August 3, 2011

H.R.1981, the end of online privacy as we know it.

by with 20 comments

The sponsors of bill H.R.1981 are not stupid people. By naming a bill ‘The Protecting Children from Internet Pornographers Act of 2011′ they have managed to take a piece of legislation that could be the worst threat to online privacy ever and make it virtually impervious to critique. Who will stand up and vote against the safety of our children?

So what does this piece of legislation hold that could possibly threaten online privacy?

Bill H.R.1981 contains legal responsibility for any Internet Service Provider to keep detailed records of “your Internet activity for 12 months, your name, the address where you live, your bank account numbers, your credit card numbers, and any IP-addresses you’ve been assigned.”

To be honest, these are characteristics that a lot of Internet Providers most likely already know. The real difference here with the Bill is how they would easily they could then provide this information to law enforcement. It’s an intricate set of rules whereby the government agencies have to go through the process of… well… just asking for it. Yep, that’s it.

As the bill is written – any person under investigation of a crime (or possibly even civil matters such as custody battles or divorces) could look forward to having an extensive part of their life accessible without warrant or cause. As Rep. James Sensenbrenner says, (R-Wisc.): “It poses numerous risks that well outweigh any benefits, and I’m not convinced it will contribute in a significant way to protecting children.”

So what are some of the obvious risks of this new legislation? Well as many people know, losing your credit card or having your identity stolen is a horrible experience. Can you even imagine what kind of damage could be caused if someone got a hold of all this information PLUS your web habits and login and passwords? (See. Update)

Consider a scenario: Someone steals your web habits and your identity. How do you recover your identity and credit when the first thing the hacker does is cancel your credit monitoring service account and then sends your power bill, bank account, and new drivers license to your ‘new address’? All this would be possible if someone gained unlimited access to the email, personal information, credit card number, surfing habits, and login/password to web services that are used by many people daily and are the very items which would be compromised. (See. Update)

Many people today live a life where everyday services such as email, banking, document handling, photos, social media networks, and data storage are as important as the documents you carry in your wallet. With this in mind, how can we allow the government unlimited access to such an extensive part of our lives virtually without restraints?

Equally as important, how can we allow companies with anything but stellar security track records providing us unqualified services to have virtually unlimited access to all parts of our online life?

To protest H.R.1981 you can visit the Electronic Frontier Foundation Electronic Frontier Foundation and fill out a one-click petition against the bill.

UPDATE: After further investigation and as hacker news user; ‘skymt’ pointed out (thank you) bill H.R.1981 amends the current bills storage of only the assigned IP-address of the consumer, and not explicitly Internet usage records. One possibly argue that it is likely that this data is also available for the ISP. However, the does NOT state that these shall be stored or made available.

  1. How do they define ISP? Your cable/FIOS provider? The person you pay the monthly fees to connect you to the net? It's not even an effective law so maybe they are stupid people. Sign up for a VPN service, it could be one based outside the US, and everything that goes through your ISP is encrypted.

  2. Of course nothing is bad at all if it's easy to get around. I bet the above commentator would support being sent to a concentration camp as well if it was easy to escape from….

  3. @ Alan: i don't know whether your proposal would be technically practicable on a large scale for the amount of people affected Рregardless there can be no doubt that practically nobody would do it in the first place. And with practically nobody i mean the vast mnajority of internet users! So there we are back where the above post started.

  4. @all,
    What I think is especially BAD about the bill is that just as Alan points out. There are ways for people to just circumvent it. Hence, the people that REALLY want to hide their online activity could very well do so, while the public majority would not and be more likely to be harassed, blackmailed and falsely accused due to the legislation.

  5. Basically, what the legislation would do is make the REAL criminals more careful and hide even deeper, while some poor sap going through a divorce would have his porn habits on display.

  6. There is no point debating over whether this bill would effectively target criminals or not. It isn't meant to, it is meant specifically to let the government encroach on the privacy of its law-abiding citizens.

  7. Isn't there already a network being set up through repeater mode. I can't remember the name but started w/ a C. Would that be effective or what about tethered access.

  8. Hhmmmm…….knock knock. Who's there? A perfect opportunity to humilate your governmentagain…. To good to be true.

  9. Why cant the government leave innocent americans alone? They think they are stopping pirates and terrorist, but in reality, they are making them more cautious, therefore better at what they do!

  10. Gov wants nothing short of full control, like north korea

    Proof is in that infinite detain without trial bill and the sopa/pipa one, while the sponsors believe to be able to profit heavily from this should they succeed.

    I just love how these officials waste so much money on things that will **** up the US economy further while also stripping our people of their rights.

  11. Don't worry, everyone! The bill advises ISP's to store your data in a "secure location". Everything will be fine! *the most obvious sarcastic tone I can possibly convey*

  12. Everyone is and should be concerned by this news. Most think that only the riots and the work of the newly accredited group "anonymous" can undertake the task of stopping it. But, the people sitting at home right now, you have the power as well. Signing the linked petition is a way for each person to make a difference and help stop the atrocity that is H.R. 1981 from taking over our internet and allowing future generations the freedom they deserve. To sign, please follow the link:

  13. FFS!!! How many of these things are flying around ? PIPA / SOPA / ACTA / H.R 1981 – Anything else !! ??? Looks like there is absolute determination from the powers that be to cripple the web as we know it .
    All this to protect some copyrighted fatcats content ? Nah, its bigger than that, the 'big content' brigade are just hitching a ride.

  14. HR 1981 does not do all those thing. Specifically, it requires that the ISP record and retain for one year the "a log of the temporarily assigned network addresses the provider assigns to a subscriber or customer of such service". In other words , the IP address.

    Your name, address and credit card and bank numbers

  15. Sorry, to continue from above.

    Your name, address and credit card and bank numbers are already being recorded as specified by Title 18, Section 2703 and 2704. HR1981 is not yet passed. Title 18 was passed in Jan 2011.

    But what HR1981 does do is allow those records to be linked to real people. We're being told that HR1981 requires ISPs to record all that data when, in fact, it's already be recorded.