Slashdot Mirror
Support for U.S. Mandatory Data Retention Laws
chill wrote to mention a C|Net article about an upswell in support for a mandatory data retention policy here in the U.S. From the article: "Top Bush administration officials have endorsed the concept, and some members of the U.S. Congress have said federal legislation is needed to aid law enforcement investigations into child pornography. A bill is already pending in the Colorado State Senate. Mandatory data retention requirements worry privacy advocates because they permit police to obtain records of e-mail chatter, Web browsing or chat-room activity that normally would have been discarded after a few months."
Comment removed based on user account deletion
Nice in theory. Government doesn't work that way in practice.
Is there anyway that we can limit what the government knows about what we do online? I spend most of my time online, be it browsing the web, sending an essay back and forth over wires, or IMing friends, there is way more information the government is storing about us than there ever was before. There are plenty of things that I have done on the net that I don't want some ultra-right-wing creep looking through. It wouldn't be that hard to realy stop them in their tracks. Can't you just make some realy big anonomyzer for your town? That way no personally Identable information goes out to the global wires?
There are real problems with the IP monopolies though. Lol, I wonder if this is encoraged by the government, maybe some kind of reward for their carnivore project.
Btw, "ultra-right-wing creeps" isn't just irrational name-calling, just read some of the stuff from Russ Tice, and why he was fired.
From another slashdotter:
"In 1999, I worked as a contract engineer for a Linux consulting company. We delivered kernel enhancements for the Linux kernel on the Alpha processor to the NSA. The enhancements we to reduce TLB miss overhead when doing comparisons and searches on large amounts of data. The benchmark run to test it was a keyword search through a stream of e-mails. This was to run on a *massive* cluster of Alpha machines. I would guess they've upgraded it several times since then.
1999 was while Clinton was still president, BTW.
(Posted anonymously, for obvious reasons. Though I've probably given enough information that they could narrow it down to about 10 people.) "
The GP was quoting from this post, which was posted anonymously.
d =15083841
http://yro.slashdot.org/comments.pl?sid=182479&ci
"It ain't a war against drugs.it's a war against personal freedom" --Bill Hicks
The local police department (Keene, NH) has an officer who focuses almost exclusively on child predators. No data retention, no warrantless eavesdropping, no sneak&peek searches. He just logs into a chat room with a teenage-sounding screenname and waits. It doesn't take him that long before someone is offering to meet, send bus tickets to him, or sending pornographic materials to him. They arrange a meeting place near Keene and pick up the predator when he arrives. Simple, straightforward sting work that's netted nearly 400 arrests in the last few years. Occasionally they get search warrants for the guy's computers if he sent a large amount of porn to the cops and add that to the charges, but they have more than probable cause for that search warrant.
It seems that certain politicians want to automate this basic police work by casting a wide net and filtering for certain phrases or activities and eliminate the pesky payroll obligations. Same thing with cameras on street corners and traffic lights - why pay some cop what an image-matching algorithm, face-recognition system, or radar gun will do for free?
Zero tolerance equals zero intelligence
I expect to see more of this in the future. It's the new end run around having a real debate in the U.S. or Europe.
Its called policy laundering. The "data retention"* idea dates back to at least 2000. (it predates 9/11 and madrid by more than a year, obiously) A bit later it got discussed at a G8 meeting. This may when it officially crossed the ocean, though god knows in which direction... The idea of "lawfull interception" of Internet traffic went from the US to the EU through "ILETS". ILETS may be mostly the FBI or UKUSA... who knows.
Now if you look at the years of trouble the UK goverment is going trough with getting "entitlement cards" (mandatory ID cards) then you will be amazed at how smoothly it got this policy trough. And not just in the UK but in the entire European union.
The UK didn`t want the EU parliament to vote on this. It just wanted to push it through as a deal between justice ministers. But the EU Parliament desperately wanted a say in this. So the UK set a deadline (before the end of its rotating presidency). Before this the parliament had to admend and vote the legislation. Commision were formed, debate started and then when everyone was just getting to grips whith the idea... Wham...an agreement, a vote, done.
Now if anybody knows why the two big coalition parties in the parliament suddenly agreed to the artificial deadline, throwing overboard work on an compromise, please respond. The deadline was worthless anyway because the Netherlands had blocked voting on this as a justice minister backroom deal. I hope they got something good out of th UK for this, but who knows what these crazy christian democrats are up to.
Now before everyone shouts "just encrypt everything", remember as long as internet traffic isn`t signed the only identity traffic might possibly be linked to is some easy to fake billing information though an notoriously unprotected identification mechanisms (IP address, IRC nick, E-mail addres). That is unless you start signing your traffic, traffic data isn`t explicitly protected agianst forgery which is why this billion dollar plan produces stuff that isn`t worth as much in court as some people might imagine. But hey, think of the children, right...
* More correctly: "data collection, rentention and mining at the providers cost" The internet typically doesn`t really have designated traffic data though.
If I write an email to my wife asking her to invite the neighbors over for dinner, how does that qualify as interstate commerce?
Well, you must not be very familiar with the way that the (commercial) email system works. Even if the source and destination were within the same building, your email message could easily have crossed several state (and possibly national) boundaries.
To start with, the DNS request to locate the destination quite likely involved an access to a root- or second-level server, and it was probably in another state.
Also, unless both ends are unix-type systems and are running their own email servers (forbidden by most ISPs in the US but still done sometimes), your email probably went to your ISP's email server, which is likely to be in another state. Then it went to your wife's ISP's email server, which is likely in yet another state (unless you have the same ISP).
Look at the list of Received: lines in your email headers sometimes. You might be surprised where your messages are travelling. It's a lot worse than all the jokes about "I went to Chicago but my luggage went to Paris." A message from St. Louis to Chicago could easily go via a machine in Hong Kong.
And every one of those Received: lines represents a machine that could have cached a copy of your message for later perusal by "national security" software.
When I hit the Submit button, this message will probably go through a router in New York, though I'm in a suburb of Boston. I know this because I've traced some of the paths through my ISP (speakeasy.net). This is true even if the destination is in the Boston area, or even in the same town.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.