John Mizuno, a Democratic state legislator in Hawaii, wants to require virtual dossiers to be compiled on state residents: two years' worth of their Internet browsing.
(Credit: Hawaii.gov) H.B. 2288, which was introduced Friday, says the dossiers must include a list of Internet Protocol addresses and domain names visited. Democratic Rep. John Mizuno of Oahu is the lead sponsor; Mizuno also introduced H.B. 2287, a computer crime bill, at the same time last week.
Last summer, U.S. Rep. Lamar Smith (R-Texas) managed to persuade a divided committee in the U.S. House of Representatives to approve his data retention proposal, which doesn't go nearly as far as Hawaii's. (Smith, currently Hollywood's favorite Republican, has become better known as the author of the controversial Stop Online Piracy Act, or SOPA.)
It's not exactly clear what prompted Mizonu to introduce this measure, and he and the other sponsors did not immediately respond to a request for comment from CNET.
"I assume it's to make the data available to be subpoenaed when the state is pursuing people suspected of serious crimes, but I haven't heard anything from the representatives themselves," says Daniel Leuck, chief executive of Honolulu-based software design boutique Ikayzo.
Mizuno's proposal currently specifies no privacy protections, such as placing restrictions on what Internet providers can do with this information (like selling user profiles to advertisers) or requiring that police obtain a court order before perusing the virtual dossiers of Hawaiian citizens. Also absent are security requirements such as the use of encryption.
Because the wording is so broad and applies to any company that "provides access to the Internet," Mizuno's legislation could sweep in far more than AT&T, Verizon, and Hawaii's local Internet providers. It could also impose sweeping new requirements on coffee shops, bookstores, and hotels frequented by the over 6 million tourists who visit the islands each year.
"H.B. 2288 raises all of the traditional concerns associated with data retention, and then some," Kate Dean, head of the U.S. Internet Service Provider Association, which counts Verizon and AT&T as members, told CNET. "And this may be the broadest mandate we've seen."
Even the Justice Department has only lobbied the U.S. Congress to record Internet Protocol addresses assigned to individuals--users' origin IP address, in other words. It hasn't publicly demanded that companies record the destination IP addresses as well.
In Washington, D.C., the fight over data retention requirements has been simmering since the Justice Department pushed the topic in 2005, a development that was first reported by CNET. Proposals publicly surfaced in the U.S. Congress the following year, and President Bush's attorney general, Alberto Gonzales said it's an issue that "must be addressed." So, eventually, did FBI director Robert Mueller.
Democrat Jill Tokuda, the Hawaii Senate's majority whip, has introduced a companion bill, S.B. 2530, in the Senate. No hearing has been scheduled on Tokuda's bill.
No comments:
Post a Comment