August 22, 2006 11:52 AM PDT
Qwest calls for mandatory data retention laws
- Related Stories
Industry, others object to data retentionMay 31, 2006
ISP snooping plans take backseatMay 18, 2006
Republican politico endorses data retentionMay 5, 2006
FCC approves Net-wiretapping taxesMay 3, 2006
Congress may consider mandatory ISP snoopingApril 28, 2006
U.S. attorney general calls for 'reasonable' data retentionApril 20, 2006
Your ISP as Net watchdogJune 16, 2005
Jennifer Mardosz, Qwest's corporate counsel and chief privacy officer, applauded efforts by politicians to force broadband providers to engage in so-called "data retention," which Attorney General Alberto Gonzales said will aid in investigations into terrorism and child exploitation. This appears to be the first time a broadband provider has called for data retention laws.
"We support legislation related to data retention," Mardosz said at the Progress and Freedom Foundation's annual summit here. Mardosz said Qwest "absolutely" endorses a measure (click for PDF) proposed in April by Rep. Diana DeGette, a Colorado Democrat.
In a public flip-flop, the Bush administration now is lobbying for data retention laws, even though it previously expressed "serious reservations about broad mandatory data retention regimes." Rep. Joe Barton, the influential chairman of the House Energy and Commerce Committee, has endorsed data retention and is expected to introduce a bill after the panel completes a series of hearings on child exploitation.
"We support legislation," Mardosz said Tuesday. "We want to be at the table. We want to have these discussions. The main thing is what's reasonable and balancing the interests of privacy and law enforcement." Qwest already keeps logs for more than 99 percent of its services for one year, she said.
This is an unusual stand for Qwest, which defended its customers' privacy rights when requiring the National Security Agency to obtain a court order to conduct electronic surveillance, according to a USA Today article in May. The Denver-based company has a market capitalization of $16.5 billion and says it has 784,000 wireless customers and 1.7 million DSL (digital subscriber line) customers.
Privacy groups have strongly opposed mandatory data retention, and many Internet providers have been skeptical of new laws. The U.S. Internet Industry Association has said current proposals aren't "going about this the right way," and the Information Technology Association of America has raised "real reservations" about legislation.
ISP snooping timeline
In events that were first reported by CNET News.com, Bush administration officials have said Internet providers must keep track of what Americans are doing online. Here's the timeline:
June 2005: Justice Department officials quietly propose data retention rules.
December 2005: European Parliament votes for data retention of up to two years.
April 14, 2006: Data retention proposals surface in Colorado and the U.S. Congress.
April 20, 2006: Attorney General Gonzales says data retention "must be addressed."
April 28, 2006: Rep. DeGette proposes data retention amendment.
May 26, 2006: Gonzales and FBI Director Robert Mueller meet with Internet and telecommunications companies.
June 27, 2006: Rep. Joe Barton, chair of a House committee, calls new child protection legislation a "highest priority."
"Imposing broad data retention would be a significant change to U.S. law, especially when it has not been shown that a narrower data preservation approach will not work just as well," said Kate Dean, director of the U.S. Internet Service Provider Association. "The proposal to store enormous amounts of data on subscribers and keep it live for a lengthy period of time raises serious technical, legal and security concerns." (The association's members include AOL, AT&T, BellSouth, EarthLink and Verizon Communications.)
Qwest's enthusiastic endorsement of mandatory data retention could make it politically easier for members of Congress to enact new laws even if other companies remain staunchly opposed.
Details about the Bush administration's call for data retention remain ambiguous. At the very least, administration officials want to compel Internet providers to keep records of which Internet Protocol address a customer is assigned.
But during private meetings with industry officials, FBI and Justice Department officials have cited the desirability of also forcing search engines to keep logs--a proposal that could gain additional law enforcement support after AOL showed how useful such records could be in investigations.
Mardosz said that keeping records of what Web pages are visited (another possible option) would go too far. "If you get along the lines of content, there's going to be a lot pushback (and privacy concerns)," she said. "We don't want to go there."
DeGette's proposed legislation says any Internet service that "enables users to access content" must permanently retain records that would permit police to identify each user. The records could only be discarded at least one year after the user's account was closed.
Critics of DeGette's proposal have said that while the justification for Internet surveillance might be protecting children, the data would be accessible to any local or state law enforcement official investigating anything from drug possession to tax evasion. In addition, the one-year retention is a minimum; the Federal Communications Commission would receive the authority to require Internet companies to keep records "for not less than one year after a subscriber ceases to subscribe to such services."
22 commentsJoin the conversation! Add your comment