It’s a question privacy advocates and law enforcement have been grappling with for years: Does the protection of Little Sister justify Big Brother’s prying eyes?
House Judiciary Subcommittee on Crime, Terrorism and Homeland Security met Tuesday morning to try to answer that question, with help from the Department of Justice, the United States Internet Service Provider Association and others. At issue is how long internet service providers should be required to keep massive amounts of user data for law enforcement to potentially sort through later.
Similar initiatives, usually GOP-driven, are a relic of the Bush era and have seen little success. But now the DOJ is leading a renewed push for retention of data by ISPs to help investigate child pornography.
The failure of past attempts at regulating data retention, as well as the lack of clarity on what the DOJ wants — let alone how to organize and fund it (especially while the GOP seeks to cut spending by 20 percent) — makes it look unlikely that legislation will be passed in the near future.
There is no uniform length of time ISPs must save data. Some ISPs dissolve their data within days, while many keep information for 30 days.
John Douglass, Chief of Police in Overland Heights, Kansas, testified and recommended that data be kept for at least six months, possibly up to 18 months, to aid in any criminal investigations.
“Six months would be six times better than the best we’re able to get right now,” he said, citing the “diminishing returns” for investigations as data disappeared.
Jason Weinstein, a deputy assistant attorney general, was unable to back up claims that keeping data and potentially compromising users’ privacy would lead to more successful child pornography investigations.
But John Morris, the general counsel for the Center for Democracy and Technology, came prepared with his own set of statistics: As of mid-2009, Facebook users posted around a billion chat messages per day. A database of a year’s worth of Facebook chats would have more than a trillion data points, making finding evidence for a case in a database that vast would be like searching for a binary needle in a haystack.
“There’s no way to specifically target it,” Morris said, “because if we knew who the bad guy was, we could just target them.”
Nonetheless, even some Democrats on the subcommittee were a less-than-receptive audience for privacy concerns. Rep. Debbie Wasserman Schultz (D-FL), insisted that ther, “This is not about watching and tracking peoples’ activity online, it’s about connecting the dots.”
Rep. Hank Johnson (D-Georgia), meanwhile, said that “child pornography is a kind of Trojan Horse, and inside that, a data retention requirement that would fall on ISPs.”
Though no concrete action is likely to come soon, subcommittee chairman Rep. Jim Sensenbrenner (R-Wisc.) used the opportunity to get aggressive with USISP Executive Director Kate Dean.
“I am a firm believer in carrots and sticks, and I am tossing you a carrot now,” he said. “Try to bring your industry together to deal with this problem on a voluntary basis. If you aren’t a good rabbit and don’t start eating the carrot, we’re all going to be throwing the stick at you.”
