Unfortunate Kids) law-- every copy of OS/X, Windows, Linux, and any other operating system that has access to the Internet has to keep a 2 year browsing history, with complete running updates sent to the FBI, FSB, BND, MI6, and of course Brussels each time the IP address changes? I mean, It's For The KIDS for Dogsake!

Steven Knox
IT Angle

Erm...

Correct me if I'm wrong, but I don't see anything that requires you to collect any identifiying information, just that you have to retain what you do collect.

This seems geared specifically towards ISPs (because they DO collect identification information for billing purposes and then assosicate the DHCP address to a specific account number.)

Perhaps that could be better specified in the bill, but I doubt they'll be kicking in doors and demanding people turn over their home router logs.

Frumious Bandersnatch
Thumb Down

So let me get this right...

All network cards will have to be registered to a user, and no network card will be allowed to change its hardware address? Oh, and DHCP will have to be rewritten to check whether the supplied hardware address is a valid user. And just for shits and giggles, any packet injection utility will have to become illegal. Just when/how is all that supposed to happen?

jim

insanity

And exactly how is the counter person in a coffee shop, or a librarian, supposed to accomplish this? I can picture router manufacturers and Best Buy (aka "Geek Squad" ) seeing the dollar signs and lobbying for this insanity, big-time.

MarkMac

Impossible to enforce

Pointless and unenforceable for now - almost no home router is capable of retaining logs for even a few weeks, so the technical issues would make the law unusable.

Unless of course its a covert attempt by the router-makers to get everyone to spend $$$ upgrading, or by the mainstream muni-wifi providers to corner the hotspot market by making it too hard for small-scale providers to set up shop.

CJ
Thumb Down

data retention?

more like anal retention!

Herby

Ask me no questions

and I tell you no lies!

When they require the data retention on bribe payments in government, then I might comply. So I have an open WiFi connection. I don't care. The router has no record keeping anyway. Yes, it has logs, so I might send them over to my local congress(wo)man. They have recording keeping don't they?

Yeah, that's the ticket. Send my logs to congress!

Dave Rickmers
Thumb Down

For Hollywood, not so much the kids

They RIAA, etc., try to get this passed every session of Congress. They are looking for what they call "pirates". Arrhhh.

Anonymous Coward
Thumb Down

why bother

I mean, after all, the NSA already HAS everything you are doing. Every little bit of data on every phone and dataline and it doesn't even matter what country you live in or where your connection is located. You are alread snooped and logged.

Tossers

Steven Hunter
Alert

Hardly seems worthwhile...

"OK officer, here's a list of all the IP addresses given out by my home router for the last year.

192.168.0/24

Good luck finding those pedophiles!"

This topic is closed for new posts.