4:48 am Apr 14 - by Megan Reilly
On January 18, 2012, the Internet went dark in protest of SOPA, the Stop Online Piracy Act. The participating websites were not necessarily supporting online piracy; in fact, most of them currently support anti-piracy legislation. What many creators on the Internet wanted lawmakers to see on January 18th was that the laws being pushed through did more harm in their current state than good in the grand scheme of Internet legislation.
The good news is that it worked. Both SOPA and the less talked about PIPA (Protect IP Act) have been tabled for now.
The bad news is that the fight for effective Internet legislation is far from over.
Fresh from committee, the Protecting Children from Internet Pornographers Act appears to be, at first glance, an effective way to make the Internet safer for America’s youth. The bill tightens up all sorts of problems with current child-protection legislation by prohibiting people from knowingly contributing funds to child pornographers, prohibiting harassment of child witnesses, amending current sentencing related to child pornography, and requiring all ISPs (Internet Service Providers) to hold Internet browsing information of all customers.
Wait. What was that last part?
All Internet Service Providers will be required, by law, to hold all of your temporarily assigned network addresses for 18 months (this is according to the summary by the Library of Congress; the bill itself states one year) at a time.
While most of the bill does great things to protect children, this section has many people worried about the future of their personal online information. The bill states that it is the “Sense of Congress” (or the intent and desire of Congress) “to encourage electronic communication service providers to give prompt notice to their customers in the event of a breach of the data retained” and “that records retained...should be stored securely to protect customer privacy and prevent against breaches of the records.”
It is a bit nerve-wracking to think that ISPs are only provided, by the bill, 180 days to develop a system to retain and protect our information, especially since it is only encouraged (see quote above) that we, as consumers, are promptly informed of any kind of breach. On top of that, the Attorney General has a full two years after the enactment of this bill to complete a study of how much these changes cost ISPs, meaning that in that time customer costs could potentially increase beyond what the ISPs actually lose.
On top of this, one section of the bill ensures that there can be “no cause of action against a provider disclosing information under this chapter” (Section 5). According to the summary provided to citizens by the Library of Congress, this goes so far as to bar any action against a provider for keeping and protecting a customer’s information. This could mean that, in the event of a security breach, customers who have their information stolen—such as which banking website they use or their online identity—would be unable to take action against the provider for having inadequate security measures. That is because, according to the summary, the next section “makes a good faith reliance on the requirement to retain records a complete defense to a civil action.” In other words, it allows ISPs to use only the government’s trust that the information will be retained and stored securely as their defense against any legal action.
Like SOPA and PIPA, the focus of the bill is not what people are nervous about, and the majority of the reasoning makes sense. People do not fear the bill itself, but they instead worry about the wording and how the security measures are presented. How will this be interpreted in the future? The bill currently only allows for a subpoena of information in cases investigating unregistered sex offenders, but what kind of precedent does this kind of surveillance set? Will it be the ISPs or the customers who are made to bear the financial burden of setting up these new storage and security measures? What does the future of the Internet really hold if these levels of surveillance are the norm?
We definitely need more protection for the children this bill begins to address, but responsible, reasonable Internet legislation is necessary to deal with every kind of Internet crime, especially when the privacy of all online Americans is at stake.
No comments yet!