January 23, 2007 12:42 PM PST
Feds: Details of ISP snooping haven't been decided
- Related Stories
Attorney general to talk data retention with new CongressJanuary 18, 2007
Politicos mull data retention by Web hosts, registrarsSeptember 26, 2006
Data retention bill expected next weekSeptember 21, 2006
Gonzales pressures ISPs on data retentionMay 26, 2006
Congress may make ISPs snoop on youMay 16, 2006
U.S. attorney general calls for 'reasonable' data retentionApril 20, 2006
ISP snooping gaining supportApril 14, 2006
Your ISP as Net watchdogJune 16, 2005
U.S. Attorney General Alberto Gonzales made it clear last fall that he planned to seek national legislation requiring the controversial practice known as data retention, but "we don't have any position officially about how long records would have to be retained or what records would have to be retained," said Eric Wenger, a trial attorney with the Justice Department's computer crime unit.
During an event here hosted by the Federal Communications Bar Association, Wenger also said police already have ready access to other legal tools, such as the power to send letters to ISPs requesting "preservation" of existing data for up to 90 days while law enforcement obtains the necessary court authority to obtain that data.
But he categorized the lack of consistent data retention by ISPs as a "roadblock" to some investigations. He described, for example, a situation in which an investigator may be able to secure an IP address for a suspected phisher from Microsoft's Hotmail service. By the time the investigator took that IP address to the Internet service provider for more information about the suspect's identity, he may be told by the ISP that such information has already been purged.
"We've been talking to some of the companies to explain the needs we have for the records," he said, although he did not expressly urge adoption of new laws. Another possibility is that a data retention requirement could be extended beyond ISPs to search engines, which was discussed in private Justice Department meetings in October.
As first reported by CNET News.com in June 2005, Justice Department officials began quietly discussing the idea of data retention requirements, akin to what the European Union has already enacted.
Last week, Gonzales told members of the Senate Judiciary Committee that he planned to resume discussions with Congress about data retention legislation this year. The attorney general did not elaborate on his plans, but last year, he repeatedly said the practice was necessary to help investigators nab elusive online criminals, particularly sexual predators.
Privacy advocates have long resisted such mandates, arguing that they allow police to obtain records of e-mail chatter, Web browsing or chat room activity that normally would have been discarded after a few months--or in some cases, never kept at all.
CNET News.com's Declan McCullagh contributed to this report.
3 commentsJoin the conversation! Add your comment