In September, U.S. Attorney General Alberto Gonzales told lawmakers that ISPs should be legally required to preserve customer records for perhaps as long as two years. Currently there are no federal laws governing customer record retention for ISPs.
Gonzales says that the customer records must be preserved for that length of time to assist the government in cracking down on child pornography.
The problem with this, of course, is that the result is records are preserved on millions of completely innocent people in order to help prosecute a relatively small number of cases that involve child pornography (in 2000-2001, according to the National Center for Missing & Exploited Children, a little over 1,700 people were arrested on child pornography-related charges).
And once that data is collected and preserved, it will inevitably be subpoenaed far and wide for everything from terrorism prosecutions to copyright infringement to anything else under the Sun.
As I’ve said before, ISPs should not preserve any sort of customer traffic records for any longer than they need for technical purposes — no more than a few days, at most. More importantly, ISPs and web services need to be more upfront and make more accessible just how long they do preserve such customer data and under what circumstances they will provide said data to law enforcement and other entities.
Sources:
Child pornography fact sheet. National Center for Missing & Exploited Children, Accessed: September 30, 2006.
Gonzales Calls for ISP Customer Data Retention Law. RedmondMag.Com, September 19, 2006.