Sounding the alarm on government mandated data retention

Sat Apr 29 02:31:40 PDT 2006

Dave,

Recently here in IP, I commented on Attorny General Gonazales' comments
on data retention, and the alarming slippery slope that I feel this
represented:

http://lists.elistx.com/archives/interesting-people/200604/msg00134.html

Now, Declan has noted in an article:

http://news.com.com/Congress+may+consider+mandatory+ISP+snooping/
2100-1028_3-6066608.html?tag=st_lh

that a Democratic Congresswoman is proposing to fast-track a bill or
ammendment to *require* essentially permanent retention of users'
Internet activity data (until at *least* one year after the user
*closes their account*).  For long-term users, this means effectively
permanent retention.

Again, I must note the supreme ironies.  It was only a few months
ago that people were screaming bloody murder about DoJ demanding
Search Engine records -- a demand that apparently only Google had
the backbone to appropriately resist, noting the sensitivity of the
data involved.  This controversy triggered calls (including in some
legislative quarters) for a law mandating the destruction of much
related data after some reasonable, relatively short interval, with
appropriate designated exceptions for R&D, business development, and
the like.

Now, by waving the red flag of fighting child pornography, seemingly
intelligent and usually well-meaning legislators appear ready to
create the mother of all big-brother database laws, a treasure trove
of personal data that will ultimately be available for every fishing
expedition under the sun.

For those persons who trust the government not to abuse such data, I
hasten to note that these kinds of infrastructures, once in place,
tend to be self-perpetuating, and will be available to *future*
governments as well, including administrations who might not be as
"benign" as the current one.

Declan's article correctly notes the comparison with the McMartin
Preschool child abuse witch-hunts of years ago.  Hysteria over the
abhorrent and real problem of child porn is being used to
potentially decimate broad and critical privacy rights -- with
the high probability of negative effects and consequences that
are almost impossible to overstate.

If we do not maintain a balance between law enforcement goals
(including but not limited to child abuse issues), and privacy rights,
we will be flushing those rights we've had as law-abiding citizens
down the toilet -- all in the name of seemingly laudable goals.

The Internet is rapidly becoming involved in most technology-based
human communications.  The sensitivity of Internet user activity
data can be enormous.  Broadly mandated data retention would move us
drastically toward the realm of previously unimaginable "nightmare"
scenarios (such as requiring the recording of all telephone calls, or
the installation of government cameras in bedrooms -- both actions
that could indeed be useful for law enforcement purposes).

Without wishing to sound melodramatic, I strongly assert that if we
don't take a stand now, we are likely to see the wonders of the Net
repurposed into shackles that have the potential to undermine the
very basis of our fundamental freedoms.

--Lauren--
Lauren Weinstein
lauren at vortex.com or lauren at pfir.org
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
   - People For Internet Responsibility - http://www.pfir.org
Co-Founder, IOIC
   - International Open Internet Coalition - http://www.ioic.net
Moderator, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
DayThink: http://daythink.vortex.com

-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]