As I said previously about congressional efforts to pass SOPA/PIPA, the attempts to control the internet are not over. It’s been all of a week since the first efforts at passing SOPA failed, and now we have the next step. This potential legislation is even more blatant than before, which means it is probably a “fake” attempt that will be knocked down so that something “much better” can take it’s place. Don’t fall for it. –Dennis
Hawaii’s legislature is weighing an unprecedented proposal to curb the privacy of Aloha State residents: requiring Internet providers to keep track of every Web site their customers visit.
John Mizuno, a Democratic state legislator in Hawaii, wants to require virtual dossiers to be compiled on state residents: two years’ worth of their Internet browsing.
Its House of Representatives has scheduled a hearing this morning on a new bill (PDF) requiring the creation of virtual dossiers on state residents. The measure, H.B. 2288, says “Internet destination history information” and “subscriber’s information” such as name and address must be saved for two years.
H.B. 2288, which was introduced Friday, says the dossiers must include a list of Internet Protocol addresses and domain names visited. Democratic Rep. John Mizuno of Oahu is the lead sponsor; Mizuno also introduced H.B. 2287, a computer crime bill, at the same time last week.
Last summer, U.S. Rep. Lamar Smith (R-Texas) managed to persuade a divided committee in the U.S. House of Representatives to approve his data retention proposal, which doesn’t go nearly as far as Hawaii’s. (Smith, currently Hollywood’s favorite Republican, has become better known as the author of the controversial Stop Online Piracy Act, or SOPA.)
It’s not exactly clear what prompted Mizonu to introduce this measure, and he and the other sponsors did not immediately respond to a request for comment from CNET.
“This bill represents a radical violation of privacy and opens the door to rampant fourth amendment violations,” says Daniel Leuck, chief executive of Honolulu-based software design boutique Ikayzo, who submitted testimony opposing the bill. He adds: “Even forcing telephone companies to record everyone’s conversations, which is unthinkable, would be less of an intrusion.”
Mizuno’s proposal currently specifies no privacy protections, such as placing restrictions on what Internet providers can do with this information (like selling user profiles to advertisers) or requiring that police obtain a court order before perusing the virtual dossiers of Hawaiian citizens. Also absent are security requirements such as mandating the use of encryption.
Because the wording is so broad and applies to any company that “provides access to the Internet,” Mizuno’s legislation could sweep in far more than AT&T, Verizon, and Hawaii’s local Internet providers. It could also impose sweeping new requirements on coffee shops, bookstores, and hotels frequented by the over 6 million tourists who visit the islands each year.
“H.B. 2288 raises all of the traditional concerns associated with data retention, and then some,” Kate Dean, head of the U.S. Internet Service Provider Association, which counts Verizon and AT&T as members, told CNET. “And this may be the broadest mandate we’ve seen.”
Even the Justice Department has only lobbied the U.S. Congress to record Internet Protocol addresses assigned to individuals–users’ origin IP address, in other words. It hasn’t publicly demanded that companies record the destination IP addresses as well.
In Washington, D.C., the fight over data retention requirements has been simmering since the Justice Department pushed the topic in 2005, a development that was first reported by CNET. Proposals publicly surfaced in the U.S. Congress the following year, and President Bush’s attorney general, Alberto Gonzales said it’s an issue that “must be addressed.” So, eventually, did FBI director Robert Mueller.
Updated at 8:30 a.m. PT.