PDA

View Full Version : Feds want your ISP to spy on you and keep records.


Simplex3
06-17-2005, 08:18 AM
First, Call Your Congressman and Senator. Next, cover your ass.

http://news.com.com/Your+ISP+as+Net+watchdog/2100-1028_3-5748649.html

Ultra Peanut
06-17-2005, 08:20 AM
<img src="http://samizdata.net/~pdeh/BigBrother1984_sml.gif" style="width: 205px; height: 295px; border: 0" alt="" />

Simplex3
06-17-2005, 08:21 AM
Ok, WTF? Every time I try to quote the article in the post I get a 0 byte reply from the server.

Simplex3
06-17-2005, 08:23 AM
<img src="http://samizdata.net/~pdeh/BigBrother1984_sml.gif" style="width: 205px; height: 295px; border: 0" alt="" />

Worse. Big Brother wants to force private industry to watch you. That way the feds don't have to spend their precious vote-buying scheme money on it, they can force you to pay to be spied on.

I'm in IT, I don't operate under some illusion that I can't be tracked online. However, doesn't this start to fall under "guilty until proven innocent"? Give me a break. "Well, your honor, if we simply tapped every phone all the time we'd surely catch some criminals."

Ultra Peanut
06-17-2005, 08:25 AM
There's not a lot right now that doesn't make me want to harm myself or others.

Maybe that'll pass in a little while...

On second thought, probably not.

Dartgod
06-17-2005, 08:25 AM
Ok, WTF? Every time I try to quote the article in the post I get a 0 byte reply from the server.
I'm guessing the FBI is behind this.

Ultra Peanut
06-17-2005, 08:42 AM
..
. .
.
. . . . ............ .








. . . . .













. ,

ExtremeChief
06-17-2005, 08:47 AM
..
. .
.
. . . . ............ .








. . . . .













. ,


Ok Psi, I'm pretty thick skinned, but you've crossed the line there.

Asshole, :cuss:

Saulbadguy
06-17-2005, 08:55 AM
but but but...if you have nothing to hide, you shouldn't be upset!!

:rolleyes:

Edubs
06-17-2005, 09:00 AM
dude......this sucks.......everyone can see how much internet porn I look at.

Ari Chi3fs
06-17-2005, 09:09 AM
No its okay, everyone... they need this data to protect us.

Ultra Peanut
06-17-2005, 09:19 AM
You don't want the terrorists to win, do you?!

Count Alex's Wins
06-17-2005, 09:21 AM
Well, private industry can do whatever they want. I haven't even read my SBC terms of service, but I'm sure I'm in violation.

The government needs to stay the **** away though.

BigRedChief
06-17-2005, 09:45 AM
I'm in IT, I don't operate under some illusion that I can't be tracked online.

9/11 changed a lot of things in this country.

htismaqe
06-17-2005, 10:00 AM
dude......this sucks.......everyone can see how much internet porn I look at.

They already could.

Dave Lane
06-17-2005, 10:05 AM
I'm ready to sell my freedoms for a bit of security. Where should I do it? Ebay? Should I put a reserve price on it?

Dave
~wandering minds need to know.

BigChiefFan
06-17-2005, 10:19 AM
The Freeiest country in the world is free as long as you believe exactly like the they do. We've become exactly what the forefathers didn't want. We came over here to get away from big government, now we have one of the biggest governments in the world. Our politicians are a bunch of scam artists. Who the **** deserves freedom?

Mr. Laz
06-17-2005, 10:43 AM
Your ISP as Net watchdog

Published: June 16, 2005, 4:00 AM PDT
By Declan McCullagh
Staff Writer, CNET News.com

The U.S. Department of Justice is quietly shopping around the explosive idea of requiring Internet service providers to retain records of their customers' online activities.

Data retention rules could permit police to obtain records of e-mail chatter, Web browsing or chat-room activity months after Internet providers ordinarily would have deleted the logs--that is, if logs were ever kept in the first place. No U.S. law currently mandates that such logs be kept.

In theory, at least, data retention could permit successful criminal and terrorism prosecutions that otherwise would have failed because of insufficient evidence. But privacy worries and questions about the practicality of assembling massive databases of customer behavior have caused a similar proposal to stall in Europe and could engender stiff opposition domestically.

News.context

What's new:
The U.S. Department of Justice is mulling data retention rules that could permit police to obtain records of e-mail, browsing or chat-room activity months after ISPs ordinarily would have deleted the logs--if they were ever kept in the first place.
Bottom line:
Data retention could aid criminal and terrorism prosecutions, but privacy worries and questions about the practicality of assembling massive databases of customer behavior could engender stiff opposition to the proposal.

More stories on this topic
In Europe, the Council of Justice and Home Affairs ministers say logs must be kept for between one and three years. One U.S. industry representative, who spoke on condition of anonymity, said the Justice Department is interested in at least a two-month requirement.

Justice Department officials endorsed the concept at a private meeting with Internet service providers and the National Center for Missing and Exploited Children, according to interviews with multiple people who were present. The meeting took place on April 27 at the Holiday Inn Select in Alexandria, Va.

"It was raised not once but several times in the meeting, very emphatically," said Dave McClure, president of the U.S. Internet Industry Association, which represents small to midsize companies. "We were told, 'You're going to have to start thinking about data retention if you don't want people to think you're soft on child porn.'"

McClure said that while the Justice Department representatives argued that Internet service providers should cooperate voluntarily, they also raised the "possibility that we should create by law a standard period of data retention." McClure added that "my sense was that this is something that they've been working on for a long time."

This represents an abrupt shift in the Justice Department's long-held position that data retention is unnecessary and imposes an unacceptable burden on Internet providers. In 2001, the Bush administration expressed "serious reservations about broad mandatory data retention regimes."

The current proposal appears to originate with the Justice Department's Child Exploitation and Obscenity Section, which enforces federal child pornography laws. But once mandated by law, the logs likely would be mined during terrorism, copyright infringement and even routine criminal investigations. (The Justice Department did not respond to a request for comment on Wednesday.)

"Preservation" vs. "Retention"
At the moment, Internet service providers typically discard any log file that's no longer required for business reasons such as network monitoring, fraud prevention or billing disputes. Companies do, however, alter that general rule when contacted by police performing an investigation--a practice called data preservation.

A 1996 federal law called the Electronic Communication Transactional Records Act regulates data preservation. It requires Internet providers to retain any "record" in their possession for 90 days "upon the request of a governmental entity."

"We were told, 'You're going to have to start thinking about data retention if you don't want people to think you're soft on child porn.'"
--Dave McClure, president, U.S. Internet Industry AssociationChild protection advocates say that this process can lead police to dead ends if they don't move quickly enough and log files are discarded automatically. Also, many Internet service providers don't record information about instant-messaging conversations or Web sites visited--data that would prove vital to an investigation.

"Law enforcement agencies are often having 20 reports referred to them a week by the National Center," said Michelle Collins, director of the exploited child unit for the National Center for Missing and Exploited Children. "By the time legal process is drafted, it could be 10, 15, 20 days. They're completely dependent on information from the ISPs to trace back an individual offender."

Collins, who participated in the April meeting, said that she had not reached a conclusion about how long log files should be retained. "There are so many various business models...I don't know that there's going to be a clear-cut answer to what would be the optimum amount of time for a company to maintain information," she said.

McClure, from the U.S. Internet Industry Association, said he counter-proposed the idea of police agencies establishing their own

guidelines that would require them to seek logs soon after receiving tips.

Marc Rotenberg, director of the Electronic Privacy Information Center, compared the Justice Department's idea to the since-abandoned Clipper Chip, a brainchild of the Clinton and first Bush White House. Initially the Clipper Chip--an encryption system with a backdoor for the federal government--was supposed to be voluntary, but declassified documents show that backdoors were supposed to become mandatory.

"Even if your concern is chasing after child pornographers, the packets don't come pre-labeled that way," Rotenberg said. "What effectively happens is that all ISP customers, when that data is presented to the government, become potential targets of subsequent investigations."

A divided Europe
The Justice Department's proposal could import a debate that's been simmering in Europe for years.

In Europe, a data retention proposal prepared by four nations said that all telecommunications providers must retain generalized logs of phone calls, SMS messages, e-mail communications and other "Internet protocols" for at least one year. Logs would include the addresses of Internet sites and identities of the correspondents but not necessarily the full content of the communication.


Previous Next Even after the Sept. 11, 2001, terrorist attacks, the Bush administration criticized that approach. In November 2001, Mark Richard from the Justice Department's criminal division said in a speech in Brussels, Belgium, that the U.S. method offers Internet providers the flexibility "to retain or destroy the records they generate based upon individual assessments of resources, architectural limitations, security and other business needs."

France, the United Kingdom, Ireland and Sweden jointly submitted their data retention proposal to the European Parliament in April 2004. Such mandatory logging was necessary, they argued, "for the purpose of prevention, investigation, detection and prosecution of crime or criminal offenses including terrorism."

But a report prepared this year by Alexander Alvaro on behalf of the Parliament's civil liberties and home affairs committee slammed the idea, saying it may violate the European Convention on Human Rights.

Also, Alvaro wrote: "Given the volume of data to be retained, particularly Internet data, it is unlikely that an appropriate analysis of the data will be at all possible. Individuals involved in organized crime and terrorism will easily find a way to prevent their data from being traced." He calculated that if an Internet provider were to retain all traffic data, the database would swell to a size of 20,000 to 40,000 terabytes--too large to search using existing technology.

On June 7, the European Parliament voted by a show of hands to adopt Alvaro's report and effectively snub the mandatory data retention plan. But the vote may turn out to have been largely symbolic: The Council of Justice and Home Affairs ministers have vowed to press ahead with their data retention requirement.

BIG_DADDY
06-17-2005, 10:58 AM
Your paranoid. There are black helicopters over your house and people looking in your windows dude.

BIG_DADDY
06-17-2005, 11:07 AM
[QUOTE=Iowanian take] Why do I care dude? I am not a terrorist and I don't surf for kiddy porn so it doesn't effect me. I still have my gun so who gives a shit? [QUOTE/]

htismaqe
06-17-2005, 11:15 AM
Your ISP as Net watchdog

The U.S. Department of Justice is quietly shopping around the explosive idea of requiring Internet service providers to retain records of their customers' online activities.

Data retention rules could permit police to obtain records of e-mail chatter, Web browsing or chat-room activity months after Internet providers ordinarily would have deleted the logs--that is, if logs were ever kept in the first place. No U.S. law currently mandates that such logs be kept.

In theory, at least, data retention could permit successful criminal and terrorism prosecutions that otherwise would have failed because of insufficient evidence. But privacy worries and questions about the practicality of assembling massive databases of customer behavior have caused a similar proposal to stall in Europe and could engender stiff opposition domestically.

This is neither new nor earth-shattering. Most ISP's retain data. All this would do is put a definite length of time to it.

Let me explain this one more time:

ISP'S ALREADY KEEP RECORDS OF EVERYTHING YOU DO ON THE INTERNET. WHEN THE FEDERAL, STATE, OR LOCAL GOVERNMENT PRESENTS A WARRANT OR SUBPEONA, THEY TURN IT OVER.

BIG_DADDY
06-17-2005, 11:21 AM
This is neither new nor earth-shattering. Most ISP's retain data. All this would do is put a definite length of time to it.

Let me explain this one more time:

ISP'S ALREADY KEEP RECORDS OF EVERYTHING YOU DO ON THE INTERNET. WHEN THE FEDERAL, STATE, OR LOCAL GOVERNMENT PRESENTS A WARRANT OR SUBPEONA, THEY TURN IT OVER.

If I am not mistaken they also make your cell phone service provider retain your conversations for a period of time as well. I remember when they were trying to put through that legislation like 5 years ago but I never heard about it again. I guess the media has more important stories to cover like insurgency success stories and news about those menacing pit bulls.

htismaqe
06-17-2005, 11:47 AM
If I am not mistaken they also make your cell phone service provider retain your conversations for a period of time as well. I remember when they were trying to put through that legislation like 5 years ago but I never heard about it again. I guess the media has more important stories to cover like insurgency success stories and news about those menacing pit bulls.

Right now, ISP's aren't required by law to keep anything. Most of them do however. They do a decent job of policing themselves. Legit ISPS don't really want to house spammers, kiddie porn junkies, or hackers.

Amnorix
06-17-2005, 12:53 PM
If I am not mistaken they also make your cell phone service provider retain your conversations for a period of time as well. I remember when they were trying to put through that legislation like 5 years ago but I never heard about it again. I guess the media has more important stories to cover like insurgency success stories and news about those menacing pit bulls.

I'm 99.9999% sure this isn't true. There are millions of people talking on their cell phones every minute of every day. There wouldn't be any way to simultaneously track, save and organize it all. The NSA can eavesdrop on any cell phone they want anytime they want, that is true, but companies saving your conversations. No way.

Cochise
06-17-2005, 12:57 PM
If I am not mistaken they also make your cell phone service provider retain your conversations for a period of time as well. I remember when they were trying to put through that legislation like 5 years ago but I never heard about it again.

Where on earth did you hear that?

Cochise
06-17-2005, 12:58 PM
This is neither new nor earth-shattering. Most ISP's retain data. All this would do is put a definite length of time to it.

Let me explain this one more time:

ISP'S ALREADY KEEP RECORDS OF EVERYTHING YOU DO ON THE INTERNET. WHEN THE FEDERAL, STATE, OR LOCAL GOVERNMENT PRESENTS A WARRANT OR SUBPEONA, THEY TURN IT OVER.

No chit. I thought that was common sense.

Simplex3
06-17-2005, 01:00 PM
I'm 99.9999% sure this isn't true. There are millions of people talking on their cell phones every minute of every day. There wouldn't be any way to simultaneously track, save and organize it all. The NSA can eavesdrop on any cell phone they want anytime they want, that is true, but companies saving your conversations. No way.
Which is exactly where it should be. If you have some reasonable suspicion that I'm up to something then by all means tap my phone, grab up my packets, do what you will.

My big problem with the feds getting their hands on data (vs phone calls) is the ease that they can filter it with. And if you think for one second some of the information won't be wrongly used by someone in the process you're high.

Better yet, by consolidating it's one stop shopping for hackers. No longer do they have to break into homes one at a time, now they could make one hack into the feds' system and viola, everyone with an account at an ISP.

Let's face it, with the Patriot act and a lot of these "expidited" warrants, judges that are as afraid of terrorism as everyone else, etc, it won't be hard to get a warrant anyway. However, I'd prefer they at least have to do that.

BIG_DADDY
06-17-2005, 01:03 PM
I'm 99.9999% sure this isn't true. There are millions of people talking on their cell phones every minute of every day. There wouldn't be any way to simultaneously track, save and organize it all. The NSA can eavesdrop on any cell phone they want anytime they want, that is true, but companies saving your conversations. No way.

Well I know for a fact it was being proposed like 5 or 6 years back. I had a conversation about it with a senior executive of a high technolgy communications company we were trying to bring on board. He was pissed because it was going to be very expensive and the government expected them to foot the whole bill for it.

Cochise
06-17-2005, 01:04 PM
Let's face it, with the Patriot act and a lot of these "expidited" warrants, judges that are as afraid of terrorism as everyone else, etc, it won't be hard to get a warrant anyway. However, I'd prefer they at least have to do that.

There it is, I'm surprised it took so long, but the first PATRIOT ACT (dramatic chord) mention comes in. Hang on kids, uncle Johnny's coming with a spy camera for your ass! In case of emergency break glass and grab one of these!

Simplex3
06-17-2005, 01:05 PM
This is neither new nor earth-shattering. Most ISP's retain data. All this would do is put a definite length of time to it.

Let me explain this one more time:

ISP'S ALREADY KEEP RECORDS OF EVERYTHING YOU DO ON THE INTERNET. WHEN THE FEDERAL, STATE, OR LOCAL GOVERNMENT PRESENTS A WARRANT OR SUBPEONA, THEY TURN IT OVER.
So you're cool with them recording all your phone calls? How about reading all of your mail? For me it's no different, all of my business is run through the Internet. I'd prefer the ISPs not be allowed to snoop. My contract with my hosting company forbids them to monitor my traffic for anything other than total bandwidth (billing) or store my traffic in any fashion.

Of course I run everything between my home and hosted servers through ssl first. If they're going to spy on me they're going to need more than a text editor.

Simplex3
06-17-2005, 01:09 PM
There it is, I'm surprised it took so long, but the first PATRIOT ACT (dramatic chord) mention comes in. Hang on kids, uncle Johnny's coming with a spy camera for your ass! In case of emergency break glass and grab one of these!
How are you going to feel about all of this centralized federal power if Hillary Clinton wins? You already know she used secret FBI files against her opponents, you think this type of thing won't be right up her alley? How about if this type of thing had been available for Nixon?

I notice that when the Clintons are in charge the libs are cool with a national gun registration database and all kinds of other intrusion, when Bush in the charge the conservatives are cool with the same things. Wonder why that is?

In a govt. like ours don't give your best friend any power you don't want your worst enemy to have.

Amnorix
06-17-2005, 01:10 PM
Which is exactly where it should be. If you have some reasonable suspicion that I'm up to something then by all means tap my phone, grab up my packets, do what you will.

My big problem with the feds getting their hands on data (vs phone calls) is the ease that they can filter it with. And if you think for one second some of the information won't be wrongly used by someone in the process you're high.

Better yet, by consolidating it's one stop shopping for hackers. No longer do they have to break into homes one at a time, now they could make one hack into the feds' system and viola, everyone with an account at an ISP.

Let's face it, with the Patriot act and a lot of these "expidited" warrants, judges that are as afraid of terrorism as everyone else, etc, it won't be hard to get a warrant anyway. However, I'd prefer they at least have to do that.

Agreed 1,000% on all of the above.

Amnorix
06-17-2005, 01:11 PM
Well I know for a fact it was being proposed like 5 or 6 years back. I had a conversation about it with a senior executive of a high technolgy communications company we were trying to bring on board. He was pissed because it was going to be very expensive and the government expected them to foot the whole bill for it.

Maybe within the industry they were talking about it, but I don't think it ever got to Congress. No one here seems ot have heard of it. Nor can I find diddily squat on Google.

Amnorix
06-17-2005, 01:14 PM
How are you going to feel about all of this centralized federal power if Hillary Clinton wins? You already know she used secret FBI files against her opponents, you think this type of thing won't be right up her alley? How about if this type of thing had been available for Nixon?

I notice that when the Clintons are in charge the libs are cool with a national gun registration database and all kinds of other intrusion, when Bush in the charge the conservatives are cool with the same things. Wonder why that is?

In a govt. like ours don't give your best friend any power you don't want your worst enemy to have.

I don't even know if a national gun registration database exists, but in theory I'm not opposed. Local gun registration has been around for a long time, no?

But honestly, that isn't important to me. The background check is what I really care about -- making sure that those seeking to obtain guns aren't convicted felons, etc. That's 10x more important than knowing who owns which gun on a national level.

Seems to me that gun registration is fairly within state administration, not federal.

Simplex3
06-17-2005, 01:14 PM
There it is, I'm surprised it took so long, but the first PATRIOT ACT (dramatic chord) mention comes in. Hang on kids, uncle Johnny's coming with a spy camera for your ass! In case of emergency break glass and grab one of these!
Where did I say that the Partriot Act was evil, loathsome, or otherwise wrong? If it doesn't grease the wheels, though, what is it's purpose? I simply mentioned that with that and the heightened sense of fear getting a warrant should be a piece of cake. Once you get that warrant tap all you want. Until then stay the hell out of my business, both the govt AND the ISP.

Cochise
06-17-2005, 01:17 PM
How are you going to feel about all of this centralized federal power if Hillary Clinton wins? You already know she used secret FBI files against her opponents, you think this type of thing won't be right up her alley? How about if this type of thing had been available for Nixon?

Was what she did with the files legal? If she broke the law to do it before then I doubt new laws would have changed anything.

At any rate, I dont see what this has to do with the Patriot Act, I was just waiting for a knee jerk and pointed it out when I saw it.

BIG_DADDY
06-17-2005, 01:22 PM
Like Mo said, praise Jesus and pass the ammo. I'm down with you Republicans now because these pussified liberals want to take our guns and now my figgen dog too. I do have to point out the hypocrisy though. The conservatives were screaming bloody murder about our rights when Clinton was passing the anti-terrorist bill. Now that it's Bush and the Patriot Act and the legislation is 10x worse your all okey dokey about it. This hypocrisy and partisonship is really ****ing unbelievable.

Cochise
06-17-2005, 01:22 PM
I don't even know if a national gun registration database exists, but in theory I'm not opposed. Local gun registration has been around for a long time, no?

What is the point of compiling a list of gun owners? How will it be used?

BIG_DADDY
06-17-2005, 01:25 PM
Like Mo said, praise Jesus and pass the ammo. I'm down with you Republicans now because these pussified liberals want to take our guns and now my figgen dog too. I do have to point out the hypocrisy though. The conservatives were screaming bloody murder about our rights when Clinton was passing the anti-terrorist bill. Now that it's Bush and the Patriot Act and the legislation is 10x worse your all okey dokey about it. This hypocrisy and partisonship is really ****ing unbelievable.

Funny thing, it's like you all don't realize that one day someone like Hillary will be wielding all that power and you will be the dumb asses that handed it to her.

BIG_DADDY
06-17-2005, 01:26 PM
I think we should shoot anyone that wants us to register our firearms.

Cochise
06-17-2005, 01:47 PM
I think we should shoot anyone that wants us to register our firearms.

I dont understand the reason for registration, if not to take them away eventually. What other reason could there be?

BIG_DADDY
06-17-2005, 01:50 PM
I dont understand the reason for registration, if not to take them away eventually. What other reason could there be?

Amen, pass the ammo. :bang:

htismaqe
06-17-2005, 03:54 PM
So you're cool with them recording all your phone calls? How about reading all of your mail? For me it's no different, all of my business is run through the Internet. I'd prefer the ISPs not be allowed to snoop. My contract with my hosting company forbids them to monitor my traffic for anything other than total bandwidth (billing) or store my traffic in any fashion.

Of course I run everything between my home and hosted servers through ssl first. If they're going to spy on me they're going to need more than a text editor.

Well, let me clarify.

ISP's are not "recording" your sessions. They're recording the timestamp of the session start, the sessions stop, and in most cases the source and destination of the session. Usually it's layer 3 info, although with email and http they usually store headers/URL info as well.

It's the data equivalent of call detail records, which are done by EVERY phone company for EVERY call that hits a switch.

None of the "payload" of a voice conversation is (or can be) recorded without a phone tap. The same is true for data, you would need a sniffer and IMMENSE amounts of data storage to begin willy-nilly recording entire sessions of internet traffic.

mikey23545
06-17-2005, 04:14 PM
Well, let me clarify.

ISP's are not "recording" your sessions. They're recording the timestamp of the session start, the sessions stop, and in most cases the source and destination of the session. Usually it's layer 3 info, although with email and http they usually store headers/URL info as well.

It's the data equivalent of call detail records, which are done by EVERY phone company for EVERY call that hits a switch.

None of the "payload" of a voice conversation is (or can be) recorded without a phone tap. The same is true for data, you would need a sniffer and IMMENSE amounts of data storage to begin willy-nilly recording entire sessions of internet traffic.


Quit pissing on the Paranoid Parade.

whoman69
06-17-2005, 04:31 PM
dude......this sucks.......everyone can see how much internet porn I look at.
They may have to get a dedicated server just to keep track of yours.

Ultra Peanut
06-17-2005, 10:04 PM
There it is, I'm surprised it took so long, but the first PATRIOT ACT (dramatic chord) mention comes in. Hang on kids, uncle Johnny's coming with a spy camera for your ass! In case of emergency break glass and grab one of these!You mean this?

unlurking
06-17-2005, 10:12 PM
For years now I've wanted to set up an offshore encrypted proxy service that guarantees it keeps ZERO logs. Not just for web browsing, but full access similar to a VPN tunnel. Too bad I don't have the money to do it.

unlurking
06-17-2005, 10:13 PM
True, and more detailed info on a mass scale would never happen if the ISPs had to pay for the terabytes of data storage they would need.

alanm
06-17-2005, 10:19 PM
You guys are forgetting that the NSA has pretty much everything covered already. Internet, Landline phones and cell phones and shortwave and satelitte-sp. The FBI doesn't have the manpower, equiptment or time for such a endeavor.