Just when you thought that your privacy rights might be safe for the time being, the Bush Administration has once again renewed its efforts to create a TCP/IP surveillance state. Gonzales is now trying to heckle ISPs into working with the Department of Justice on data retention policies that would prove to be disastrous in the long run to the basic privacy rights and security of the average American:
In a private meeting with industry representatives, Gonzales, Mueller and other senior members of the Justice Department said Internet service providers should retain subscriber information and network data for two years, according to two sources familiar with the discussion who spoke on condition of anonymity.
The closed-door meeting at the Justice Department, which Gonzales had requested, according to the sources, comes as the idea of legally mandated data retention has become popular on Capitol Hill and inside the Bush administration. Supporters of the idea say it will help prosecutions of child pornography because in many cases, logs are deleted during the routine course of business.
It will undoubtedly help them, but then so would allowing the federal government to get a realtime, warrantless power to access anyone's bank and credit information without those pesky probable cause constraints. There are limits on these powers for a reason: the ends do not justify the means. Child pornography is not nuclear terrorism. It is not such an extreme threat to civil society that basic safeguards can be eschewed in order to stop it. What Gonzales is stumping for is the Internet's equivalent of a NSA program that not only scans your phone number records, but also records and does batch analysis of the audio of every single phone call that you make. Mandatory data retention laws provide the fundamental foundation for a totalitarian surveillance state on a TCP/IP-based network.
I find it actually quite disturbing that child pornography is used as the justification for this, when we get reports daily of law enforcement successfully busting actual child molesters using the "measely" powers that are already provided to them. The current system, by all counts, seems to be working just fine. The real problem that law enforcement faces is getting other countries like Russia and Thailand where child molestation is punished nowhere near as badly as it is here to cooperate. Clearly, this is just a side issue. This administration has time and again sought to reduce the scope of the due process and privacy rights protected by the Bill of Rights against the federal government.
"I will reach out personally to the CEOs of the leading service providers and to other industry leaders," Gonzales said. "Record retention by Internet service providers consistent with the legitimate privacy rights of Americans is an issue that must be addressed."
As I have noted before, there are unique privacy implications that apply to TCP/IP-based communications that do not apply to the telephone network. The amount of information that could be gathered on a person through these sorts of policies is simply outrageous, and we already have existing laws that allow law enforcement to get data retention set up when the probable cause standard has been met. This law or "gentleman's agreement" would amount to a policy of stripping people of every pretense of privacy online so that law enforcement could go back and analyze a person's entire history of online activity if they suspect a crime has been committed. It's not an exaggeration to say that the potential for civil liberties abuse is so extreme here that it would represent an effective destruction of the fourth amendment as far as the Internet is concerned because there would be few technical and practical barriers to police abuse of these powers.
There is no way for the Bush Administration to implement data retention policies in such a way as to be "consistent with the legitimate privacy rights of Americans," unless one starts from the premise that Scott McNealy (former CEO of Sun Microsystems) espoused, "you have no privacy, get over it." There are three levels that they could do this, and one of them is a pretty safe bet that they are going to consider as simply part of the other two. They can log all DHCP assignments of IP addresses, thus keeping track of what IP address was issued to a user, they can log all popular protocols at the protocol level (headers and bodies for SMTP, POP3, HTTP, etc.) or they can simply do a packet-level dump. Either way, the amount of information that they would get would amount to a profile of online activity that would make it easy for the federal government to scrutinze almost everything you have ever said or done online.
If you think that the system is not ripe for abuse, consider this. If they log at the protocol level, thus trapping the messages, not the raw packets themselves, they will get every username and password you submit to a website, email or possibly IM server without encryption. Just like the backdoors in encryption that the Clinton Administration wanted, criminals can exploit this as well. The longer that those logs exist, the more potential there is for a criminal to walk away with a true motherload of information about an ISP's users. In addition, law enforcement might be tempted to break the law and ethical standards. If a cop finds out that his ex-wife uses that ISP, it would be very easy to discretely strip out her log information, put it into a separate group of files and store them on a USB key drive.
This issue is one that most big bloggers have hitherto ignored, probably because they are not computer geeks. It threatens the very heart of basic relations between law enforcement and the public in regard to privacy rights. As I have said before, if you think that the NSA program is "problematic," this goes well above and beyond anything that might be considered controversial about it. This push by Sensenbrenner's office and the Bush Administration, if allowed to go through, would represent the first bonafide establishment of the surveillance capabilities necessary to usher in a Cold War-style police state in the United States.
as always, the leftists justify their actions with the mantra "we must do it for the children!"...this is not about child pornography as you know, this is about contolling the populace...however, while such a law would be a serious blow to our remaining freedoms, I have always suspected that some of the most vile perpetrators of this heinous crime are in D.C. (the perverted act itself is about power, and who craves power more than anyone else?) and would love to see the law of unintended consequences rise up and expose these monsters...
Ditto to tviper.
Unfortunately they will probably find a way to make a loophole for themselves.
Of course they would. They are the ones who are screaming about how the Department of Justice has no right to police them. Even now they are threatening to pull funding from the DoJ if they continue to investigate them like this. If Bush had any balls, he would tell them that anyone who voted to defund the DoJ during these investigations would be arrested on charges of obstruction of justice.
how telling is this latest episode? there isn't even an appearance of a good legal argument...the end appears near, indeed...
MikeT, as you well know, waiting on Jorge to make a move on the side of freedom is like waiting to see flying unicorns...his "justice" always ends up as slavery...
Well, as you know tviper, being a software developer (hoping to be a software engineer someday), I like to have solutions to the problems I discuss. Naturally, I have a modest reform in mind. I think that the chaos it would generate among the anti-constitutionalists would make it very easy to keep things peaceful for the public.
[...] Color me totally unimpressed with their “assurance.†As I have said before, there is no easy way to protect privacy with this legislation. What we need to know is what information they do in fact plan to ask for legal assistance in retaining. That’s the key, and it’s a point that is going to be missed by most of the political bloggers and talking heads in the media. A “web conversation†is the useful information. It’s the HTTP headers and bodies that negotiate the transaction. Do you really want to bet your privacy on them just stripping out the URL that was requested in the GET/POST operation? [...]