independent and unofficial
Prince fan community site
Thu 22nd Aug 2019 3:44pm
Welcome! Sign up or enter username and password to remember me
Forum jump
Forums > Politics & Religion > FBI director wants ISPs to track users
« Previous topic  Next topic »
  New topic   Printable     (Log in to 'subscribe' to this topic)
Author

Tweet     Share

Message
Thread started 10/19/06 5:59am

lilgish

avatar

FBI director wants ISPs to track users

http://www.usatoday.com/t...king_x.htm
FBI Director Robert Mueller on Tuesday called on Internet service providers to record their customers' online activities, a move that anticipates a fierce debate over privacy and law enforcement in Washington next year.

"Terrorists coordinate their plans cloaked in the anonymity of the Internet, as do violent sexual predators prowling chat rooms," Mueller said in a speech at the International Association of Chiefs of Police conference in Boston.

"All too often, we find that before we can catch these offenders, Internet service providers have unwittingly deleted the very records that would help us identify these offenders and protect future victims," Mueller said. "We must find a balance between the legitimate need for privacy and law enforcement's clear need for access."

The speech to the law enforcement group, which approved a resolution on the topic earlier in the day, echoes other calls from Bush administration officials to force private firms to record information about customers. Attorney General Alberto Gonzales, for instance, told Congress last month that "this is a national problem that requires federal legislation."

Justice Department officials admit privately that data retention legislation is controversial enough that there wasn't time to ease it through the U.S. Congress before politicians left to campaign for re-election. Instead, the idea is expected to surface in early 2007, and one Democratic politician has already promised legislation.

Law enforcement groups claim that by the time they contact Internet service providers, customers' records may be deleted in the routine course of business. Industry representatives, however, say that if police respond to tips promptly instead of dawdling, it would be difficult to imagine any investigation that would be imperiled.

It's not clear exactly what a data retention law would require. One proposal would go beyond Internet providers and require registrars, the companies that sell domain names, to maintain records too. And during private meetings with industry officials, FBI and Justice Department representatives have cited the desirability of also forcing search engines to keep logs — a proposal that could gain additional law enforcement support after AOL showed how useful such records could be in investigations.

A representative of the International Association of Chiefs of Police said he was not able to provide a copy of the resolution.

Preservation vs. retention

At the moment, Internet service providers typically discard any log file that's no longer required for business reasons such as network monitoring, fraud prevention or billing disputes. Companies do, however, alter that general rule when contacted by police performing an investigation—a practice called data preservation.

A 1996 federal law called the Electronic Communication Transactional Records Act regulates data preservation. It requires Internet providers to retain any "record" in their possession for 90 days "upon the request of a governmental entity."

Because Internet addresses remain a relatively scarce commodity, ISPs tend to allocate them to customers from a pool based on if a computer is in use at the time. (Two standard techniques used are the Dynamic Host Configuration Protocol and Point-to-Point Protocol over Ethernet.)

In addition, Internet providers are required by another federal law to report child pornography sightings to the National Center for Missing and Exploited Children, which is in turn charged with forwarding that report to the appropriate police agency.

When adopting its data retention rules, the European Parliament approved U.K.-backed requirements saying that communications providers in its 25 member countries-several of which had enacted their own data retention laws already—must retain customer data for a minimum of six months and a maximum of two years.

The Europe-wide requirement applies to a wide variety of "traffic" and "location" data, including: the identities of the customers' correspondents; the date, time and duration of phone calls, VoIP (voice over Internet Protocol) calls or e-mail messages; and the location of the device used for the communications. But the "content" of the communications is not supposed to be retained. The rules are expected to take effect in 2008.

CNET News.com's Anne Broache contributed to this report
  - E-mail - orgNote - Report post to moderator
Reply #1 posted 10/19/06 8:52am

Voidra

It's not a bad idea but are they going to pay us for the additional machines and storage space and back-up equipment and the time for the work and expertise involved?


lilgish said:

http://www.usatoday.com/tech/products/cnet/2006-10-18-isp-tracking_x.htm
FBI Director Robert Mueller on Tuesday called on Internet service providers to record their customers' online activities, a move that anticipates a fierce debate over privacy and law enforcement in Washington next year.

"Terrorists coordinate their plans cloaked in the anonymity of the Internet, as do violent sexual predators prowling chat rooms," Mueller said in a speech at the International Association of Chiefs of Police conference in Boston.

"All too often, we find that before we can catch these offenders, Internet service providers have unwittingly deleted the very records that would help us identify these offenders and protect future victims," Mueller said. "We must find a balance between the legitimate need for privacy and law enforcement's clear need for access."

The speech to the law enforcement group, which approved a resolution on the topic earlier in the day, echoes other calls from Bush administration officials to force private firms to record information about customers. Attorney General Alberto Gonzales, for instance, told Congress last month that "this is a national problem that requires federal legislation."

Justice Department officials admit privately that data retention legislation is controversial enough that there wasn't time to ease it through the U.S. Congress before politicians left to campaign for re-election. Instead, the idea is expected to surface in early 2007, and one Democratic politician has already promised legislation.

Law enforcement groups claim that by the time they contact Internet service providers, customers' records may be deleted in the routine course of business. Industry representatives, however, say that if police respond to tips promptly instead of dawdling, it would be difficult to imagine any investigation that would be imperiled.

It's not clear exactly what a data retention law would require. One proposal would go beyond Internet providers and require registrars, the companies that sell domain names, to maintain records too. And during private meetings with industry officials, FBI and Justice Department representatives have cited the desirability of also forcing search engines to keep logs — a proposal that could gain additional law enforcement support after AOL showed how useful such records could be in investigations.

A representative of the International Association of Chiefs of Police said he was not able to provide a copy of the resolution.

Preservation vs. retention

At the moment, Internet service providers typically discard any log file that's no longer required for business reasons such as network monitoring, fraud prevention or billing disputes. Companies do, however, alter that general rule when contacted by police performing an investigation—a practice called data preservation.

A 1996 federal law called the Electronic Communication Transactional Records Act regulates data preservation. It requires Internet providers to retain any "record" in their possession for 90 days "upon the request of a governmental entity."

Because Internet addresses remain a relatively scarce commodity, ISPs tend to allocate them to customers from a pool based on if a computer is in use at the time. (Two standard techniques used are the Dynamic Host Configuration Protocol and Point-to-Point Protocol over Ethernet.)

In addition, Internet providers are required by another federal law to report child pornography sightings to the National Center for Missing and Exploited Children, which is in turn charged with forwarding that report to the appropriate police agency.

When adopting its data retention rules, the European Parliament approved U.K.-backed requirements saying that communications providers in its 25 member countries-several of which had enacted their own data retention laws already—must retain customer data for a minimum of six months and a maximum of two years.

The Europe-wide requirement applies to a wide variety of "traffic" and "location" data, including: the identities of the customers' correspondents; the date, time and duration of phone calls, VoIP (voice over Internet Protocol) calls or e-mail messages; and the location of the device used for the communications. But the "content" of the communications is not supposed to be retained. The rules are expected to take effect in 2008.

CNET News.com's Anne Broache contributed to this report
Do not fear to be eccentric in opinion, for every opinion now accepted was once eccentric.
  - E-mail - orgNote - Report post to moderator
Reply #2 posted 10/19/06 8:56am

2the9s

Voidra said:

It's not a bad idea but


Why not? Because there might be a filthy Arab terrorist who has planted a nuclear bomb somewhere in NYC and the only way we can find the bomb before it goes off is to track his web hits?

Makes sense. nod
  - E-mail - orgNote - Report post to moderator
Reply #3 posted 10/21/06 11:40am

origmnd

it should definately be used on the org
  - E-mail - orgNote - Report post to moderator
Reply #4 posted 10/21/06 11:55am

Mach

origmnd said:

it should definately be used on the org


clapping
  - E-mail - orgNote - Report post to moderator
Reply #5 posted 10/22/06 12:43am

Voidra

ok, but are the ISP's supposed to pay the cost of doing so?

2the9s said:

Voidra said:

It's not a bad idea but


Why not? Because there might be a filthy Arab terrorist who has planted a nuclear bomb somewhere in NYC and the only way we can find the bomb before it goes off is to track his web hits?

Makes sense. nod
Do not fear to be eccentric in opinion, for every opinion now accepted was once eccentric.
  - E-mail - orgNote - Report post to moderator
  New topic   Printable     (Log in to 'subscribe' to this topic)
« Previous topic  Next topic »
Forums > Politics & Religion > FBI director wants ISPs to track users