Skip to main content

House Judiciary Debates Data Retention Bill

The House Judiciary Committee recessed for votes Wednesday after some lively debate over the degree to which online IP addresses and account information should be available to law enforcement to investigate child pornography.

The debate did not divide neatly along party lines, with one legislator joking that he hoped there would be no record of his agreement with his colleague on the other side of the aisle. Everyone agreed combating child porn is a good thing, but there was no agreement on whether giving the government the opportunity to investigate online account information was necessary or advisable.

The subject of the hearing is a markup of H. 1981, the ‘‘Protecting Children 5 From Internet Pornographers Act of 2011." The disagreement was over whether it violated privacy rights in the name of protecting children, which Rep. Barney Frank (D-Mass.) suggested it did, saying that incursions on liberty usually appeared under that alias.

The bill would require commercial ISPs to retain customer IP addresses and associated account information for a year, making them available for law enforcement in the case of child porn investigations and relieving those ISPs of liability if that information were disclosed.

The idea is to give law enforcement officials data to help them track down child pornographers, but Frank argued that the problem was not a lack of data, that there were billions of bits of data lying around unanalyzed, but that requiring it to be retained and subject to abuse would not help stop child pornography and could threaten the privacy of everyone.

Judiciary Committee Chairman Lamar Smith (R-Tex.), co-author of the bill with Democrat Debbie Wasserman-Schultz of Florida, pointed out that the bill would exclude free and government Wi-Fi nets like libraries and the local coffee shop, but that led Rep. Zoe Lofgren (D.-Calif.) to suggest that would just encourage pornographers to go to the local library or Starbucks.

The bill says that "A provider of an electronic communication service or remote computing service shall retain for a period of at least months the temporarily assigned network addresses the service assigns to each account..." It says the information should be stored "securely" to "protect customer privacy and prevent against breaches of the records."

That language is too broad for some legislators, uniting Frank with Republican Darrell Issa (R-Calif.) and in opposition to Smith. He said the bill was not about attacking child porn, saying there were already ways of doing that without opening up a "Pandora's box" of threats to people's privacy rights. He said the bill was a way for the government to access information it could not through the Patriot Act.

Lofgren, who opposes the bill, raised a number of objections to it, including that it was unclear how much it would cost ISPs to implement the retention plan, the burden it could put on wireless carriers who may assign dozens of IP addresses to a single phone in a single hour, how much it could increase the cost of access the Internet, and whether the requirement that only a government entity could access the data logs would include civil litigants armed with a court order or defense lawyers. If not in the case of the latter, she said, it could pose due process problems. She called it a "mess" of a bill.

At press time, the committee had voted down amendments introduced by Rep. Robert Scott (D-Va.) that would have reduced the data retention period to 180 days and made it explicit that data could be accessed only in relation to child pornography.
Approved was a Scott amendment that would have required an impact study of the costs of compliance.
Withdrawn was his amendment that would have exempted ISPs with fewer than 2 million broadband subs after Smith said he would work with smaller ISPs to address that issue before the bill made it to the floor. Also withdrawn was a Scott amendment that would have changed the name of the bill to something on the order of Issa's suggested title: "The bill to require the retention of data for any use at all Act." Scott said he withdrew it after Smith had made the point for him. Smith, in opposing narrowing the use of the data to child porn, said it didn't make sense not to let law enforcement use it to investigate drug trafficking, data breaches, threats to the president and other things.