August 3, 2011
H.R.1981, the end of online privacy as we know it.
The sponsors of bill H.R.1981 are not stupid people. By naming a bill ‘The Protecting Children from Internet Pornographers Act of 2011′ they have managed to take a piece of legislation that could be the worst threat to online privacy ever and make it virtually impervious to critique. Who will stand up and vote against the safety of our children?
So what does this piece of legislation hold that could possibly threaten online privacy?
Bill H.R.1981 contains legal responsibility for any Internet Service Provider to keep detailed records of “your Internet activity for 12 months, your name, the address where you live, your bank account numbers, your credit card numbers, and any IP-addresses you’ve been assigned.”
To be honest, these are characteristics that a lot of Internet Providers most likely already know. The real difference here with the Bill is how they would easily they could then provide this information to law enforcement. It’s an intricate set of rules whereby the government agencies have to go through the process of… well… just asking for it. Yep, that’s it.
As the bill is written – any person under investigation of a crime (or possibly even civil matters such as custody battles or divorces) could look forward to having an extensive part of their life accessible without warrant or cause. As Rep. James Sensenbrenner says, (R-Wisc.): “It poses numerous risks that well outweigh any benefits, and I’m not convinced it will contribute in a significant way to protecting children.”
So what are some of the obvious risks of this new legislation? Well as many people know, losing your credit card or having your identity stolen is a horrible experience. Can you even imagine what kind of damage could be caused if someone got a hold of all this information PLUS your web habits and login and passwords? (See. Update)
Consider a scenario: Someone steals your web habits and your identity. How do you recover your identity and credit when the first thing the hacker does is cancel your credit monitoring service account and then sends your power bill, bank account, and new drivers license to your ‘new address’? All this would be possible if someone gained unlimited access to the email, personal information, credit card number, surfing habits, and login/password to web services that are used by many people daily and are the very items which would be compromised. (See. Update)
Many people today live a life where everyday services such as email, banking, document handling, photos, social media networks, and data storage are as important as the documents you carry in your wallet. With this in mind, how can we allow the government unlimited access to such an extensive part of our lives virtually without restraints?
Equally as important, how can we allow companies with anything but stellar security track records providing us unqualified services to have virtually unlimited access to all parts of our online life?
To protest H.R.1981 you can visit the Electronic Frontier Foundation Electronic Frontier Foundation and fill out a one-click petition against the bill.
UPDATE: After further investigation and as hacker news user; ‘skymt’ pointed out (thank you) bill H.R.1981 amends the current bills storage of only the assigned IP-address of the consumer, and not explicitly Internet usage records. One possibly argue that it is likely that this data is also available for the ISP. However, the does NOT state that these shall be stored or made available.