Instead of our government trying to spy on us, perhaps we should try to turn the tables and enact some more laws and rules that lets the citizens spy on them.
`(h) Retention of Certain Records- A provider of an electronic communication service or remote computing service shall retain for a period of at least 18 months the temporarily assigned network addresses the service assigns to each account, unless that address is transmitted by radio communication (as defined in section 3 of the Communications Act of 1934).'.
(b) Sense of Congress- It is the sense of Congress that records retained pursuant to section 2703(h) of title 18, United States Code, should be stored securely to protect customer privacy and prevent against breaches of the records.
So while I don't like the slipperiness of this slope (or the logic of the argument), the May 25, 2011 text only appears to specify non-radio-transmitted connection records as retained. This means wi-fi, phone, satellite are "safe" where "safe" = "not yet".
As I read it, the authors then make a wish that these records be stored "securely" where "securely" = "no one will ever be liable for a breach".
We seriously need an attribution and karma system for Congress.
This bill is "only" retaining connection records for every wireline connection. The cell phone oligopoly already know everything (and cooperate) and commonly available consumer internet access is governed by onerous terms of service. Why does my cable company need to know my SSN?
The "but only if the user address assignment is over publicly open radio" concession is for the cafe owner with free wifi or public government-operated access points. I guess free wifi will be the only libre internet access.
It appears that the lawmakers who drafted this legislation do not understand the (in)feasibility of their language or understand all too well the consequences of implementation.
An elected representative is a public servant. Being a representative requires sacrifice. When will we ask our representatives to sacrifice their privacy of communication so that they may represent the people's will more perfectly?
Who is pulling the strings? Are they inside or outside of government?
Out of curiosity, do these messages ever do anything other than potentially fill up a government official's spam filter? Not trying to troll here, just genuinely curious about these letters' impact.
I can't say whether or not these messages actually influence how the politician votes on the issue, but the last time I had EFF submit one of these on my behalf, I received a response back from my senator. So, someone at least reads them.
Almost nothing to do with each other. CALEA requires telephone services to support wiretaps. This would require ISPs, businesses, wifi access points, and anything else sitting between you and the internet to keep a log of dynamic IP addresses and other such connection information.
I know there's more to it than this. I realize this was CALEA's original intent, but I clearly recall around 2004-2005, the various TLA's expanded it to include ISPs.
Did a little research of my own and found EFF has a nice primer: https://www.eff.org/pages/calea-faq . It seems that CALEA started out in '94 for voice calls over the PSTN, but was expanded in 2004 to include "VoIP providers" and "broadband internet providers". Whether the latter are responsible only for monitoring voice-over-broadband, or all data exchanges, is very unclear. Looking at the case files it certainly SEEMS like they're already capturing data exchanges.
There are two major differentiators, however, that make H.R. 1981 much more scary. Firstly, the service providers are responsible for capturing this data proactively - effectively a constant blanket wiretap, at the provider's expense. Compare this to CALEA, where the capture begins only after a court order, and the cost is billed to the government.
Secondly, and more disturbingly, this bill represents the shift in mindsets of our elected officials. When drafting CALEA in '94, Congress went out of their way to ensure it only applied to PSTN calls (specifically stating it would NOT apply to data networks such as the Internet) and minimized the amount of content logged by the telcos. The baseline assumption was that people are innocent until proven guilty.
H.R. 1981 seems to think it's the other way around.
I thought they had to keep logs of dynamic IP addresses already. I know for a fact that coffee shops are required to keep such logs (due to Sept 11th --- discovered this during a phone conversation with a local coffee shop's "router provider").
No... I may as well explain what happened, to put it into context. I was about 19 at the time, and sort of naive. I was trying to figure out why the local coffee shop needed to pay so much money for their internet service. One of the recurring costs was support for their router, which seemed kind of crazy to me at the time (being a tech geek).
This was after I had just discovered and fixed a security vulnerability in that router --- I had brought my girlfriend's MacBook to the shop, and noticed I could connect to their payment processing computer (due to the router being misconfigured). That computer had a text file filled with hundreds of full plaintext credit card numbers.
So anyway, I went to the owner and put in some time to help him fix this, and that's how I wound up in a position to question "why the heck does this router cost so much per month?"
I was toying with the idea of just replacing the whole thing with an inexpensive Linksys or something. (I realize how bad of an idea it is now --- but hey, I was 19.) So I wound up on the phone with one of the sales guys from the router company. He started rattling off (good) justifications for their router: per-customer bandwidth limiting, etc. Among those reasons was "and after Sept 11th, coffee shops are required to comply with <some impressive-sounding regulation name>, which requires them to keep logs of which computers are using their internet, and when".
