Analyst Opinion - Most of us would agree that pornography is a scourge that, if it can't be eliminated from our online experience, should at least be shoved to the margins so that regular folks like us can enjoy the Internet in peace without be inundated. We'd also agree that child pornography is particularly reprehensible, and society owes its victims an unwavering commitment to make every reasonable effort to stop it. This is why I'm so torn over The Internet Safety Act, a package of two bills introduced by Texan legislators that, if passed into law, would force ISPs to retain user data from every subscriber's IP address for up to two years (see TG Daily's previous coverage).
In addition, the legislation could compel owners of Wi-Fi routers to also track this data. Senator Jon Cornyn and Representative Lamar Smith (Texas) said they introduced this legislation to help law enforcement agencies track and prosecute online porn peddlers much more easily than is currently the case.
It's a classic case of well-intentioned politics running smack into technological reality. While the tech solutions for this kind of data retention certainly exist, the scale required by across-the-board implementation would be massive. ISPs, already claim they're straining under exponential network traffic growth and flattening revenue due to the economy, would be forced to pour billions into massive network, storage, administration, reporting and staffing upgrades just to reach even a basic level of compliance.
Danger! Danger! Danger, Will Robinson
These costs would, of course, flow to beleaguered consumers at a time when many of them are losing jobs, homes and hope. Beyond money however, this legislation -- as well-intentioned as it is -- introduces a range of serious privacy concerns that no technology can realistically fix. By creating a rich repository of confidential data reflecting your every online activity for the past 24 months, we’d be giving criminals and identity thieves yet another potential future revenue stream. Your user IDs, passwords, address information and every other uniquely identifiable piece of data would now be conveniently aggregated in massive new data islands – and consequently even more vulnerable to theft -- making them far more attractive targets than ever before.
If you thought online banking services were already prime targets of criminal opportunity, imagine a world filled with massive data islands owned and controlled by your ISP – the same ISP that can’t get your bill right and routes your customer service calls to a call centre halfway around the world. We’ll leave discussion of record and movie company subpoenas for another day, but the risk is clearly there.
Feel any safer now? Didn’t think so.
Mr. Cornyn and Mr. Smith deserve praise for raising an issue that matters to society. No one questions the need to bring in the reins a little bit on an entity that’s become the modern-day equivalent of the Wild West frontier. But the technological, financial and security ramifications of this specific piece of proposed legislation would so far outweigh the risk of that which it's trying to prevent. Cutting the flow of child porn needs an approach somewhat more subtle than the technological equivalent of a sledgehammer.
The key word in all of this is “reasonable”. And it’s reasonable to conclude that the legislation, as proposed, potentially creates more problems than it solves.
Carmi Levy is a Canadian technology analyst and journalist covered with scars from his years leading IT help desks and managing software development projects for big bad insurance companies. He comments extensively in a wide range of media, and works closely with clients to help them leverage technology and social media tools and processes to drive their business.
[Editor's note: It's very important to recognize the dichotomy at work here. If the Congress were to pass blind legislation which basically said, "We are passing a law to require everyone to monitor, track and record everybody's URLs visited and all Wi-Fi access, and store it for a period of two years," we would be on them in amazing ways. Because of this reality they don't do present it that way. They attach it to something which seems so heinous that we would be willing to accept the other heinous thing, which is most likely the thing they really want, which is the storage of our personal data (for whatever reason).
On one side it's the "we're fighting against child pornography" argument, while on the other side it's the "we're putting all your privacy eggs in one basket, making them an attractive target for thieves" reality. Because of the reality we're facing, I'm forced to ask the question: Is this really designed to protect us? Or to harm us?
And surely there are better ways to track down child pornography rings. I can think of one off the top of my head. We could ask regular, well-meaning, desiring-to-serve-our-nation-better citizens to track down the perpetrators by posing as potential consumers. Once identified, they'd tell authorities so the police can go in and make arrests of the retailers. That information would ultimately lead back to the distributors and sources, who could also be arrested following some real police work. And of course there must be dozens of other ways to fight this scourge of our society.]
In addition, the legislation could compel owners of Wi-Fi routers to also track this data. Senator Jon Cornyn and Representative Lamar Smith (Texas) said they introduced this legislation to help law enforcement agencies track and prosecute online porn peddlers much more easily than is currently the case.
It's a classic case of well-intentioned politics running smack into technological reality. While the tech solutions for this kind of data retention certainly exist, the scale required by across-the-board implementation would be massive. ISPs, already claim they're straining under exponential network traffic growth and flattening revenue due to the economy, would be forced to pour billions into massive network, storage, administration, reporting and staffing upgrades just to reach even a basic level of compliance.
Danger! Danger! Danger, Will Robinson
These costs would, of course, flow to beleaguered consumers at a time when many of them are losing jobs, homes and hope. Beyond money however, this legislation -- as well-intentioned as it is -- introduces a range of serious privacy concerns that no technology can realistically fix. By creating a rich repository of confidential data reflecting your every online activity for the past 24 months, we’d be giving criminals and identity thieves yet another potential future revenue stream. Your user IDs, passwords, address information and every other uniquely identifiable piece of data would now be conveniently aggregated in massive new data islands – and consequently even more vulnerable to theft -- making them far more attractive targets than ever before.
If you thought online banking services were already prime targets of criminal opportunity, imagine a world filled with massive data islands owned and controlled by your ISP – the same ISP that can’t get your bill right and routes your customer service calls to a call centre halfway around the world. We’ll leave discussion of record and movie company subpoenas for another day, but the risk is clearly there.
Feel any safer now? Didn’t think so.
Mr. Cornyn and Mr. Smith deserve praise for raising an issue that matters to society. No one questions the need to bring in the reins a little bit on an entity that’s become the modern-day equivalent of the Wild West frontier. But the technological, financial and security ramifications of this specific piece of proposed legislation would so far outweigh the risk of that which it's trying to prevent. Cutting the flow of child porn needs an approach somewhat more subtle than the technological equivalent of a sledgehammer.
The key word in all of this is “reasonable”. And it’s reasonable to conclude that the legislation, as proposed, potentially creates more problems than it solves.
Carmi Levy is a Canadian technology analyst and journalist covered with scars from his years leading IT help desks and managing software development projects for big bad insurance companies. He comments extensively in a wide range of media, and works closely with clients to help them leverage technology and social media tools and processes to drive their business.
[Editor's note: It's very important to recognize the dichotomy at work here. If the Congress were to pass blind legislation which basically said, "We are passing a law to require everyone to monitor, track and record everybody's URLs visited and all Wi-Fi access, and store it for a period of two years," we would be on them in amazing ways. Because of this reality they don't do present it that way. They attach it to something which seems so heinous that we would be willing to accept the other heinous thing, which is most likely the thing they really want, which is the storage of our personal data (for whatever reason).
On one side it's the "we're fighting against child pornography" argument, while on the other side it's the "we're putting all your privacy eggs in one basket, making them an attractive target for thieves" reality. Because of the reality we're facing, I'm forced to ask the question: Is this really designed to protect us? Or to harm us?
And surely there are better ways to track down child pornography rings. I can think of one off the top of my head. We could ask regular, well-meaning, desiring-to-serve-our-nation-better citizens to track down the perpetrators by posing as potential consumers. Once identified, they'd tell authorities so the police can go in and make arrests of the retailers. That information would ultimately lead back to the distributors and sources, who could also be arrested following some real police work. And of course there must be dozens of other ways to fight this scourge of our society.]