August 25, 2009
"A successful person is one who can lay a firm foundation with the bricks that others throw at him or her."
-- David Brinkley

Proposed Law Seeks To Expose Internet Addressing for Child Safety

Feb 23rd, 2009 | By Mike Dailey | Category: Internet and Related Issues

U.S. Republican politicians on Thursday introduced a bill that would require Internet service providers and network operators to track the use of and maintain records for their publically accessible wired and wireless networks. Two bills have been introduced–S.436 in the Senate and H.R.1076 in the House. Each of the bills carries the title “Internet Stopping Adults Facilitating the Exploitation of Today’s Youth Act,” and is referred to as the “Internet SAFETY Act.”  Senator John Cornyn and Representative Lamar Smith, both Republicans from Texas, held a press conference on Thursday, February 19th, 2009 to announce the separate bills in the Senate and House of Representatives. The new law would require Internet and email service providers to retain “all records or other information” about anyone using a temporary network address assigned by the provider. The provision for a two-year retention period would apply to any provider of “an electronic communication service or remote computing service,” as well as someone who receives the content and recipient list of an email message that it “transmits, receives, or stores,” according to the text of the Senate bill.

The newly proposed legislation would benefit law enforcement by providing a means to track the use of Internet addresses temporarily assigned to each network connection and to maintain those records for a period of two years. The IP addresses, assigned automatically by the provider using such protocols as Dynamic Host Configuration Protocol (DHCP) and Point-to-Point Protocol over Ethernet (PPPoE), allow service providers to utilize a smaller pool of addresses to service a large group of customers. By assigning the address only for the duration of the connection the service provider can recycle the address once the connection ends, allowing it to be used for a future connection.

The use of the same address by multiple users has in the past been a legal roadblock for law enforcement personnel as they seek to track the Internet access of an individual during an investigation. The lack of historical records for the assignment of these addresses can make it difficult for investigators to prove an Internet-related case such as child pornography or Internet-based wire fraud. The bill seeks to cover the assignment of all temporarily assigned IP addresses, including those provided to millions of home broadband connections.

The U.S. Justice Department’s position is that any service “that provides others with means of communicating electronically” qualifies under the Internet Safety Act. This would appear to apply to not only public service providers but to any organization providing the temporary assignment of IP addresses to its users. This would include the wired and wireless networks of small businesses, large corporations, universities, and even government agencies. In essence, any organization utilizing DHCP on their network would be subject to this legislation and required to maintain records for at least two years.

The legislation would impose unprecedented rules for the retention of data by Internet Service Providers (ISPs) and is sure to draw opposition from privacy advocates. Internet privacy has long been the rallying cause of privacy groups, arguing that online privacy is an extension of our personal privacy. The collection and storage of personally identifiable information by an ISP for potential use of law enforcement is seen as a loss of both Constitutional rights and personal freedoms, and is viewed by many as a direct violation of the Constitution.

On the surface it is easy to understand how this proposed law would protect children by allowing for a more rapid identification of Internet predators and child pornographers. Law enforcement would also be empowered by this information to track and prosecute Internet hackers and scammers, and even purveyors of spam email will find it increasingly difficult to hide behind a dynamically assigned IP address.

There are, however, justified concerns for the misuse of this information. Because these bills are associated with “protecting our children,” the legislation is likely to see little opposition. With little discussion or oversight the potential exists for the data collected to be used in other types of investigations far more often than the stated purpose of fighting the exploitation of children. In addition, the language of the proposed law is already being viewed by critics as overly broad with far-reaching implications, and it is yet to be determined what restrictions will be put in place on the collection, access and use of the information collected under this law.

Benjamin Franklin understood well the dangers in providing the government with too much power at the expense of the freedoms of its people, warning future generations “They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.”

Tags: ,

Mike Dailey is an Information Technology Architect and Senior Network Engineer specializing in the design, integration, and management of complex computer network and data security solutions for medium and large enterprises.

Email this author | All posts by Mike Dailey

One Response to “Proposed Law Seeks To Expose Internet Addressing for Child Safety”

  1. Dee says:

    Back when I worked as a policy wonk for the NYS Assembly, privacy was one of my lasting issues. Yes, I was one of the first to use the basics of the two 286’s we had for sixty analysts. In those days I was not anticipating the Internet, being more concerned with cable TV capabilities and two-way communications and how the providers, laying wire real-time, were not willing to give soon-to-be subscribers an opt-in to sharing information, which allowed them to gain data without subscriber knowledge or consent.

    Now our U.S. Senator John Cornyn has introduced a bill innocently disguised as protecting children, which I don’t believe it will do. It allows the FBI into our homes simply for having an IP address, email account, blog or wi-fi access for when our wired internet flakes out. We would have to keep information on anyone who contacted us via email, blog, wi-fi access (basically anyone in our building). Skype or Vonage or other VoIP access.

    As long as we’re going down that route, why don’t they just open all our mail before it gets to us! Over the past few weeks en route to my husband’s family farm for the weekend we saw two cars, a hundred miles or so apart, being searched by police.

    This legislation, if enacted to “protect children” will impose inordinate burdens on private citizens like me, who use the internet to communicate with family and friends and have a cooking blog. We live our lives like normal people and don’t need this additional intrusion and horrific bookkeeping for the FBI because they can’t find a few criminals.

    Yes, we love children and want to keep them safe, but there has to be a better way. Thanks for reading, Dee

Leave a Reply