Followup: [RE: DOJ proposes US data-rentention law.]

21 Jun 2002

      Two points:

1. According to Poulson, the DOJ proposal never 
discussed just what would be logged. Poulson 
compared it to the European Big Brother legislation, 
which required storage to Web browsing 
histories and email header data.

2. After I posted the same info to /.
http://slashdot.org/articles/02/06/19/1724216.shtml?tid=103
(I'm the 'Anonymous Coward' in this case), Kevin updated
his article. The new version may be found at:
http://online.securityfocus.com/news/489

The relevant portions read:

- start quote -

U.S. Denies Data Retention Plans

The Justice Department disputes claims that Internet service 
providers could be forced to spy on their customers as part 
of the U.S. strategy for securing cyberspace.
By Kevin Poulsen, Jun 19 2002 12:24PM

[...]

But a Justice Department source said Wednesday that data 
retention is mentioned in the strategy only as an industry 
concern -- ISPs and telecom companies oppose the costly idea -- 
and does not reflect any plan by the department or the White 
House to push for a U.S. law. 

[...]

- end quote -

Peter Trei
...
----------
From: 	David G. Koontz[SMTP:koontz@ariolimax.com]
Sent: 	Thursday, June 20, 2002 10:57 AM
To: 	cypherpunks@lne.com
Cc: 	'cryptography@wasabisystems.com'; 'cypherpunks@lne.com'
Subject: 	Re: DOJ proposes US data-rentention law.
Trei, Peter wrote:
...
- start quote -
Cyber Security Plan Contemplates U.S. Data Retention Law
http://online.securityfocus.com/news/486
Internet service providers may be forced into wholesale spying 
on their customers as part of the White House's strategy for 
securing cyberspace.
By Kevin Poulsen, Jun 18 2002 3:46PM
An early draft of the White House's National Strategy to Secure 
Cyberspace envisions the same kind of mandatory customer data 
collection and retention by U.S. Internet service providers as was
recently enacted in Europe, according to sources who have reviewed 
portions of the plan.
In recent weeks, the administration has begun doling out bits and 
pieces of a draft of the strategy to technology industry members 
and advocacy groups. A federal data retention law is suggested
briefly in a section drafted in part by the U.S. Justice Department.
If the U.S. wasn't in an undeclared 'war', this would be considered
an unfunded mandate.  Does anyone realize the cost involved?  Think
of all the spam that needs to be recorded for posterity.  ISPs don't
currently record the type of information that this is talking about.
What customer data backup is being performed by ISPs is by and large
done by disk mirroring and is not kept permanently.
I did a bit of back of the envelope calculation and the cost in the
U.S. approaches half a billion dollars a year in additional backup
costs a year without any CALEA type impact to make it easy for law
enforcment to do data mining.  The estimate could easily be low by a
factor of 5-10.  AOL of course would be hit by 40 percent of this
though, not to mention a nice tax on MSN.  Call it ten cents a day
per customer in fee increases to record all that spam for review by
big brother.  I feel safer already.
Whats next, censorship?

Trei, Peter

tags

participants (1)