The FBI is renewing its push for legislation that would
mandate that ISPs keep records of its users’ activities for longer periods of
time. Records retained would be available for review by police in cases where a
search of such records is warranted. The FBI’s proposed length of time for
retention of records is two year. Types
of data retained could be as minimal as IP addresses assigned to each customer
or more detailed information such as web sites visited, instant messaging logs,
and more. The devil is in the details, of course, and the amount of time for
retention time and types of data requiring retention would likely be modified
if any serious legislation began to move forward.
The question: is this good policy? The Justice Department
has its points. More comprehensive records would allow a case to be built more
quickly against a potential terrorist or other online criminal. It’s hard to
argue that a greater pool of data would not be effective in deterring crime.
On the other hand, the privacy problems are enormous. The
vast majority of ISP customers will never need to be investigated by law
enforcement for any reason. Regardless, these customers’ actions would be
retained by ISPs for quite some time.
ISPs, already inundated with spam, additional resource
loads, and a host of other problems, would also bear a much greater burden.
While hardware for data storage is less and less expensive by the day, it is nonetheless
an additional cost. The increased administrative burden of related to
management of the data is also a strain that few ISPS will welcome.
While the FBI may get its way in part, privacy interests and
the preferences of ISPs will likely lead to less than the FBI is seeking.