February 26, 2007
Online Reaction to Proposed Bill for Government to Require ISPs to Retain All Tracking Data Indefinitely

I've been tracking reaction to the announcement from U.S. Representative Lamar Smith, a Republican, a couple of weeks ago called the SAFETY Act, which is short for the Internet Stopping Adults Facilitating the Exploitation of Today's Youth Act.

According to the wording of the bill, the introduced legislation intends to track financial facilitations of access to child pornography, online hosting of child pornography and exploitation, and other such measures. What has most people up in arms is not the move to eliminate child pornography and the idea of protecting children's safety, but rather the means by which the bill intends to go about it.

According to Iain Thomson with VNU, the bill "would require ISPs to record all users' surfing activity, IM conversations and email traffic indefinitely."

Hmmm...wonder what could have people up in arms about that? Perhaps civil liberties, that forgotten concept of American freedom? As Thomson reports, the bill would make it a crime punishable not only by fines but even a prison term for up to one year for any Internet service provider which does not keep full records of the activities of its users.

Josh at The Seminal wrote a strong reaction to the legislation which my colleague Alec Austin sent my way. Josh writes that the legislation "is currently the gravest threat to digital privacy rights on the Internet. Given the increasing tendency of people, especially young people, to use the Internet as a primary means of communication, this measure would affect nearly all Americans in ways we are only beginning to understand. Also, given the fact that the Act requires all Internet Service Providers to record the web surfing activity of all Internet users, this amounts to the warrantless wiretapping of the entire Internet."

Josh points out that many major blogs, as well as major media outlets, have not been reporting on the SAFETY Act. The legislation was "shot down due to free speech concerns" back in 2006, and apparently the most troubling aspects of the bill weren't even added at that time but were inserted by Lamar Smith, partly due to the public rhetoric of the FBI. Look at ars technica for more info in that regard.

Reader Futile Battle points out that most of these governmental provisions are already in place, in that the government "already has unlimited access to monitor every packet delivered across the internet within the US without a warrant," but that the problem with this bill is the storage burdens it would place on smaller ISPs. "Passing this bill will be a financial burden that unnecessarily increases the cost for the internet to exist, thus would limit users by simply making it unaffordable for low income groups because it will force the base price of internet access to increase."

Here are some interesting reactions from around the Web:

- Readers on Neowin point out the irony that, last month, Lamar Smith's bill protecting the privacy of phone records was passed into law, making his now being the champion of requiring ISP monitoring of Internet records a strange contradiction. According to the press release, the recently approved bill "protects citizens' privacy by criminalizing the fraudulent sale or solicitation of confidential phone records." In this case, though, it is private business use of these records and not governmental intrusion.

-Jim Macdonald at Making Light points out that "In addition to sweeping up and permanently recording all of the conversations and letters of terrorists and kiddie-porn purveyors, this would sweep up everything by everyone else as well -- without a warrant, without probable cause, without recourse, without exception, and without reason."

-Chris Clarke at Pandagon writes, "Imagine the Intellectual Property issues alone: any corporation that uses an outside ISP will have to forego, completely, ever sending any proprietary information by way of email or IM unless they encrypt it, and given how many corporate folks can barely figure out how to use Outlook, that ain't gonna happen any time soon."

-Over at Code Monkey Ramblings, there is this quote: "You are creating a huge repository of personal information that can be easily compromised by criminals. Every unencrypted thing that you do online is vulnerable to data retention policies. That means every username, every password, every blog post, every email, every IM conversation."

-Rob at Say Anything asks, "Who is going to bear the cost of storing all this data? Every email? Every instant message? Every visited website? That adds up to a tremendous amount of data to be stored by an internet service provider. Indefinitely too, and the cost of it all will be paid ultimately by we, the ISP's customers. In order to remain profitable the ISP will have to transfer that expense to customers." He concludes, "It seems to me as though asking ISP's to keep a copy of all our emails is tantamount to the U.S. post office keeping a copy of all of our mail."

-poorcollegeblog draws a link between this move and the legislation from John McCain to "hold webmasters accountable for other users content posted on said websites under penalty of law. So, sites are now responsible for anything posted in comments sections of web pages. Anything."

-And, of course, the ACLU isn't happy. Click the link for their official condemnation, which calls the measure "like swatting a fly with a bazooka."

Coming off my recent series here called Access vs. Censorship, I am interested in tracking the continued development of a bill that could have major ramifications for the ways in which ISPs do business and the privacy of all online users.



Very nice! Thanks for the link too!

It should be interesting to keep tracking this bill as the process develops. I'm wondering if some politicians will see some political fallout over their support.


For the people who never think about it, though, and the media who hardly report the full meaning of this, it may be a bill that sounds good without putting deep thought into. What we need are more voices pointing out the implications of this on civil liberties.

Keeping records to be able to track down online predators sounds good. The idea of governments spying on all your e-mails and IMs...not so much.


It's good that _somebody_ is willing to fight against these invasions of our privacy. It's so sad that it won't make sense to most of us until all our feedom is gone...


I just can't imagine how they could possibly think this is constitutional -- the government is overreaching its power.