Legislation and its effects in our world
fred at cisco.com
Wed Feb 25 17:06:13 UTC 2009
I am not a lawyer; I am a person that can read something that is
written in the English language, and considered by some to be a
"reasonable man". So please don't consider this to be legal advice.
Also, although I am posting from a Cisco account, this note represents
my understanding based on a reading of the text of the bill, not an
opinion of or advice by Cisco. Further, I do not represent myself as
either for or against the legislation or the implied technology. I
have opinions on all that, but I'll save them for another email.
#include <any other disclaimers that are important>
The text of the bill, which is in committee, is at http://www.govtrack.us/congress/billtext.xpd?bill=s111-436
. Read the text of the bill before continuing with my comments on it
or on Declan's article.
Most of the bill is about defining "child pornography", such as "
inserting ‘1466A (relating to obscene visual representation of the
abuse of children),’ before ‘section 1708’", or about changing
penalties. Data retention is discussed in section 5:
> SEC. 5. RETENTION OF RECORDS BY ELECTRONIC COMMUNICATION SERVICE
> Section 2703 of title 18, United States Code, is amended by adding
> at the end the following:
> ‘(h) Retention of Certain Records and Information- A provider of an
> electronic communication service or remote computing service shall
> retain for a period of at least two years all records or other
> information pertaining to the identity of a user of a temporarily
> assigned network address the service assigns to that user.’.
In context, this is about providers of a service. BTW, it doesn't talk
about *creating* a record that doesn't exist, it talks about
*retaining* records that have already been created, such as billing
records or other records that would support billing and maintenance.
IANAL, so run this by your lawyers, but a provider of a service is in
the FCC definitions someone that sells a service to random purchasers,
not someone that provides communications to his own employees,
students, or family members. This came up during the discussion by the
FCC about lawful intercept and what constituted a network that had to
implement it several years ago. This is confirmed, says the
"reasonable man", by the definition of the offense in Section 3:
> ‘(a) Offense- Whoever, being an Internet content hosting provider or
> email service provider, knowingly engages in any conduct the
> provider knows or has reason to believe facilitates access to, or
> the possession of, child pornography (as defined in section 2256)
> shall be fined under this title or imprisoned not more than 10
> years, or both.
Note the lack of reference to home routers, wireless in any form, or
any of the other stuff Declan mentions in his article:
> (CNET) -- Republican politicians on Thursday called for a sweeping
> new federal law that would require all Internet providers and
> operators of millions of Wi-Fi access points, even hotels, local
> coffee shops, and home users, to keep records about users for two
> years to aid police investigations.
I would ask you, how many local coffee shops or hotels that you know
of operate their own Internet access? How many instead contract with T-
Mobile or some other provider? Since the billing record is done with
the provider (you somehow pay a bill to T-Mobile-or-whoever for use of
the wifi and you identify yourself to them at the time you access the
service), whom would you expect might be required to "retain" those
I would also be a trifle careful with Declan's repeated references to
the party of the person who submitted the bill. The bill is, or at
least looks like, enabling legislation required by the Cybercrime
Treaty (http://tinyurl.com/6m9ey, Article 20 of which calls for what
is now called "Data Retention"), and is pretty much in line with the
current EU directive on the topic (http://tinyurl.com/2maatj). Both
major parties in the US have been on deck during the negotiation of
the CyberCrime Treaty, and whatever your opinion of it might be, this
bill is in line with Obama campaign promises and actions as president
as I understand them.
I personally tend to ignore stuff written by Declan. It requires too
much work to drill through the political activism and sensationalism-
portrayed-as-journalism to find the germ of truth that inspired the
On Feb 25, 2009, at 7:06 AM, Jim Willis wrote:
> After having a brief conversation with a friend of mine over the
> about this new proposed legislation I was horrified to find that I
> could not
> dig anything up on it in NANOG. Surely this sort of short minded
> should have been a bit more thought through in its effects on those
> would have to implement these changes. My major concern is not just
> myself but for a much broader picture.
> "Republican politicians on Thursday called for a sweeping new
> federal law
> that would require all Internet providers and operators of millions
> of Wi-Fi
> access points, even hotels, local coffee shops, and home users, to
> records about users for two years to aid police investigations."
> I understand and agree that minors should be protected and I think
> pornography is awful, however I think how the government is going
> catching these criminals with this new legislation will not really
> be any
> more efficient than there current methods. Having a log of all IP's
> come across my or anyone in America's "home" Wi-Fi for two years is
> going to help "police investigations" but will cause me to have to
> go buy a
> more expensive router.
> So I'm just wondering, how would this legislation effect some of you
> on the
> NANOG list?
More information about the NANOG