DOJ seeks mandatory data retention requirement for ISPs

The U.S. Department of Justice and an organization representing police chiefs from around the country renewed calls on Tuesday for legislation mandating Internet Service Providers (ISP) to retain certain customer usage data for up to two years. The calls, which are stoking long standing privacy fears, were made at a hearing convened on Tuesday by a House subcommittee that is chaired by Rep. James Sensenbrenner, a Republican congressman from Wisconsin. Four years ago, Sensenbrenner proposed, and then quickly withdrew, legislation calling for mandatory data retention for ISPs. In prepared testimony for today's hearing, Jason Weinstein, deputy assistant attorney general at the Justice Department, said that data retention was crucial to fighting Internet crimes (PDF document), especially online child pornography. Current policies that only require ISPs to preserve usage data at the specific request of law enforcement authorities are just not sufficient, Weinstein said. It's unclear yet if Tuesday's House hearing is a sign that a data retention bill is imminent, said John Morris, the general counsel for the Center for Democracy and Technology, a Washington D.C.-based think-tank. Also unclear is whether it is only ISPs that will be required to retain data, or whether services such as e-mail providers might be included, said Morris, who also testified at the hearing. A similar question mark hangs over what data exactly it is that ISPs and potentially others will be required to retain, Morris said. Regardless of the scope, mandatory data retention laws raise important privacy and free speech concerns, he said. "In the privacy realm, the bottom line is that law enforcement is talking about having a massive amount of information on 230 million presumably innocent Americans using the Internet, being tracked and retained," he said...more