“Republican politicians on Thursday called for a sweeping new federal law that would require all Internet providers and operators of millions of Wi-Fi access points, even hotels, local coffee shops, and home users, to keep records about users for two years to aid police investigations,” reports CNet News. The two bills that have been introduced, S.436 and H.R.1076, are titled “Internet Stopping Adults Facilitating the Exploitation of Today’s Youth Act,” or Internet SAFETY Act. A provision of the bill reads, “A provider of an electronic communication service or remote computing service shall retain for a period of at least two years all records or other information pertaining to the identity of a user of a temporarily assigned network address the service assigns to that user.”
Sen. John Cornyn (R-TX), Lamar Smith (R-TX), the senior Republican on the House Judiciary Committee, and Texas Attorney General Greg Abbott held a press conference to announce the legislation. They urged the passage of the bills in order to protect children. CNet reports, “The legislation, which echoes a measure proposed by one of their Democratic colleagues three years ago, would impose unprecedented data retention requirements on a broad swath of Internet access providers and is certain to draw fire from businesses and privacy advocates.”
Translated, the Internet Safety Act applies not just to AT&T, Comcast, Verizon, and so on–but also to the tens of millions of homes with Wi-Fi access points or wired routers that use the standard method of dynamically assigning temporary addresses. (That method is called Dynamic Host Configuration Protocol, or DHCP.) […]
The legal definition of electronic communication service is “any service which provides to users thereof the ability to send or receive wire or electronic communications.” The U.S. Justice Department’s position is that any service “that provides others with means of communicating electronically” qualifies.
That sweeps in not just public Wi-Fi access points, but password-protected ones too, and applies to individuals, small businesses, large corporations, libraries, schools, universities, and even government agencies. Voice over IP services may be covered too.
Under the Internet Safety Act, all of those would have to keep logs for at least two years. It “covers every employer that uses DHCP for its network,” [says Albert Gidari, a partner at the Perkins Coie law firm in Seattle who specializes in this area of electronic privacy law]. “It covers Aircell on airplanes–those little pico cells will have to store a lot of data for those in-the-air Internet users.”
Read the full story to get more details. I will be tracking this legislation and the debate around it.