Two Bad Ideas for the Price of One

by on February 9, 2007

I’ve got a new article up on the Internet Stopping Adults Facilitating the Exploitation of Today’s Youth Act. (Internet SAFETY. Get it?) This is part of the GOP’s “law and order” agenda, which they think will play well with voters in 2008.

The legislation would require mandatory labeling of pornographic websites and increase the already-draconian penalties for various offenses related to child pornography. But here’s the really scary part:

The bill requires that e-mail and Internet service providers retain records about their customers’ online activities for use in law enforcement activities. Failure to comply with regulations issued by the attorney general will get you a year in the slammer.

The legislation gives the executive branch essentially unlimited discretion to determine what data must be retained, and for how long. Indeed, the bill appears to open the door to requirements that ISPs retain records of their customers’ activities indefinitely. That raises serious privacy concerns, because once the records are available, there will inevitably be pressure to increase the number of people who have access to them. For example, the movie and recording industries would undoubtedly love to get their hands on the traffic records of those suspected of illicit file trading. Indeed, one member of Congress, Rep. Edward Markey (D-MA) was so concerned about the dangers of mandatory data retention last year that he proposed legislation requiring ISPs to delete personal data within “a reasonable period of time.”

Such regulations could be especially burdensome to small organizations and individuals. The law appears to apply to anyone running a web or e-mail server on the public Internet, even an individual running a server in his basement. The law is too open-ended to predict how burdensome the resulting regulations would be, but it would certainly upset many Ars readers if they were required to hire a lawyer to verify that their log rotation policies wouldn’t land them in jail.

As far as I can tell, the bill gives the AG totally unlimited discretion in dictating what information ISPs would have to retain. So if he wants them to retain records of every website their customers visit, and every email they send and receive, and keep them forever, he can issue regulations requiring that. I’m not sure how common it is for Congress to give the executive branch this kind of unbridled discretion, but I kind of thought the whole purpose of the separation of powers was to ensure that the people who write the laws are not also the ones who will be interpreting them.

SHARE:

Tim Lee / Timothy B. Lee (Contributor, 2004-2009) is an adjunct scholar at the Cato Institute. He is currently a PhD student and a member of the Center for Information Technology Policy at Princeton University. He contributes regularly to a variety of online publications, including Ars Technica, Techdirt, Cato @ Liberty, and The Angry Blog. He has been a Mac bigot since 1984, a Unix, vi, and Perl bigot since 1998, and a sworn enemy of HTML-formatted email for as long as certain companies have thought that was a good idea. You can reach him by email at leex1008@umn.edu.

Comments on this entry are closed.

Previous post:

Next post: