Recently, the Department of Justice provided testimony to Congress regarding the issue of Internet Service Provider data retention. The testimony emphasized the critical need to preserve digital data and highlighted several cases where investigations of serious crimes were inhibited due to the lack of data retention by the ISP.
Currently, there are no standard requirements for ISP data retention and practices vary widely among providers. Privacy advocates argue that data retention should be minimized in order to protect individual privacy and prevent misuse of data. They fear that a data retention mandate would create databases that could be used to track the internet activities of all users and could inhibit freedom of speech . Service providers argue that data retention requirements would pose a significant cost burden that would have to be passed on to the consumer . In balancing those concerns against the priority of public safety, it is important to consider the following:
1. Law enforcement's ability to obtain data is controlled through laws regarding subpoenas, court orders, search warrants and surveillance requests. A data retention mandate would not reduce the protections provided by those rules.
2. The consumer already bears a high cost for the damage inflicted by internet crime. Increasing the ability of law enforcement to investigate and prosecute internet criminals could reduce this cost burden.
Standardizing data retention rules for ISPs is an important step in improving the ability to fight internet crime and the DOJ should continue to work with the ISPs , Congress , and other interested parties to find the best solution.
Read the DOJ testimony here: http://www.justice.gov/criminal/ceos/Justice%20Data%20Retention%20Testimony.pdf
Read Time Warner Cable's data retention policies here: http://www.timewarnercable.com/corporate/subpoenacompliance.html
I think the retention of data still has to be minimized or at least managed, since it might create risk for its users.
ReplyDeleteIf personal information gets leaked by the computer or human error it might lead to identity theft, which would affect millions of people since all the information would be collected in one place.
On the other hand, the information could be managed by just storing the important parts that could help police, not every single piece of information. This is reflected in time warners retention policies that retain important information like IP address.
I agree that the most difficult aspect of this issue is striking the right balance between providing appropriate information for law enforcement and preventing further opportunity for theft and misuse.
ReplyDeleteThe retention of data by ISPs is definitely a touchy situation. I think data should be retained to help law enforcement, but the integrity of that data must be the number one issue. The costs associated with storing all of the data is the main issue. Who should pay for it?
ReplyDeleteIt seems to me that if the government intends to use these ISP addresses for mainly law enforment purposes that the cost should be shared by the government and its citizens. If you think about it using more memory for ISP is benefitting us as a whole by hopefully being able to catch internet crooks more quickly.
ReplyDelete