How New Internet Spying Laws Will Actually ENABLE Stalkers, Spammers, Phishers And, Yes, Pedophiles & Terrorists

from the not-as-simple-as-you-might-think dept

There's proposed legislation in the US (sponsored by Lamar Smith) and in Canada (sponsored by Vic Toews) and in the UK that uses various flimsy justifications for the mass collection of data on telecommunications users. The data covered by these proposals varies, but includes things like URLs, phone calls, text/instant/email messages, and other forms of communication. Some of this proposed legislation deals with communication metadata, e.g., sender, recipient, time, etc.; some of it deals with communication content, e.g., the full text of messages.

I'm going to gloss over the specifics for two reasons: first, they've been covered exhaustively elsewhere, and second, I think it's an absolute certainty that whatever these proposals contain, the next ones will contain more.

The putative reasons given for these proposals are the usual Four Horseman of the Infocalypse: terrorists, pedophiles, drug dealers, and money launderers. One would think, given the hysteria being whipped up by the proponents of these bills, that one could hardly walk down the street without being offered raw heroin by a grenade-throwing child pornographer carrying currency from 19 different countries.

Of course, everyone who's actually studied terrorists, pedophiles, drug dealers and money launderers in the context of telecommunications knows full well that nothing in these bills will actually help deal with them. The very bad people who are seriously into these pursuits are not stupid, and they're not naive: they use firewalls, encryption, and tunneling. They use strong operating systems and robust application software. They use rigorous procedures guided by a strong sense of self-preservation and appropriate paranoia. They're not very likely to be caught by any of the measures in these bills because they'll (a) read the text and (b) evade the enumerated measures.

Yes, there are occasional exceptions: every now and then, a clueless newbie or a careless dilettante turns up when they're caught. And of course when that happens, there's always a press conference announcing the event, and many claims that it's a "major blow against crime" and a flood of self-congratulatory press releases. But it doesn't mean anything, except that someone was either stupid...or careless...or was set up.

The unpleasant reality that these bills are trying to avoid is that catching very bad people requires diligence, patience, expertise and intelligence, aka "competent police work." There's no substitute and there are no shortcuts. This means that these bills will achieve very few of their stated goals; that is, the benefit to society from them will be minimal, if any.

But what about the cost?

I don't mean the financial cost, although that will be high -- much higher than those proposing such legislation are prepared to admit; I mean the cost to society as a whole.

If such legislation passes, then everyone will know that every ISP is building a database -- a highly useful database for very bad people. It's the sort of thing that some very bad people have been trying to construct for years, often at considerable expense and effort. How very nice of someone else to build it for them, saving them the cost and trouble -- because they, and/or their agents, will of course target it for acquisition. And given the parade of security breaches and dataloss incidents we see on a daily basis, it's certain they'll get it. (My bet is that they'll get it before it's even finished. Any takers?)

There's an old military saying -- a bit of inter-service trash talk: "The Air Force builds weapons; the Navy builds targets".

Politicians who propose such measures appear to be thinking that they're building a weapon -- a weapon that law enforcement agencies can use to pursue people who've committed, or are suspected of committing, crimes. But they're not. They're building a target. They're building the mother lode for stalkers, pedophiles, spammers, identity thieves, child pornographers, blackmailers, extortionists, and yes -- terrorists. A Techdirt story just a few days ago gave some rather creepy examples of what Target's data mining can do...and they're just trying to sell you stuff. Imagine what very bad people are capable of, given far richer data and the rather obvious inclination to break the law at will.

What's worse than building a target? Telling everyone you're building a target. What's worse than telling everyone you're building a target? Telling everyone where it is. What's worse than telling everyone where it is? Telling them what's in it. Yet that's exactly what these bills would do: force the construction of a target, inform everyone that it exists, where it is, and what's in it.

I'm sure that the very bad people these bills allegedly target are delighted. I'll bet they're having a hard time not expressing their enthusiastic support. But my guess is that most of them will heed Napoleon's sage advice: "Never interrupt your enemy when he is making a mistake."

I'm not the only one who's observed that these databases are targets, not weapons. So has Ontario Information and Privacy Commissioner Ann Cavoukian:

"This is going to be like the Fort Knox of information that the hackers and the real bad guys will want to go after. This is going to be a gold mine. [...] The government will say that they can protect the data, and they can encrypt it. Are you kidding me? The bad guys are always one step ahead."

But this is not the worst of it -- that is, the certainty that very bad people will find ways to acquire these databases and to correlate them with each other and with still more databases isn't the endgame.

Particularly talented intruders will not only get it, they'll monitor it in real time. How do you feel about someone knowing where you bank, that you've made three phone calls to stores today, and that you have a Visa card with the following number that you just used from a hotel room 300 miles from home? How do you feel about the web browsing of your teenage daughter being observed by someone who's also reading her instant messages and listening to her VOIP calls, and has the IP address she's using in her college dorm room?

And even this is STILL not the worst of it. Given the rampant Internet and computer illiteracy that we see every day out of law enforcement, private investigators, journalists, and others around the world -- such as the clueless people behind these bills -- it's only going to be a short time until "the logs say X" becomes semantically equivalent in the vernacular to "X is true". And it is at that point that some of the more talented very bad people won't just acquire this data: they'll modify it.



Reader Comments (rss)

(Flattened / Threaded)

  •  
    identicon
    Anonymous Coward, Feb 23rd, 2012 @ 9:04am

    If you are going to link to a scary Michael Geist post (and try to pass it off as fact) at least link to one that isn't a speculative "What is Bill C-30 likely to contain" post.

    You defeated yourself in the first paragraph, and it didn't get any better from there.

    2/10

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 23rd, 2012 @ 9:11am

      Re:

      Does this mean, AC #1 (You got first post!) , that you support these bills?
      I see them as intrusive and basically warrantless spying and collection of my data.

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        gorehound (profile), Feb 23rd, 2012 @ 9:27am

        Re: Re:

        And I do too !!! This is just a way to control us even more.
        As we slip faster and faster towards some kind of Police State.
        When will this BS end ?

         

        reply to this | link to this | view in chronology ]

    •  
      icon
      Sneeje (profile), Feb 23rd, 2012 @ 9:13am

      Re:

      5/10 for your dismissive rhetoric. Some foolish people might even be swayed by it, but you failed to explain how anything said here or on Mr. Geist's post is inaccurate.

      The bill has come out of committee and the CBO has even assessed how much it will cost to enact the legislation. The bill exists, it has been read and analyzed by many.

      So, exactly what is your specific concern here? Can you point to someone that has done a credible analysis that has different conclusions?

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 23rd, 2012 @ 9:39am

        Re: Re:

        " Can you point to someone that has done a credible analysis that has different conclusions?"

        Most people tend to wait for actual laws before trying to draw conclusions. My point about the linked Geist post is that it is an opinion based on rumor and gossip, rather than reality.

        The reality is that it is never a bad thing for companies to know who their customers are, and to at minimum be required to maintain a user / IP / date time relationship log to make sure that they are aware of who is where.

        What is funny is that there are plenty of scare tactics out there. Consider this:

        http://business.financialpost.com/2011/06/24/canadian-lawful-access-laws-come-at-too-high-a -price-critics-argue/

        A great article, until you realize that they basically quoted only Geist and a guy from Openmedia. Not a single ISP was asked about it, and nobody seems to actually be pointing at the content of the law to show where all the so called spying would occur.

        Worse yet, opposition MPs have taken it one step further, claiming it will allow authorities to have warrantless viewing of all online activity:

        http://www.scribd.com/doc/58583715/Lawful-Access-NDP-MP-Charlie-Angus-Letter-to-Public- Safety-Minister-Vic-Toews

        Yet again, nothing indicated has shown this to be true.

        As for "different conclusion", honestly there are a few people out there (particularly Geist and Open Media's staff) that are so quick to be piling it on in the media that they have buried every other view.

        Nobody (including the writer of this post) actually seems able to point at the sections of the law that create this new spying capability. It's funny as heck to watch them all go around and spew the same talking points generated by a few people scared about having to identify themselves to sign onto the internet.

         

        reply to this | link to this | view in chronology ]

        •  
          icon
          Andy (profile), Feb 23rd, 2012 @ 9:48am

          Re: Re: Re:

          Don't tell me. I know this one. Oh yes..."You have nothing to worry about if you have nothing to hide".

          Yeah, that kind of thinking is what allows out of control governments to get away with this kind of crap.

           

          reply to this | link to this | view in chronology ]

          •  
            identicon
            Anonymous Coward, Feb 23rd, 2012 @ 9:51am

            Re: Re: Re: Re:

            Nice, but not exactly right.

            Internet access isn't a "right" anymore than phone access or driving a car. It is regulated, and in those regulation, it can include provisions to mark, label, or have identification that can be used. Phone numbers, licence plate numbers, an ISP usernames are all on the same level, and should be treated as such.

            So beyond that, can you show the EXACT provisions that suddenly create the widescale spying you seem to be implying is out there? No, pointing to someone else's opinion blog doesn't work. Show us the law... show us where it spells it out.

            Otherwise, it's just FUD - seemingly spread by people intent on being able to keep on pirating!

             

            reply to this | link to this | view in chronology ]

            •  
              icon
              Sneeje (profile), Feb 23rd, 2012 @ 10:04am

              Re: Re: Re: Re: Re:

              Fair enough, but you don't get to make that demand without hypocrisy unless you are willing to adhere to it in principle as well.

              So, can you point to the language in the bill (the bill does exist) that should make us all comfortable these are not issues of concern?

              And please, if your response is going to be: "Not my responsibility, I didn't make the claims" don't bother responding, because you DID claim this is all FUD without actually disproving the claims. Your current line of argument is effectively ad hom by saying the ones who have done the analysis did it wrong (with no evidence to disprove their claims).

               

              reply to this | link to this | view in chronology ]

              •  
                identicon
                Anonymous Coward, Feb 23rd, 2012 @ 10:40am

                Re: Re: Re: Re: Re: Re:

                "So, can you point to the language in the bill (the bill does exist) that should make us all comfortable these are not issues of concern?"

                The laws don't say anything that creates spying, so it's hard to point to anything that will make you feel better.

                I know the laws also don't say they will not harm animals. Perhaps you should lock up your cat.

                 

                reply to this | link to this | view in chronology ]

                •  
                  icon
                  Josh in CharlotteNC (profile), Feb 23rd, 2012 @ 11:16am

                  Re: Re: Re: Re: Re: Re: Re:

                  The laws don't say anything that creates spying,

                  That depends on your definition of "spying" I suppose.

                  The UK plan certainly qualifies under my definition.

                  "The databases would not record the contents of calls, texts or emails but the numbers or email addresses of who they are sent and received by."

                  So they'd be tracking everyone I'd sent emails to, or received email from. Sounds like spying to me.

                   

                  reply to this | link to this | view in chronology ]

                  •  
                    identicon
                    Anonymous Coward, Feb 23rd, 2012 @ 12:00pm

                    Re: Re: Re: Re: Re: Re: Re: Re:

                    I would say that, in reality, would that be any different from the phone company which already tracks every phone call you make?

                    Would that be any different from your cell phone company that knows every call you make?

                    I don't like the UK law, but I am trying to figure out how that reaches the level of spying, unless you consider that your cell phone company has always been spying on you.

                     

                    reply to this | link to this | view in chronology ]

                    •  
                      icon
                      Josh in CharlotteNC (profile), Feb 23rd, 2012 @ 3:13pm

                      Re: Re: Re: Re: Re: Re: Re: Re: Re:

                      Yes, it is different.

                      Phone companies need that info to make the service work. They need it to bill customers, and resolve disputes about a bill. Once that data is no longer useful to the company, it is entirely their choice to discard it or not.

                      I'm not aware of a single ISP, anywhere in the world, that has a "pay-per-email" charge. Many have data charges, but there's no difference to them between sending your boss an email with a 1 MB attachment, or sending an email with the same size attachment to a political organization, activist group, religious (or anti-religious) group, a journalist, a porn site, or to someone you're having an extra-marital affair with. But when the records go to the government, or become public, as many undoubtedly will, there is a serious difference.

                       

                      reply to this | link to this | view in chronology ]

                •  
                  identicon
                  Anonymous Coward, Feb 23rd, 2012 @ 11:17am

                  Re: Re: Re: Re: Re: Re: Re:

                  It is amazing to me how important it is to you to prove to others how smart you are. I pity you even more today.

                   

                  reply to this | link to this | view in chronology ]

                •  
                  icon
                  Sneeje (profile), Feb 23rd, 2012 @ 11:19am

                  Re: Re: Re: Re: Re: Re: Re:

                  I suppose you believed that the Patriot Act was never going to be used for anything other than combating terrorism either, yet 95% of the cases prosecuted under that act have had nothing to do with it. Drugs and fraud: 1,740. Terrorism: 15.

                  Keep being a sheeple I guess.

                   

                  reply to this | link to this | view in chronology ]

            •  
              icon
              silverscarcat (profile), Feb 23rd, 2012 @ 10:08am

              Re: Re: Re: Re: Re:

              *Rolls eyes*

              Back to pirating, 'eh?

              The internet *IS* a right.

              It's a right to information. A right to keep informed.

              And, as much as people like you don't think so, it *IS* the way of life.

              Tell me, do you use ATMs? Credit Cards? Debit Cards? EBT?

              If yes, then you use the internet for a lot of stuff.

              The internet is also used by Fed Ex, UPS, the USPS and other mail companies to track shipments.

              Sad fact is, we're ALL connected to the internet these days.

              You don't think that it's a problem, having the government spying on us? Don't give me that "if you're doing nothing wrong, you got nothing to hide" BS.

              There are people who do stuff that's completely legal online, but wouldn't want others to see what they're doing.

              I mean, hell, for all I know, you like watching hardcore BSDM smut. Is it wrong? No, it's not. But people who aren't into that would see that you like it and get the wrong impression about you.

              THAT is the reason we're against that sort of legislation.

              Not because we're doing something wrong...

              But because other people get the wrong ideas about what we're doing.

               

              reply to this | link to this | view in chronology ]

              •  
                identicon
                Anonymous Coward, Feb 23rd, 2012 @ 10:15am

                Re: Re: Re: Re: Re: Re:

                You are still stuck on the idea of widespread spying by the government on your internet activity. PLEASE SHOW ME WHERE THE LAWS SAY THAT.

                 

                reply to this | link to this | view in chronology ]

                •  
                  identicon
                  Anonymous Coward, Feb 23rd, 2012 @ 10:17am

                  Re: Re: Re: Re: Re: Re: Re:

                  Show us where it doesn't.

                   

                  reply to this | link to this | view in chronology ]

                •  
                  icon
                  silverscarcat (profile), Feb 23rd, 2012 @ 10:21am

                  Re: Re: Re: Re: Re: Re: Re:

                  Alright, fine.

                  "Section 4 would require providers to retain a log of customer IP addresses, linked to "corresponding customer or subscriber information" listed in subsection (c)(2) of 18 USC 2703, for at least a year."

                  "This includes, but is not limited to forcing Internet service providers to keep track of and retain their customers' information -- including their name, address, phone number, credit card numbers and bank account numbers, which many do already as a business practice."

                  Right THERE!

                   

                  reply to this | link to this | view in chronology ]

                  •  
                    identicon
                    Anonymous Coward, Feb 23rd, 2012 @ 10:41am

                    Re: Re: Re: Re: Re: Re: Re: Re:

                    Still not seeing it.

                    An ISP should be able to prove who their customers are, and relate users to IPs at login. I don't see any spying. They would need this information to even have a hope of justifying bandwidth use.

                    Would you care to try again?

                     

                    reply to this | link to this | view in chronology ]

                    •  
                      icon
                      silverscarcat (profile), Feb 23rd, 2012 @ 10:45am

                      Re: Re: Re: Re: Re: Re: Re: Re: Re:

                      *Sigh*

                      Against a complete and utter baka like you, there's no point.

                      There's no point to arguing with you. I'd rather talk to the wall, I get a better conversation out of the wall than I do with you.

                      The fact is, even if you BELIEVE that the government won't use this to spy on you (and they will, go look up cases of the U.S. government spying on people without this kind of law), the fact that it would be put together is a cyber security NIGHTMARE.

                      Not to mention the fact that, you know, your SSN (Social Security Number) out there at times.

                      Gee, I WONDER what people can do with THOSE 9 little numbers.

                       

                      reply to this | link to this | view in chronology ]

                      •  
                        identicon
                        Anonymous Coward, Feb 23rd, 2012 @ 11:46am

                        Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                        Lo mo, ISPs already need that information to be able to bill you for usage.

                        Where is the spying?

                        I am serious. I can see you have some pretty good conspiracy theory raving going on, but really: where is the spying?

                         

                        reply to this | link to this | view in chronology ]

                        •  
                          icon
                          dcee (profile), Feb 23rd, 2012 @ 5:05pm

                          Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                          No, they don't need that. They only need to know how many bites goes down from and to my place to the internet.

                           

                          reply to this | link to this | view in chronology ]

                          •  
                            identicon
                            Anonymous Coward, Feb 24th, 2012 @ 7:17am

                            Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                            Exactly.

                            So what are they doing? They are collecting information as to your logon and logoff times, the IP address, the MAC address and they are matching it up to your user account - just like they have always done anyway.

                            What's the big deal?

                             

                            reply to this | link to this | view in chronology ]

                    •  
                      identicon
                      Anonymous Coward, Feb 23rd, 2012 @ 8:24pm

                      Re: Re: Re: Re: Re: Re: Re: Re: Re:

                      This isn't the ISPs doing it, it is the government. Huge difference. Why do you think the government should be allowed access to this information? Why should they store it for an undetermined amount of time? If you're going to argue against this, at least be honest and truthful about it. Saying it's the ISP and not the government is dishonest.

                       

                      reply to this | link to this | view in chronology ]

            •  
              icon
              Chosen Reject (profile), Feb 23rd, 2012 @ 10:18am

              Re: Re: Re: Re: Re:

              You're not being consistent here. Internet access is a right just as much as I have a right to shop at a department store. I have the right to buy goods and services from Comcast just as much as I have right to buy goods and services from Target. Sure, Comcast needs to know a little bit more about me than Target does (such as the address where service needs to be located) but not that much more.

               

              reply to this | link to this | view in chronology ]

              •  
                identicon
                Anonymous Coward, Feb 23rd, 2012 @ 1:01pm

                Re: Re: Re: Re: Re: Re:

                It's not a right in the manner of free speech as a right. It's very different.

                Consumerism isn't a right per se, except that you have the right to do all the things you list. That is not an issue.

                Comcast does need to know more about you, and the US law as listed only requires them to match up your customer data with your logon activity, which is something they need to do already to prove your bandwidth usage and stuff and relay that to your account.

                There is nothing inconsistant here. Don't confuse your absolute rights (as granted in the constitution) with some "right" to service, which is not granted.

                 

                reply to this | link to this | view in chronology ]

                •  
                  icon
                  Chosen Reject (profile), Feb 23rd, 2012 @ 1:21pm

                  Re: Re: Re: Re: Re: Re: Re:

                  I never mentioned anything about absolute rights, only that being able to have Internet access is just as much of a right as being able have a shirt from Target. In each case I am buying a service/good from the company offering it.

                  As for what data needs to be kept, if the data is no different than what an ISP is already storing, then what's the point of the law. We don't need it. So explain why this law is needed.

                   

                  reply to this | link to this | view in chronology ]

                •  
                  identicon
                  Hop, Feb 24th, 2012 @ 3:26pm

                  Re: Re: Re: Re: Re: Re: Re:

                  Bullshit no new laws.... simple enlough?

                   

                  reply to this | link to this | view in chronology ]

            •  
              identicon
              Devonavar, Feb 23rd, 2012 @ 11:19am

              Re: Re: Re: Re: Re:

              "It is regulated, and in those regulation, it can include provisions to mark, label, or have identification that can be used"

              Incorrect. It is about to be regulated, and there are damn good reasons to allow anonymous access. That's what this whole argument is about. Saying we should accept these regulations because the regulations are already there is ridiculous.

              "an you show the EXACT provisions that suddenly create the widescale spying you seem to be implying is out there"

              This sentence makes no sense. The spying is already out there - there's no need for a law to require spying because it's already happening. This isn't paranoia. This story wouldn't be a story if AT&T didn't help the US government eavesdrop on every text and phone call their network carries: http://www.techdirt.com/articles/20120208/05014817703/canadian-muslim-who-sends-text-urging-his-empl oyees-to-blow-away-competition-arrested-as-terror-suspect.shtml . This kind of mistake simply shouldn't be able to happen, because private texts should be private. Period.

              The situation as it stands - where most of the time personal information is handed over with no oversight - is bad enough. What we should really be lobbying for is to make sure that ISPs aren't allowed to hand over personal information without a warrant.

              The provisions that people are upset about are the ones that require information to be handed over without a warrant. Maybe that's just symbolic because the information gets handed over most of the time anyway, but I'm damned if I'm going to let the problem get worse.

               

              reply to this | link to this | view in chronology ]

              •  
                identicon
                Devonavar, Feb 23rd, 2012 @ 2:59pm

                Re: Re: Re: Re: Re: Re:

                I note that my post with evidence of widespread spying already in existence was not one AC chose to respond to.

                In any case, he was asking for evidence within the bill that allows for widespread spying. I believe Dr. Geist just pointed to it: http://www.michaelgeist.ca/content/view/6335/125/

                Quoting:

                "While the bill includes some detail on surveillance capability requirements, perhaps the most dangerous provision is Section 14, which gives the government a stunning array of powers:

                to order an ISP or telecom provider to install surveillance capabilities "in a manner and within a time" specified by the government
                to order an ISP or telecom provider to install additional equipment to allow for more simultaneous interceptions than is otherwise specified in the law (the government sets a maximum and then can simply ignore its own guidelines)
                to order an ISP or telecom provider to comply with additional confidentiality requirements not otherwise specified in the law
                to order an ISP or telecom provider to meet additional operational requirements not otherwise specified in the law"

                Does this mandate COMPULSORY widespread spying? No, admittedly it does not. I don't think that's what most of us are concerned about, though if that was on the table it would be worse. Like SOPA / PIPA, we're not concerned about the intent of the law. We're concerned about its capacity for abuse.

                This section gives the government / police the POWER to enact compulsory, widespread spying without further legislation. So no, it doesn't require the government to build a spy database. But it does give it the ability to build such a thing, and the government should not have that ability.

                 

                reply to this | link to this | view in chronology ]

                •  
                  identicon
                  Devonavar, Feb 23rd, 2012 @ 3:08pm

                  Re: Re: Re: Re: Re: Re: Re:

                  Following up:

                  Why should we be worried about to government having the ability to implement widespread spying without evidence that it intends to do so (and I would dispute that there is no such evidence)?

                  Because having the ability to do so means they can change their mind and decide to build spynet at any time without public knowledge or debate. And if we're going to go down that road, you'd better believe I want that debated for months in parliament. The time for that debate is right now; if we don't deal with this now, we lose our chance to prevent it in the future.

                  There is a well accepted way in which police are permitted to use powers that may otherwise violate people's rights. It involves warrants, transparency and oversight. We do NOT hand over the ability to violate our rights (to privacy in this case) to the government. That way lies facism.

                   

                  reply to this | link to this | view in chronology ]

              •  
                identicon
                Hop, Feb 24th, 2012 @ 5:29pm

                Re: Re: Re: Re: Re: Re:

                We need secure cell any ideas

                 

                reply to this | link to this | view in chronology ]

            •  
              icon
              Gwiz (profile), Feb 23rd, 2012 @ 1:55pm

              Re: Re: Re: Re: Re:

              Internet access isn't a "right" anymore than phone access or driving a car.

              Not quite. The UN seems to think that internet access is a human right and is pushing for this to be recognized worldwide.

              In countries such as Estonia, France, Finland, Greece and Spain, Internet access has already been made a human right.

              https://en.wikipedia.org/wiki/Right_to_Internet_access

               

              reply to this | link to this | view in chronology ]

              •  
                icon
                silverscarcat (profile), Feb 23rd, 2012 @ 2:25pm

                Re: Re: Re: Re: Re: Re:

                Only reason people think that driving a car isn't a right is because they've been mistakenly informed by police for years that driving is a privilege, not a right.

                When in fact, the U.S. Supreme Court has ruled, in several cases that you do not NEED a license or anything to drive down the road, so long as you are not violating anyone's safety.

                http://thecountyguard.org/right-2-drive-1.html

                 

                reply to this | link to this | view in chronology ]

        •  
          icon
          DOlz (profile), Feb 23rd, 2012 @ 10:12am

          Re: Re: Re:

          "Most people tend to wait for actual laws before trying to draw conclusions."

          And;

          Most people tend to drink bleach before seeing if it's dangerous.

          Most people tend to speed on icy roads before seeing if they will crash.

          Most people tend to (add your own ridiculous example)

          Sorry but the time to discuss and point out potential problems with legislation is while its being formed, not after its written and enacted.

           

          reply to this | link to this | view in chronology ]

          •  
            identicon
            Anonymous Coward, Feb 23rd, 2012 @ 10:17am

            Re: Re: Re: Re:

            Wow, what a bunch of mis-statements.

            What Geist did was publish a piece BEFORE the legislation was introduced, and claim a bunch of things that turned out not to be true (and he came back and corrected at least one of them, the data points collected).

            Basically, it would have been better if he has waited for the law to be introduced, and then criticize it.

            If you like drinking bleach, that is your problem. That isn't the issue here.

             

            reply to this | link to this | view in chronology ]

            •  
              identicon
              Anonymous Coward, Feb 23rd, 2012 @ 10:19am

              Re: Re: Re: Re: Re:

              Geists article is from Jan 12, whereas the bill came out of committee last fall, and even the CBO used it to estimate costs, so... sounds like you're making stuff up.

               

              reply to this | link to this | view in chronology ]

              •  
                identicon
                Anonymous Coward, Feb 23rd, 2012 @ 10:47am

                Re: Re: Re: Re: Re: Re:

                No, clearly Geist made mistakes in his article (he corrected one). In Canada, the "committee" deal isn't binding like the US.

                Perhaps you need to learn more about how their political and legislative system works.

                 

                reply to this | link to this | view in chronology ]

                •  
                  identicon
                  Anonymous Coward, Feb 23rd, 2012 @ 11:24am

                  Re: Re: Re: Re: Re: Re: Re:

                  And you've shown nothing, the post was about US, Canada, and UK. Even if one grants the Canadian version is not a problem (I don't), sounds like the US and UK versions are still problematic.

                  I love people like you that appear to assume that there are no unintended consequences of legislation--that it will be used exactly as intended. Sneeje was right--you're one of the sheeple.

                   

                  reply to this | link to this | view in chronology ]

                •  
                  identicon
                  ucanhaz, Feb 23rd, 2012 @ 8:48pm

                  Re: Re: Re: Re: Re: Re: Re:

                  perhaps you can respond to the points you previously argued, that have been rebutted.

                  You said "What Geist did was publish a piece BEFORE the legislation was introduced, and ..."

                  AC said "Geists article is from Jan 12, whereas the bill came out of committee last fall, and even the CBO used it to estimate costs, so... "

                  You then ignored the above and started a new fail tangent..

                  Do you really expect to sway others with your inconsistent rants?

                   

                  reply to this | link to this | view in chronology ]

            •  
              icon
              DOlz (profile), Feb 23rd, 2012 @ 10:39am

              Re: Re: Re: Re: Re:

              "Basically, it would have been better if he has waited for the law to be introduced, and then criticize it."

              Did you read and comprehend my last statement?

              "Sorry but the time to discuss and point out potential problems with legislation is while its being formed, not after its written and enacted."

              Once a bill is introduced most of the work of writing it is done. It might get tweaked or killed, but it is almost never completely rewritten to address concerns that weren't addressed earlier.

               

              reply to this | link to this | view in chronology ]

            •  
              identicon
              Howard the Duck, Feb 23rd, 2012 @ 10:45am

              Re: Re: Re: Re: Re:

              *sound of crickets

               

              reply to this | link to this | view in chronology ]

        •  
          identicon
          Devonavar, Feb 23rd, 2012 @ 11:01am

          Re: Re: Re:

          "The reality is that it is never a bad thing for companies to know who their customers are"

          Maybe not from the point of view of the company. From the customer's point of view - sorry, your statement is patently false. There are companies that I trust to know stuff about me, and companies that can't do business without knowing things about me, but the choice to give them that information should be mine.

          I absolutely DO NOT want my grocery store to know who I am every time I show up. I CERTAINLY don't want Target (for example) to know who I am. I put up with the fact that the pros of giving my e-mail to Google outweighs the cons, but the fact that they know a lot about me is NOT universally a good thing.

           

          reply to this | link to this | view in chronology ]

        •  
          icon
          tracker1 (profile), Feb 23rd, 2012 @ 12:10pm

          An IP is *NOT* a person...

          It could be someone parked outside your house, or across the street using your wifi. Especially if you have kids (a lot of handheld game systems use WEP which is easily cracked).

          For the most part, it's of very little to try to log more than what IP at a given time was assigned to which account...

           

          reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 23rd, 2012 @ 2:16pm

          Re: Re: Re:

          the linked Geist post is that it is an opinion based on rumor and gossip, rather than reality.


          Sure, if you call Bills C-50, 51, and 52 "rumor and gossip", and then ignore the fact that the bill has already been introduced, and Geist was correct.

          Honestly, if you're going to lie, why don't you at least try to make it convincing?

           

          reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 23rd, 2012 @ 8:17pm

          Re: Re: Re:

          Most people tend to wait for actual laws before trying to draw conclusions. My point about the linked Geist post is that it is an opinion based on rumor and gossip, rather than reality.

          Most people are sheeple that think they can get a bad law repealed after it's already been passed. You seem to be one of these people. Are you afraid to stand up for your rights when it is still possible to do so? Or are you afraid to stand up for what is right? Apparently you think your rhetoric is the deciding vote, here.

          Now, if you weren't such a troll, you'd already know to look for these things.

          http://www.washingtonpost.com/blogs/blogpost/post/canada-uk-web-surveillance-plans-not-go ing-over-well-with-users/2012/02/21/gIQAyOhFRR_blog.html

          en.wikipedia.org/wiki/Protecting_Childre n_from_Internet_Pornographers_Act_of_2011

           

          reply to this | link to this | view in chronology ]

        •  
          identicon
          Another Anonymous Coward, Feb 24th, 2012 @ 6:18am

          Re: Re: Re:

          Most people tend to wait for actual laws before trying to draw conclusions.

          Which is akin to jumping off a cliff and then start to figure out if was a good idea in the first place.

           

          reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 23rd, 2012 @ 2:20pm

        Re: Re:

        you failed to explain how anything said here or on Mr. Geist's post is inaccurate.


        Ahem - that's Dr. Geist. He didn't go to medical school to be called "Mister"*




        *(rebuttal: he's not a medical doctor, he didn't go to medical school at all!")

        (re-rebuttal: Right, that's what I said - "he didn't go to medical school!")

         

        reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 23rd, 2012 @ 9:18am

      Re:

      Politicians defeat themselves through unabashed fear mongering.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      Chosen Reject (profile), Feb 23rd, 2012 @ 10:30am

      Re:

      I'm struggling to figure out if you read the article, missed the point of the article, or are deliberately trying to misdirect people's attention. Whether or not what Geist wrote about the Canadian bill was absolute gospel truth is orthogonal to the rest of the article. This is especially true since the article refers to not just the Canadian bill, and not just North American bills that are related, but to even a third bill in the UK. It's not the details that matter to the point of the article, it's the direction these bills are moving society that this article deals with. Geist very well might have messed up on the details, and maybe the C-30 bill is really about providing unicorns and rainbows to all Canadians, but you'd still be left standing with the bills in the US and the UK.

      tl;dr version: You missed the point and defeated yourself in your first sentence and it only went down hill from there.

      0/10

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    :Lobo Santo (profile), Feb 23rd, 2012 @ 9:10am

    ...

    It is governments' incompetence which saves us from their malevolence.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    orbitalinsertion (profile), Feb 23rd, 2012 @ 9:12am

    But there is no database!

    That's what they are saying, but we know how this story goes already.

    Myth: Police and telecommunications service providers will now be required to maintain databases with information collected on Canadians.

    Fact: This proposed legislation will not require either police or telecommunications service providers to create databases with information collected on Canadians.


    via http://freethoughtblogs.com/lousycanuck/2012/02/23/anonymous-turns-their-attention-to-canadas-intern et-snooping-bill-and-vic-toews/

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Devonavar, Feb 23rd, 2012 @ 9:27am

      Re: But there is no database!

      Yeah, I got that talking point from Vic Toews too.

      The legislation doesn't need to legislate the creation of the database. I'm sure it already exists. Police don't seem to need any further motivation to track us.

      The legislation is about the extent to which they are allowed to populate it without oversight. Given that ISPs already comply with 95% of requests, it seems likely that much of this information is already out there.

      Long story short: Stopping the legislation isn't going to solve the underyling problem. But it will prevent it from getting even worse.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 23rd, 2012 @ 9:49am

        Re: Re: But there is no database!

        The issue is that many ISPs don't require customer logins (say via PPEoE or similar protocols) to access the internet. That means that some people have to log in, some people just have an active internet line.

        There is no indication anywhere that widescale spying on Canadians would occur, nor any indication that data would be collected and forward to the government.

        Plenty of scare mongering going on, not a whole lot of proof. Guys like Geist seem to be intent on making fools out of themselves on this sort of issue.

         

        reply to this | link to this | view in chronology ]

        •  
          icon
          dcee (profile), Feb 23rd, 2012 @ 5:08pm

          Re: Re: Re: But there is no database!

          Yes, defending the right to privacy when I'm in my home is so a fool's errand.

           

          reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 23rd, 2012 @ 8:49pm

          Re: Re: Re: But there is no database!

          Cable doesn't require a login, but it requires a cable modem with a MAC address that they track through the provisioning process. They know when a certain customer is connected and not, so a login isn't actually needed. Please try to understand the technology.

           

          reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 23rd, 2012 @ 9:02pm

          Re: Re: Re: But there is no database!

          Oh, and you forgot that the US bill wouldn't need to spy on Canadians. Toews has already introduced legislation for that. Why can't you seem to keep up?

           

          reply to this | link to this | view in chronology ]

    •  
      icon
      awbMaven (profile), Feb 23rd, 2012 @ 9:32am

      Re: But there is no database!

      "Fact: This proposed legislation will not require either police or telecommunications service providers to create databases with information collected on Canadians."

      They probably have the databases created already, hence they won't have to create one, just fill the one(s) they have already up with data.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      Hulser (profile), Feb 23rd, 2012 @ 9:32am

      Re: But there is no database!

      Fact: This proposed legislation will not require either police or telecommunications service providers to create databases with information collected on Canadians.

      This could still be a fact if...

      1) The database already exists. "We said that we wouldn't *create* a database; we didn't say that if we already had one, we couldn't use it to store these data."

      2) It's not a database. "That's not a 'database', silly. We're storing all the data in an Excel file that Stan keep on his laptop. Stan is a good guy. He hardly ever forgets his laptop behind at the coffee shop."

      3) The law stipulates that other parties have to collect the data and turn it over to the police. "Well, we can't trust the ISPs to collect this data because they're so obsessed with 'customer privacy' or some such nonsense, so we have to make the ISPs pay for a whole new category of company to log the data for them. Which of course means that they need to have access to all of the ISPs systems. And this totally isn't because we're trying to weasel out of our earlier promise. We're doing this for you!"

      4) They're not "Canadians". "No no no, I can see where you'd think that we mean no Canadians would have their activity logged and turned over to the police. That's an easy mistake to make. What we meant, of course, is that we get to track all activity of all Internet traffic that comes through Canada. If the traffic just so happens to be by Canadians, then that's not our fault."

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 23rd, 2012 @ 9:42am

        Re: Re: But there is no database!

        I am sorry to burst your bubble but...

        it is very easy to make "one way" data loggers, machines that receive incoming data for storage, but are not themselves attached in any way to the internet. One of the major flaws of any argument against being aware of which customers are actually online, using a given IP is that most ISPs have to do it anyway. If anything, moving to a more secure "one way" system would effectively improve privacy over current systems.

        No, they wouldn't put it on a laptop (are you stupid?)

        The rest of your rant is a rant. Congrats, really about 3/10

         

        reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 23rd, 2012 @ 9:53am

          Re: Re: Re: But there is no database!

          Yeah, like the PSP passwords, totally safe.

           

          reply to this | link to this | view in chronology ]

          •  
            identicon
            Anonymous Coward, Feb 23rd, 2012 @ 10:03am

            Re: Re: Re: Re: But there is no database!

            Not getting it.

             

            reply to this | link to this | view in chronology ]

            •  
              identicon
              Anonymous Coward, Feb 23rd, 2012 @ 10:08am

              Re: Re: Re: Re: Re: But there is no database!

              I knew that. That's why I was being sarcastic.

              Nothing is foolproof, nothing made by humans will be perfect. People working for ISP's can be suborned or bribed for copies, protocols or tap feeds even to 'one way' data channels.

              Sony's PSP security failures & Data breaches of passwords and CC info should be a warning to anyone making this kind of call that it is a BAD idea.

               

              reply to this | link to this | view in chronology ]

            •  
              icon
              Sneeje (profile), Feb 23rd, 2012 @ 10:08am

              Re: Re: Re: Re: Re: But there is no database!

              Ugh, I hate it when people post as if they know, when they really don't. Your assertion "not themselves attached in any way" if utterly false. The equipment of which you speak MUST be connected in some way to receive the data stream.

              What you may not understand or could not articulate is that they do so often using mechanisms that typically internet connected machines do not. While they may not use NICs or receive IP addresses or have MAC addresses, they are, and have been proven to be, capable of being compromised by those with the right knowledge and skills just like any other networking technology.

               

              reply to this | link to this | view in chronology ]

              •  
                identicon
                Anonymous Coward, Feb 23rd, 2012 @ 10:45am

                Re: Re: Re: Re: Re: Re: But there is no database!

                Sneeje, let's look at it.

                A machine that is connected only to the secondary port of a server (not via the "hot" internet side), and which only accepts connections on a single given port, and only processes those requests on an incoming basis. No web server, no SSH connections, no FTP... with the data written to a completely offline data storage device, with no native ability for the logging machine to read it back.

                It's pretty basic.

                Can it be "hacked". Sure. Someone can walk up and steal the hard drives or the data storage device used.

                Now, considering that all it would have on it would be a userID, login time, IP address, perhaps MAC address... and NOTHING ELSE, what is the issue?

                Remember, your ISP already has your customer information in a database, and it is almost certainly online. What are we adding here, exactly, that has you so hyped up?

                 

                reply to this | link to this | view in chronology ]

                •  
                  identicon
                  Anonymous Coward, Feb 23rd, 2012 @ 11:39am

                  Re: Re: Re: Re: Re: Re: Re: But there is no database!

                  So... you think that ISPs are actually going to do it this way? Show me in the law where this level of security is required. I think the extreme frequency of hacking incidents (which almost always reveal some silly rookie mistake or oversight) being reported in the media today show that companies (even companies that you would think would be really good at IT) drop the ball on this kind of security all the time.

                  It's really not "pretty basic."

                   

                  reply to this | link to this | view in chronology ]

                  •  
                    identicon
                    Anonymous Coward, Feb 23rd, 2012 @ 12:03pm

                    Re: Re: Re: Re: Re: Re: Re: Re: But there is no database!

                    It is remarkably basic. I was giving someone and example of what can be done to create very secure logging systems.

                    Now, the US law (and the canadian variation) appear only to require the ISPs to retain the types of information they should already been keeping, and to keep it in an organized in some sort of fashion that allows log in and log off times (and IPs) to be more easily related to actual customer accounts.

                    Heck, you could encrypt it all on the fly, with no issues. Without the key, even a hacker couldn't do much with it.

                    Remember: your isp currently has your payment method on record. Is there a reason why it wasn't hackable yesterday but is suddenly hackable today?

                     

                    reply to this | link to this | view in chronology ]

                    •  
                      icon
                      Sneeje (profile), Feb 23rd, 2012 @ 12:57pm

                      Re: Re: Re: Re: Re: Re: Re: Re: Re: But there is no database!

                      I get all the technologies involved, but e-voting machines have asserted for years that they are secure and they are clearly not.

                      Regardless, let's see if we can summarize the arguments:

                      a) The logging can be made so secure there will be limited to no risk
                      b) The logging does not include anything the ISPs don't already have
                      c) The data will only be narrowly used for the purposes intended.

                      I just can't sign on to any of those. History has shown that you're much better off limiting the storage of information and creating resilience in your dependence on that information, than relying on security to protect it. Regarding b) either there is no difference between the information they have today (in which case the legislation is unnecessary) or they are increasing the risk by creating more instances of the information available for compromise. In addition, the information the ISP has today, you have some control over, whereas the legislated logs you would not.

                      Regarding c), well, I just don't see how you can look at the history (even recent) of laws and how they are used, look at human nature, and claim that laws won't be perverted for unintended use.

                       

                      reply to this | link to this | view in chronology ]

                    •  
                      icon
                      silverscarcat (profile), Feb 23rd, 2012 @ 1:08pm

                      Re: Re: Re: Re: Re: Re: Re: Re: Re: But there is no database!

                      "Remember: your isp currently has your payment method on record. Is there a reason why it wasn't hackable yesterday but is suddenly hackable today?"

                      It's not.

                      But, do you want to make it easier for hackers and identity thieves or harder?

                       

                      reply to this | link to this | view in chronology ]

                      •  
                        identicon
                        Anonymous Coward, Feb 24th, 2012 @ 7:17am

                        Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: But there is no database!

                        Since we aren't changing anything, we aren't making it any easier for them.

                        Not following the logic on this one. The information is already all there. Why are you so concerned all of a sudden?

                         

                        reply to this | link to this | view in chronology ]

                        •  
                          icon
                          Sneeje (profile), Feb 24th, 2012 @ 10:46am

                          Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: But there is no database!

                          Then why is the legislation even necessary?

                           

                          reply to this | link to this | view in chronology ]

                        •  
                          icon
                          silverscarcat (profile), Feb 25th, 2012 @ 7:11pm

                          Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: But there is no database!

                          It's obvious to me now that you're being obtuse for no reason other than to be difficult.

                          It's pointless to argue with you because you're just a child going "why?" to every answer.

                           

                          reply to this | link to this | view in chronology ]

        •  
          icon
          ltlw0lf (profile), Feb 23rd, 2012 @ 10:04am

          Re: Re: Re: But there is no database!

          No, they wouldn't put it on a laptop (are you stupid?)

          How do you know? I've been around long enough to know that the stupidest way to do something is likely the way the government will do something. And my personal information has been lost on a couple of government and contractor laptops, as well as a few missing external hard-drives and tapes carried back and forth in people's personal vehicles. And I only know this because California law which requires them to tell me.

           

          reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 23rd, 2012 @ 10:13am

          Re: Re: Re: But there is no database!

          i am sorry to burst your bubble but should i remind you that sony was hacked and lots of information was stolen?

           

          reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 23rd, 2012 @ 10:31am

          Re: Re: Re: But there is no database!

          it is very easy to make "one way" data loggers, machines that receive incoming data for storage, but are not themselves attached in any way to the internet.

          First, if they're not connected in some fashion -- even via a serial port -- then they are incapable of receiving incoming log data.

          Second, most putatively one-way data logging systems aren't.

          Third, obviously someone would need to hold the decryption keys for these, else the information is forever useless. If it's one key across all devices, then when (not if) that key is known, we're looking at a class breach. If it's many keys (say, one per device) then the holders of the keys have a key management problem that they are unlikely to solve adequately.

          Fourth, there is no evidence that governments (or their contractors/vendors) can handle such information securely. In fact, we have a mountain of evidence suggesting that they cannot, including recent incidents involving Nortel, Symantec, Verisign, Stratfor...and oh, by the way, a bunch of US government agencies are still infested with DNSchanger. (Is there anyone foolish enough to think that this is the ONLY piece of malware running rampant through US government computers? Or that those of other governments are immune?)

          And even if we presume -- against everything history has taught us, against all the evidence stacked in front of us -- that the data collection process is absolutely secure...someone, somewhere, somehow in a law enforcement role will need to decrypt it to actually use it. And it is at that point that it's complete vulnerable.
          And YES they are quite, quite stupid enough to put it on a laptop and lose it. Go google "government laptop lost" and "government laptop stolen" and start reading the entries. It's a parade, and it's ongoing. (If you don't want to google, start with FBI lost 160 laptops in last 44 months and consider that it's unlikely they even KNOW all the systems they've lost.

          The point you're missing is that while it may be preferable (to an attacker) to steal this information at the collection point (and it WILL be stolen there), it's not necessary. It's probably much easier to wait for a government agency to harvest it and then just steal it from them.

           

          reply to this | link to this | view in chronology ]

        •  
          icon
          Hulser (profile), Feb 23rd, 2012 @ 11:32am

          Re: Re: Re: But there is no database!

          I am sorry to burst your bubble but...

          Burst my bubble? Are you sure you replied to the right post? My post was about how politicians can say one thing and, through weasel words, mean something completely different. It had nothing to do with the specifics of how data loggers work, one way or otherwise.

           

          reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 23rd, 2012 @ 2:25pm

          Re: Re: Re: But there is no database!

          it is very easy to make "one way" data loggers, machines that receive incoming data for storage, but are not themselves attached in any way to the internet.


          But not nearly as easy as it is to just log it on a machine that *is* connected to the internet, especially when it turns out that in order to be useful, someone needs to actually access that machine.

          No, they wouldn't put it on a laptop (are you stupid?)


          Why not? Considering that the law explicitly forgives any data breaches why wouldn't they use the cheapest method they can?

          Are *you* stupid?

           

          reply to this | link to this | view in chronology ]

      •  
        identicon
        Rich Kulawiec, Feb 23rd, 2012 @ 9:46am

        Re: Re: But there is no database!

        I wouldn't be at all surprised to find that a bit of rhetorical sleight-of-hand (more plainly: outright lying) is going on here -- so I think your comments are, unfortunately, cynical enough to be true.

        As a general comment, not specifically directed as a response:

        I wrote the piece the way I did, focusing on where these bills are going (rather than where they are) because it's plainly obvious to everyone that each new piece of legislation overreaches its predecessors: that is, if Bill #6 suggests logging email sender/recipient/timestamp, then eventually Bill #8 will come along and suggest adding the subject and the attachment types, and then Bill #11 will suggest including full message content. At no point in this progression have we seen any contraction of scope, only expansion. It's therefore not only reasonable to presume this will continue, it's be foolish not to.

        And that in turn is why I deliberately didn't focus on the details of the current bills: they really don't matter much. Because next week or next month there will be another, and it will encompass more...always more.

         

        reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 23rd, 2012 @ 10:00am

          Re: Re: Re: But there is no database!

          Rich, let's address you main point:

          You say these laws will not stop illegal activity. Are you understanding that stopping it is not the point?

          The point is in a room of 100 people, if you can identify the 97 who are completely innocent, you can spend your time looking at the last 3. Requiring ISPs to keep logs of customer logins, IPs, and simple stuff like that (not actual surfing history) is a step to help you know which of the 100 people are in the 97, and which are the last 3 you need to spend time looking at.

          Further, by setting standards by which this data is collected and made available, the law makes the first step much easier on law enforcement, and would let them focus on the potential criminals instead of the truly innocent citizens. One less step to take to court for no reason (as the courts will almost always approve the request), and no more dealing with ISPs with incomplete records or who willfully do not collect such data.

          When you eliminate all the non-criminals from their view, law enforcement can do a better job of looking at those who are actual potential criminals.

          For me, it is no different than a license plate on a car. Clearly a car without a plate would stand out like a sore thumb, and makes it easy for law enforcement to focus on it. Combining the plate with a registry allows them to assure that your plate is up to date, that it is the right car, etc, and allows them to better track stolen cars and such.

          It isn't perfect - but again, it is a system that eliminated most of us from ever having to worry about getting randomly stopped to see our registration.

          I cannot see any true expansion of scope, rather an attempt to make ISPs (in Canada) to work in a similar manner, and to make needed information available on a timely basis and in a manner that does not intentionally hide potential criminals.

           

          reply to this | link to this | view in chronology ]

          •  
            icon
            Chosen Reject (profile), Feb 23rd, 2012 @ 10:39am

            Re: Re: Re: Re: But there is no database!

            And in the time you spent looking at the 97 innocent you also found out that innocent number 57 likes gay porn, innocent number 35 has a drinking problem, and innocent number 73 doesn't vote the way you like and also happens to be your subordinate. Also, during the time you were looking at the 97 innocent, the three guilty were left alone to do as they please, giving them more time to commit their crimes and to cover them up. Cover them up you say? Well of course, burying your needle crimes in the haystack that is the data pile of the innocents is a cover up of sorts.

             

            reply to this | link to this | view in chronology ]

          •  
            icon
            Chris-Mouse (profile), Feb 23rd, 2012 @ 10:49am

            Re: Re: Re: Re: But there is no database!

            The point is in a room of 100 people, if you can identify the 97 who are completely innocent, you can spend your time looking at the last 3. Requiring ISPs to keep logs of customer logins, IPs, and simple stuff like that (not actual surfing history) is a step to help you know which of the 100 people are in the 97, and which are the last 3 you need to spend time looking at.

            um no. It does not. Knowing that someone connected to the internet, and used a given IP number at the time does not in any way help narrow down who is and is not a criminal. Not unless you're willing to assume that simply connecting to the internet is an indication of criminal activity.

            Further, by setting standards by which this data is collected and made available, the law makes the first step much easier on law enforcement, and would let them focus on the potential criminals instead of the truly innocent citizens. One less step to take to court for no reason (as the courts will almost always approve the request), and no more dealing with ISPs with incomplete records or who willfully do not collect such data.

            Setting standards does nothing to help when the very data covered by those standards does nothing to help determine whether or not further scrutiny is required.

            I cannot see any true expansion of scope, rather an attempt to make ISPs (in Canada) to work in a similar manner, and to make needed information available on a timely basis and in a manner that does not intentionally hide potential criminals.

            Giving law enforcement officers additional authority is by definition an expansion of scope. The questions that need to be asked are "Is this expansion needed?" and "will this expansion help?" The number of recent news stories about arrests for online criminal activities would seem to indicate that the police are doing just fine without this extra help. The number of cases of mistaken analysis of the data they already have would seem to indicate that what law enforcement needs is better ability to analyze the data it already has, not more data to make that analysis problem even worse.

             

            reply to this | link to this | view in chronology ]

          •  
            identicon
            Rich Kulawiec, Feb 23rd, 2012 @ 10:52am

            Re: Re: Re: Re: But there is no database!

            First, you're making the thoroughly-discredited "if you're innocent then you have nothing to fear" argument. It's been completely rebutted elsewhere, so I'll just quote the wise words of Cardinal Richelieu as a reminder: "If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged.

            Second, you're making the very mistake that I covered in the last paragraph: you're making "the logs say X" equal to "X is true". It's not. It's not even remotely close.

            Third, you're presuming that criminals and terrorists are stupid. They're not. (Well, some are, but not all.) The ones with any sense at all will not be caught by the process you outline. The few who lack that sense will quickly become object lessons in what-not-to-do and the remainder will adapt. This adaption, this evolution, will happen at lightning speed compared to the glacially slow pace of government entities. (Note that I really should be writing part of this in the past tense, as they've already adapted and are using the best technology they can get their hands on. Of course they are: they would prefer not to get caught.)

            Fourth, even if we accept your argument, it won't work. You have failed to consider the massive, systemic impact of botnets. I've got a second piece that I'm working on that shows that it's trivially easy to use these to frame anyone for anything. I could use the very measure you're supporting in your comment to have you convicted of child pornography, terrorism support, Justin Bieber appreciation, etc. without bothering to get out of my chair.

            Far-fetched, you say? Yeah. That's what Julie Amero thought too. But thanks to the incredible cluelessness of law enforcement, prosecutors, judges, press and public, it's really not far-fetched at all. What we see here (in toto, across all these efforts) are government entities that haven't got the slightest idea how to correctly use the information they already have...and instead of fixing that problem by (gasp!) learning, their answer is to double down and collect more.

             

            reply to this | link to this | view in chronology ]

            •  
              identicon
              Anonymous Coward, Feb 23rd, 2012 @ 12:31pm

              Re: Re: Re: Re: Re: But there is no database!

              "First, you're making the thoroughly-discredited "if you're innocent then you have nothing to fear" argument. It's been completely rebutted elsewhere, so I'll just quote the wise words of Cardinal Richelieu as a reminder: "If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged."

              Sorry, but I am not making that argument. Any time the police are looking at any group of people closely, you should be concerned. Added police attention for anyone is a bad thing. Nobody likes it, nobody wants it.

              The point is this is exactly the sort of law to CUT DOWN on the police looking at innocent people.

              "Second, you're making the very mistake that I covered in the last paragraph: you're making "the logs say X" equal to "X is true". It's not. It's not even remotely close."

              No, I am saying that, if the logging system is found to be accurate and secure, then what it says is considered accurate for a court of law. It would be no different from keycode access to a building or your PIN code on your cash machine card. It's not infallible, but you have to go a long way to get around it, once found credible by the courts.

              "Third, you're presuming that criminals and terrorists are stupid. "

              I am not making that assumption at all. What I am assuming is only that there are actions that people trying to hide themselves online will take that ordinary people will not take. Trying hard to hide is actually very hard to do. More importantly, their actions is unlikely to appear the same as the generally innocent people, which makes them show up even more. It gets back to the "one car without a plate". If someone is trying to sneak around online without being logged in, or by using secret routing protocols to move their stuff, they will stand out, sooner or later.

              "Fourth, even if we accept your argument, it won't work. You have failed to consider the massive, systemic impact of botnets. I've got a second piece that I'm working on that shows that it's trivially easy to use these to frame anyone for anything."

              The answer here is "yes, but". The infections rates of modern operating systems is very low (Microsoft reports that Windows 7 computers are about 80-90% less likely to be hit than XP machines, example), and that common use of spyware removal software and such as changed the tide on this thing.

              Funny enough, it seems these days that the most common path for botnet infections is via "pirated" software, including nasty hooks or other things in with the keygen or patch files.

              Most drive by infections depend on people using out of date operating systems (usually pirated, cracked, or other), and not using up to date anti-virus tools. Botnets are NOT very good when it comes to making any single computer do anything, the amount of effort required to infect a specific machine and to them command and control that single machine is just too high.

              As for the Amero case, it's like any groundbreaking case - the technology to track the problem was NOT up to the abilities online. The school used out of date and unregistered software, the investigators didn't do a very good job, and the defense attorney seemed to have done a horrible job in refuting the evidence.

              The important issue here in the end is that they aren't going to "double down and collect more" information, this is all information that the ISPs already collect - just connected together in a manner that makes sorting through it easier.

              I understand you fears, but you need to get past the idea that they are suddenly going to by spying on everyone. It's just not supported by the facts.

               

              reply to this | link to this | view in chronology ]

              •  
                identicon
                Rich Kulawiec, Feb 24th, 2012 @ 5:02am

                Re: Re: Re: Re: Re: Re: But there is no database!

                I'm not going to point out all the errors in your response, just some of the more glaring ones. There are simply too many misconceptions and misunderstandings of basic principles here to bother dealing with all of them.


                The point is this is exactly the sort of law to CUT DOWN on the police looking at innocent people.


                ...by looking at everyone. That's not only a massive invasion of privacy, it's a very, very stupid policing strategy.

                No, I am saying that, if the logging system is found to be accurate and secure, then what it says is considered accurate for a court of law.

                The logging system is not and will not be accurate and secure. I'm sure that many people -- particularly those who stand to personally profit or who have political agendas to advance -- will say that those systems are accurate and secure, but of course anyone with even minimal security clue knows that's not only wrong, but laughably wrong.

                What I am assuming is only that there are actions that people trying to hide themselves online will take that ordinary people will not take.

                You're now equating a desire for privacy with criminal intent.

                The answer here is "yes, but". The infections rates of modern operating systems is very low[...]

                That's not even good enough to be wrong. The number of compromised systems on the Internet is on the order of "hundreds of millions" and still increasing. How can you possibly participate in this discussion and not know that?

                Botnets are NOT very good when it comes to making any single computer do anything,

                You're kidding, right?

                As for the Amero case, it's like any groundbreaking case - the technology to track the problem was NOT up to the abilities online.

                Nonsense. The required technology was well-known and well-understood YEARS before that case came along. The problem was that the incompetent people involved didn't use it, and that grandstanding politicians didn't want to listen to the people who actually do.

                 

                reply to this | link to this | view in chronology ]

                •  
                  identicon
                  Anonymous Coward, Feb 24th, 2012 @ 7:20am

                  Re: Re: Re: Re: Re: Re: Re: But there is no database!

                  "The logging system is not and will not be accurate and secure. I'm sure that many people -- particularly those who stand to personally profit or who have political agendas to advance -- will say that those systems are accurate and secure, but of course anyone with even minimal security clue knows that's not only wrong, but laughably wrong."

                  So what you are saying is that all billing systems used by ISPs are inaccurate and wrong, and they are incapable of the simpliest tasks of logging when you connect and when you disconnect from the internet, what MAC address asked for the IP, and what IP was used?

                  Wow. ISPs are truly incompetent. Better shut them all down for being too stupid to operate a business.

                  You realize how stupid your point sounds, right?

                  " The required technology was well-known and well-understood YEARS before that case came along. "

                  So why didn't the defense bring anyone in? What happened here that made it impossible for the defense to show how stupid the other side was? How come it took years to appeal? I am guessing it wasn't all that common at the time (it's a long time ago!)

                   

                  reply to this | link to this | view in chronology ]

                  •  
                    identicon
                    Anonymous Coward, Feb 24th, 2012 @ 8:36am

                    Re: Re: Re: Re: Re: Re: Re: Re: But there is no database!

                    American ISP and telcos are not known for their accurate billing systems.

                     

                    reply to this | link to this | view in chronology ]

                  •  
                    identicon
                    Anonymous Coward, Feb 24th, 2012 @ 8:39am

                    Re: Re: Re: Re: Re: Re: Re: Re: But there is no database!

                    "So what you are saying is that all billing systems used by ISPs are inaccurate and wrong, and they are incapable of the simpliest tasks of logging when you connect and when you disconnect from the internet, what MAC address asked for the IP, and what IP was used?"

                    Do you have an account with any type of caps in it?
                    If you are not watching what you use with what the company says you are using you probably are being robbed blind.

                     

                    reply to this | link to this | view in chronology ]

                  •  
                    identicon
                    Rich Kulawiec, Feb 29th, 2012 @ 9:09am

                    Re: Re: Re: Re: Re: Re: Re: Re: But there is no database!

                    So what you are saying is that all billing systems used by ISPs are inaccurate and wrong, and they are incapable of the simpliest tasks of logging when you connect and when you disconnect from the internet, what MAC address asked for the IP, and what IP was used?

                    Of course they're quite inaccurate and wrong. (Have you ever worked for an ISP? One of substantial size? I've worked for/consulted to several.) When this has no consequences or results in minor under/overcharges, it's annoying but not particularly serious -- which is why it's not been deemed worth the investment to make it accurate and secure. Pretending that they are such, doubly so when police actions like "issuing warrants" and "executing warrants" can results from them, is folly.

                    So why didn't the defense bring anyone in?

                    You would have to ask defense counsel that, not me. However, if you perform even perfunctory research on the Amero case, you will find that plenty of security experts weighed in on the point and noted that the prosecution's case was utter nonsense.

                     

                    reply to this | link to this | view in chronology ]

          •  
            identicon
            Hop, Feb 24th, 2012 @ 5:14pm

            Re: Re: Re: Re: But there is no database!

            forget that keep your laws to yourself bitch!!!

             

            reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 23rd, 2012 @ 5:16pm

      Re: But there is no database!

      That might be so, but it'd be significantly costlier to build a robot that will print out all the data and put it in the appropriate filing cabinet. A database is one of the most cost effective ways to do it and ISPs probably already have some logging with a database in place for IP addresses and account numbers.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 27th, 2012 @ 1:56am

      Re: But there is no database!

      key word is REQUIRE. no, police will not be required to make a database. but if they are allowed to do so by their own ambition, they can, if they wish. and why the hell wouldn't they if they are allowed...

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    Hulser (profile), Feb 23rd, 2012 @ 9:13am

    Secret

    They're not very likely to be caught by any of the measures in these bills because they'll (a) read the text and (b) evade the enumerated measures.

    Careful Rich, you're libel to be referenced by lawmakers as an expert in favor of keeping the details of this law secret. "Well, we can't just let the bad guys know what we're logging, so it *has* to be secret! Even TechDirt agrees to that!"

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Suja (profile), Feb 23rd, 2012 @ 9:15am

    I gonna type something longer but I think this picture sums up what I was gonna say about this:

    http://lh6.ggpht.com/_CqtZ6YfaifQ/S7T_up1bBII/AAAAAAAADjQ/llDpNklRns8/EternalFacepalm.jpg

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 23rd, 2012 @ 9:16am

    Fine

    If this steaming pile of shit bill passes, what kind of fines would an ISP be looking at for non-compliance?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 23rd, 2012 @ 9:22am

    Holy crap, didn't even have to wait ten minutes for a troll to try and dismiss everything with a 'yeah, like that'll ever happen'.

    I know you people don't exactly rank reading comprehension, and basic logic very high, but you could at least show a little self preservation here and consider the fact that anything like this would absolutely destroy the anonymity you seem to cherish so highly.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    vivim, Feb 23rd, 2012 @ 9:41am

    Seen it.

    I saw this movie, isn't this the plot from "the net" ?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 23rd, 2012 @ 9:43am

    anyone with any sense already knows that none of the governments doing this are in the least bit interested in stopping any of the people or practices they say. it is being done for one purpose and one purpose only, to spy on the very citizens these governments are supposed to protect! 9/11 was just about the worst thing that could possibly happen to any nation, but since then, all governments and the US in particular seems to think that 99% of people are terrorists and must be constantly watched. what is coming out of this attitude and legislation of this type is that the terrorists have accomplished what they aimed for, making every country shit scared that it will (heaven forbid!) happen again! making out that every citizen is a suspect is not the way to go!

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      Andy (profile), Feb 23rd, 2012 @ 9:52am

      Re:

      Pretty much the same kind of thinking (only on a scarier scale) as the movie and music industries who want to behave as though pretty much all their customers are only interested in stealing from them.

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    adamj (profile), Feb 23rd, 2012 @ 9:46am

    Wow, wtf? I'm from Texas and I am so embarrassed that Lamar "Fuck Face" Smith is from here. God, this idiot will not go away.
    I agree, that the government/ISPs cannot protect such a lucrative storehouse of data. They can't even keep their government websites from being taken down on a whim.
    Who will pay to implement such a system? ISPs, who will then pass the cost on to the customer?
    And what is the next step? Lamar Smith would want authorities to have unlimited access to these databases, but only when it is "absolutely necessary". And by "absolutely necessary" I mean whenever his legacy industry masters need information on people that are possibly infringing on content. Lamar Smith may come at his and the RIAA/MPAA's agenda at different angles, but the agenda remains the same.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 23rd, 2012 @ 9:51am

    These lists of information would also make very handy identifiers of "Intellectual Property Thieves". The fact Smith is owned by hollywood is a total coincidence I'm sure.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 23rd, 2012 @ 10:03am

    Okay, Let's kick this discussion up a notch, and get past the hype:

    "This bill would introduce tougher sentencing for offenders and would make it a crime to financially facilitate the sale, distribution and purchase of child pornography.[1] Section 4 would require providers to retain a log of customer IP addresses, linked to "corresponding customer or subscriber information" listed in subsection (c)(2) of 18 USC 2703, for at least a year.[6] This includes, but is not limited to forcing Internet service providers to keep track of and retain their customers' information -- including their name, address, phone number, credit card numbers and bank account numbers, which many do already as a business practice.[7] The bill also protects internet service providers from civil actions resulting from the loss of data stored as a requirement of the bill.[citation needed] The bill does not, however, allow for unwarranted governmental surveillance.[citation needed]"

    (from wikipedia).

    Let's get this right: The US government appears to be telling ISPs that they need to have actual customer records (including records of how the account is paid for) and to have a way to easily relate that to when the account is signed on and what IP is attached to it - AND NOTHING ELSE.

    So, where is the spying?

    Where is the huge data warehouse of private information?

    Anyone? Beuller?

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 23rd, 2012 @ 10:13am

      Re:

      I guess in your world,

      a log of customer IP addresses, linked to "corresponding customer or subscriber information...customers' information -- including their name, address, phone number, credit card numbers and bank account numbers


      doesn't qualify as a "huge data warehouse of private information". /boggle

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      silverscarcat (profile), Feb 23rd, 2012 @ 10:13am

      Re:

      "Where is the huge data warehouse of private information?"

      Right in the bill, moron.

      "Section 4 would require providers to retain a log of customer IP addresses, linked to "corresponding customer or subscriber information" listed in subsection (c)(2) of 18 USC 2703, for at least a year."

      "This includes, but is not limited to forcing Internet service providers to keep track of and retain their customers' information -- including their name, address, phone number, credit card numbers and bank account numbers, which many do already as a business practice."

      Oh, gee, would you look at that? Something that states that information gets STORED and SENT TO THE GOVERNMENT by being FORCED to.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 23rd, 2012 @ 10:21am

        Re: Re:

        You guys don't get it - THE ISPs ARE ALREADY DOING THIS AS A NORMAL COURSE OF BUSINESS! That data is all there already.

        You don't think so? Ever looked at your account online? Changed your mailing address maybe, or added a new payment method? That data is "online".

        All the government is doing is requiring that the log information has a way to be linked to the customer list - nothing more.

        So, I ask again:


        So, where is the spying?

        Where is the huge data warehouse of private information?

         

        reply to this | link to this | view in chronology ]

        •  
          icon
          silverscarcat (profile), Feb 23rd, 2012 @ 10:31am

          Re: Re: Re:

          *Smacks you with a rolled up newspaper*

          Baka.

          AC no baka.

          Nothing more, huh?

          Hmm, I dunno...

          There's a BIT of a difference from looking at numbers of an ISP address and...

          SEEING A PERSON'S NAME THERE!

          The fact that you don't understand the bill as it's written proves that you should be excused from the current conversation.

          So, go away. Shoo, shoo. *Pushes you out the door*

          We have other things to do than to respond to bakas like you.

           

          reply to this | link to this | view in chronology ]

          •  
            identicon
            Anonymous Coward, Feb 23rd, 2012 @ 10:49am

            Re: Re: Re: Re:

            What?

            There is no indicated that the pieces of data need to be stored together in a manner that would let just anyone see them.

            Holy crap.

            You want to talk about baka... puk gai.

            Where is the spying, lo mo?

             

            reply to this | link to this | view in chronology ]

        •  
          icon
          Chosen Reject (profile), Feb 23rd, 2012 @ 10:43am

          Re: Re: Re:

          Fantastic. It's already being done. So no bill is needed. Tell us, why should we pass the bill if it's not doing anything that's not already being done.

           

          reply to this | link to this | view in chronology ]

          •  
            identicon
            Anonymous Coward, Feb 23rd, 2012 @ 11:48am

            Re: Re: Re: Re:

            I think in the end that part of the bill exists mostly to assure that the ISPs retain the data for the given period, and are able to relate the login data to an actual account accurately and directly. Customer information is already online (almost every ISP lets you see your bill online, and lets you add payment methods) and any ISP who is charging usage would have to track your login and logouts to prove when you are online to assign usage.

            I am really shaking my head here, I just cannot see anything that even comes remotely close to spying.

             

            reply to this | link to this | view in chronology ]

            •  
              icon
              Chosen Reject (profile), Feb 23rd, 2012 @ 12:42pm

              Re: Re: Re: Re: Re:

              You still haven't explained why this bill is needed. Why does the government want to make sure that the data being retained by ISPs is there? Why do they want to be sure it's accurate? We all see why the ISP would want this, but why does the government want it?

              If an ISP wants to retain your data for only two months and doesn't care if it's accurate, why should the government care. If it's for customer protection of incorrect billing by the ISP then why aren't the politicians couching it in that language? If it does nothing but enforce accuracy and retention periods on ISPs, then why does the government want it? I suspect when you answer that question, you'll find why some people call it spying.

               

              reply to this | link to this | view in chronology ]

              •  
                identicon
                Anonymous Coward, Feb 23rd, 2012 @ 1:05pm

                Re: Re: Re: Re: Re: Re:

                From what I can see, the ideas of these laws is to assure that, in the case of criminal (or civil) investigations that the ISPs are required to maintain the data for long enough for that to happen, and that it should be done as part of the course of business.

                Some ISPs may not be doing it, some may only do it for the current billing cycle, etc. The laws are being written to establish what is required for a more consistent system. As a side line, it will also eliminate the old "oh we don't keep records" excuse that some ISPs seem willing to try in court.

                I don't think it has much to do with customer billing, and all to do with any legal action to be taken in regards to online activities.

                It isn't spying. It's something that is pretty normal.

                 

                reply to this | link to this | view in chronology ]

                •  
                  icon
                  Chosen Reject (profile), Feb 23rd, 2012 @ 1:30pm

                  Re: Re: Re: Re: Re: Re: Re:

                  Oh absolutely, it's not spying, it's only the government telling ISPs the amount of data they must keep, and how long, and that government gets to look at. Wait, no, that's spying. If an ISP doesn't keep the data, then they lose out on whatever benefit keeping that data does for them. It's not an excuse they try in court. As you say, some don't do it, and some do it only for the period it's necessary for. The bills want to force the ISPs to keep data they wouldn't normally keep and for the government's perusal. Honestly, what do you define spying as?

                   

                  reply to this | link to this | view in chronology ]

        •  
          icon
          Malibu Cusser (profile), Feb 23rd, 2012 @ 2:01pm

          Re: Re: Re:

          First of all, thanks! Your trolling inspired me to actually read the bill, and the codes that it will affect. In addition to what you cite above, it basically authorizes the US Marshall service to "(C) issue administrative subpoenas in accordance with section 3486 of title 18, solely for the purpose of investigating unregistered sex offenders (as defined in such section 3486)."

          Great. Who wouldn't want unregistered sex offenders (as definined in such section 3486) to be investigated. But wait, 'unregistered sex offender' not only isn't defined in section 3486, it doesn't appear to be defined anywhere (Please point me to the definition if you happen to find it, and I'll correct my post.)

          The wikipedia non-citation "The bill does not, however, allow for unwarranted governmental surveillance.[citation needed]" is certainly accurate, but [citation needed] seems to be an understatement. This bill couples an enormous store of personal information with immunity to the ISP's that provide the data, and only a subpeona required to access it (legally). No potential for abuse there.

          Since the government has demonstrated restraint in requesting subpeonas in the past, surely, they'll exercise similiar restraint if/when this bill passes. Since unregistered sex offender isn't explicitly defined, one could probably argue that pretty much anyone falls into this category.

          They wouldn't do that though, right?

          So where is the spying? Well, there isn't any, because there's no way the government would request subpoenas for this information that would include innocents, right? Since IP addresses are always tied to a particular person.

          What about the huge data warehouse? Oh, you mean besides the ones that the ISP's already keep? Well there isn't one, as long as the government doesn't decide some point down the road that well, you guys already have all this data, and we can access pretty much anything, at any time, why don't you just send that directly to us? We could be so much more efficient at catching unregistered sex offenders if we didn't have any oversight...

          Forgive me, just ignore that totally unlikely strawman, something like that could never happen.

           

          reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward #2, Feb 24th, 2012 @ 12:24am

          Re: Re: Re:

          So, C30 proponent, what specific problem does this linking solve? Can you provide a specific example where this linking would have solved a crime, which wouldn't have been solvable without the current laws in place.

          Are we really just trying to find out trolls on a nasty forum quickly or without a warrant? Is this what it's about? Really?

          What if the user is using a proxy to an international email? How do you solve that problem?

          ac2

           

          reply to this | link to this | view in chronology ]

          •  
            identicon
            Anonymous Coward, Feb 24th, 2012 @ 7:25am

            Re: Re: Re: Re:

            "So, C30 proponent, what specific problem does this linking solve? Can you provide a specific example where this linking would have solved a crime, which wouldn't have been solvable without the current laws in place."

            Well, let's consider something. You have someone on a chat board, offering up the proverbial child porn images, and offering them now. You have a posting IP there. Then you contact them via email, and you have more information there. Finally, you get them to set up a private live video feed of the action. You contact the ISP with this information, get the billing address, and you go knock the door - perhaps interrupting a crime in progress.

            Remember, all it is doing is giving police / authorities a way to get relevant information without first having to go through flaming hoops in court, specifically if the ISP decides to do the old "we won't reveal confidential customer data" or "we purposely don't keep records" excuses. It makes it mandatory, they need to keep the records, and they need to keep them in a manner that allows for quick and efficient review of them.

            Consumers should be happy. For most users, it will mean that you have another source to fight that unjust billing or issue, and you have another source to show that you were not the one using a given IP at a given time when you fight your piracy case in court.

            I just don't see the negative here.

             

            reply to this | link to this | view in chronology ]

            •  
              identicon
              Anonymous Coward, Feb 24th, 2012 @ 8:35am

              Re: Re: Re: Re: Re:

              You dream fantasy of 1984 is not happening because there are real financial costs to that shit.
              http://tech.slashdot.org/story/11/06/01/1434243/world-internet-traffic-to-top-966-exabytes-in -2015
              1 petabyte = 2E+60(two to the power of sixty) in 2010 the total traffic was 250 petabytes.

              That is 250 thousand $90 dollars 1TB HDDs, not to mention the electric bill and the cooling requirements for it all.

              I want to see you wire 70 thousand motherboards holding 4 HDDs each with Km of cabling, just so you can freaking log that crap every year, and that is only for one year, the next year you have to build another datacenter to hold on to more data and will cost another billion dollars to do it.

               

              reply to this | link to this | view in chronology ]

              •  
                identicon
                embolism, Sep 23rd, 2013 @ 4:22am

                Re: Re: Re: Re: Re: Re:

                definitely possible given the new UTAH facility can store the data of all the worlds computer users for 30 years and it has already been funded as well as contributed to by 70+ microsoft fusion centres,GCHQ in the UK and all the other European partners/allies in the NSA`s global Cyber domination plan.Read nsa/cia whitepaper from 2001 on global Cyber strategy and you may understand how far back it goes and it`s goals,one reason bill Binney resigned in 2001 from the NSA.

                 

                reply to this | link to this | view in chronology ]

            •  
              identicon
              Devonavar, Feb 24th, 2012 @ 9:32am

              Re: Re: Re: Re: Re:

              "Remember, all it is doing is giving police / authorities a way to get relevant information without first having to go through flaming hoops in court"

              Yes. We know that. That's why we're upset: Those flaming hoops are there for a very good reason. Making surveillance easy and invisible is a path to abuse of power. Getting a warrant with court oversight is a key part of allowing the police to exercise the special powers that they need without permitting those powers to rise to the level of abuse. The legal limits regarding searches and warrants have been in place for a century or more. If we're going to dismantle them now, there'd better be a damn good reason and a thorough debate about it.

              I notice you've been ignoring the other posts I've made about this. Your silence speaks volumes.

               

              reply to this | link to this | view in chronology ]

    •  
      identicon
      embolism, Sep 23rd, 2013 @ 4:15am

      Re: where is the warehouse of Imformation

      Its the new storage facility in Colorado/UTAH as well as in the George Bush centre for intelligence and is correlated through Fort Meade in the USA and GCHQ in the UK,I thought everyone knew this.

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    Ninja (profile), Feb 23rd, 2012 @ 10:04am

    Our usual critics will say (or have said) this is fear mongering. Very appropriate of them. /sarc

    This article is precisely one of the reasons I fear for our children.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Lord Binky, Feb 23rd, 2012 @ 10:28am

    Wait a second....

    Did you just say that a law sponsored by Lamar Smith would be helpful? (..to some unsavory criminals). Just because a law outlines the conditions to avoid notice while providing a unprecidented service for free (well, if you have the abilities to access it), does not mean you given out a set conditions for a solution to avoiding notice on top of endangering the public. It's math, it can't be true.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 23rd, 2012 @ 10:35am

    The government cannot be agile in such a situation regardless of the contents of this bill. Imagine trying to create a bloated, poor version of google, but instead of great potentials driving the development of the system, you have great burdens driving it. That will lead to ultimately a poor system and one where it will be attacked.

    Of course the government doesn't have to create the burdensome parts, they just have to require them from companies.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 23rd, 2012 @ 10:44am

    Dear Anonymous Cowards,

    I am merely one small cog in the government. But you are not anonymous to me. Some ISPs are beginning to collect info, but this would go way above and beyond this. I can compare your IP address and word style choice, or just ask your ISP, and now you are no longer anonymous to me. If I dislike you, I can publish your real life address, phone number, family connections, etc.

    And don't give me bullshit about hiding behind proxies, because all the proxies will be traced and recorded. In short, no more anonymity for you. I now know who you are and can expose you... everywhere you go online.

    *Everywhere*

    Everyone will know your hobbies, your deep, dark secrets. And if I am feeling particularly vengeful, I can modify your data, and presto! You're now a pedophile, on the sex offender registry and the no fly list.

    I can have your bank accounts frozen, your assets seized, and your name discredited.

    And there isn't a damn thin you can do about it, because I have access to ALL your information that the government is conveniently collecting for me.

    Still feel good about all this? If you are, simply post a comment with your real name and address. After all, you seem to be comfortable with the idea that you can be identified and located easily, so I'm sure you'll have no problems coming out into the open.

    Oh wait, it says "Anonymous COWARD" for a reason.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 23rd, 2012 @ 11:49am

      Re:

      "veryone will know your hobbies, your deep, dark secrets. And if I am feeling particularly vengeful, I can modify your data, and presto! You're now a pedophile, on the sex offender registry and the no fly list."

      Again, where the heck in these laws do you see that?

      It's an amusing story, just not supported by reality.

      As a side note, I have to wonder: Are you the same sort of smart guy who was against SOPA? I have to wonder what level of misinformation was used to derail that law.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 23rd, 2012 @ 10:49am

    So after reading this article, I'm starting to wonder if Lamar Smith may be a pedophile.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 23rd, 2012 @ 11:00am

    "one could hardly walk down the street without being offered raw heroin by a grenade-throwing child pornographer carrying currency from 19 different countries."

    This sounds like an awesome and exciting city to live in. Is there any cheap housing available?

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Baldaur Regis (profile), Feb 23rd, 2012 @ 12:09pm

    Thank you

    for the excellent article, Mr. Kulaweic, and to ALL the commenters, who always provide stimulating discourse. For me, the arguments vis-a-vis online privacy can only be guided by the personal:

    I object, in the strongest manner possible, to being digitally groped, in order to prove innocence to any government entity.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 23rd, 2012 @ 12:36pm

    "Again, where the heck in these laws do you see that?

    It's an amusing story, just not supported by reality."

    You don't really understand computers, do you? *NO* system is 100% secure. If it can be leaked, it WILL be leaked... especially if connected to the internet, and you can bet all this information database stuff will be.

    "It could be someone parked outside your house, or across the street using your wifi. Especially if you have kids (a lot of handheld game systems use WEP which is easily cracked).

    For the most part, it's of very little to try to log more than what IP at a given time was assigned to which account..."

    This is true, but doesn't show the whole story, either. An IP address helps narrow down the physical location. Then you can simply watch who logs in and when to that access point, and/or snoop the packets that are flying around.

    Bottom line is: you aren't as anonymous as you might think you are. If someone wants to find you, and connect your comments to your real life persona, they will. Hell, the very times when you're posting, can give them an idea of who is doing it.

    And what this law does, is correlate ALL the information about you into one easily accessible place. It's a one-stop shop for information thieves, or someone who develops a grudge against you.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    mildkisses (profile), Feb 23rd, 2012 @ 1:14pm

    Do you realize that behind the word "pedophiles" there are human beings? And behind you replied that behind terrorists also are, let me remind you that pedophiles ARE NOT CRIMINALS or "bad people". Just people with a different sexual orientation. That doesnt make you bad. That doesnt make you a "child pornographer". A pedophiles has exactly the same morals and empathy as you.

    Stop thinking in stereotypes. Stop thinking like sheeps. Pedophiles are NOT an stereotype. Pedophiles are HUMAN BEINGS, and most of them are GOOD, HONEST AND KIND HUMAN BEINGS WHO WOULD NEVER HURT ANYONE. Stop thinking of pedophiles as it meant "criminals". Stop stereotyping, demonizing and humiliating people who were born different. Do you think that pedophiles use the internet to "track down children"? That pedophiles are criminals? That are "bad people"?

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      BigKeithO (profile), Feb 23rd, 2012 @ 2:10pm

      Re:

      Yes, I do think pedophiles are criminals and "bad people". Thank you for asking.

      Never hurt anyone? What about all the kids in that kiddie porn?! Get a clue.

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        mildkisses (profile), Feb 23rd, 2012 @ 3:47pm

        Re: Re:

        "Yes, I do think pedophiles are criminals and "bad people". Thank you for asking."

        Can I ask you why? Why does these children and young people deserve that treatment (http://www.b4uact.org/NotOne.pps)? Can I ask you why having a different sexual orientation makes you a criminal and "bad people"? Last time I checked, being a pedophile was not a crime. A pedophile can have the same morals as you and I. Is not a worse person for being born different.


        "Never hurt anyone? What about all the kids in that kiddie porn?! Get a clue."

        I hate children suffering, but, what does that have to do with anything?

        If an heterosexual man rapes a woman, does that mean that all heterosexual men rape women? Does that mean that all persons attracted to women are responsible for that rape? Your logic is incredible.

        Do you think that being a pedophile (that is, being attracted to children) actually makes you support children suffering? If you are heterosexual, does that mean that you support women being beaten and raped? I will appreciate a straight answer to this, since your logic is absurd.

         

        reply to this | link to this | view in chronology ]

    •  
      identicon
      Devonavar, Feb 23rd, 2012 @ 3:01pm

      Re:

      Ok, I get that this is not meant seriously, but even reading it is creepy.

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        mildkisses (profile), Feb 23rd, 2012 @ 3:47pm

        Re: Re:

        What? How is this not serious? Teenagers trying to kill themselves for having this sexual orientation is not serious (http://www.b4uact.org/NotOne.pps)? People suffering and being persecuted for their inborn orientation is not serious?


        If you think that people unfairly suffering and being discriminated for something they didnt choose is not serious...

         

        reply to this | link to this | view in chronology ]

    •  
      icon
      wvhillbilly (profile), Feb 24th, 2012 @ 10:16am

      Re:

      You mean we should let all these "kind, compassionate" robbers, murderers, burglars, thieves, drug pushers and other criminals out on the street and close down our prisons as being cruel and unreasonable punishment? Say this happened, then one of these "kind, compassionate, honest human beings" accosted you on the street, beat you to a pulp, stole your wallet and keys, drove your car to your house, molested your wife and kids, cleaned out everything of value in your house and left, setting your house on fire to cover up the evidence?

      How would you feel about this sort of "human beings" after this???

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 24th, 2012 @ 2:26pm

        Re: Re:

        In that case, you are talking about a person that committed several crimes. I didn't see how that relates with anything of what the op said. I guess in the end, you too believe in thought crimes. So then why the fuss about copyright enforcement?

         

        reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
     
    icon
    mildkisses (profile), Feb 23rd, 2012 @ 1:15pm

    "Of course, everyone who's actually studied terrorists, pedophiles, drug dealers and money launderers in the context of telecommunications knows full well that nothing in these bills will actually help deal with them. The very bad people who are seriously into these pursuits are not stupid, and they're not naive: they use firewalls, encryption, and tunneling. "

    Are you saying that pedophiles are "very bad"???!!! Bad for having a different sexual orientation?!?

    Do you recognize that you are demozing people for their sexual orientation? Do you recognize that there are very young people, teenagers, who are pedophiles and have to suffer every day of their lifes being called "very bad people"?

    Have you actuall talked with a pedophile? Do you even know what that word means? Im sorry Its very hard to keep it polite when you just called an enormous group of people, one of which is my best friend, who are most of them EXTREMELY GOOD, COMPASIONATE AND KIND HUMAN BEIGNS, "very bad people".

    Do you even read your words? You read what you write? You think what you write?

    Do you even read that you called a group of millions of human beings whose only difference with the rest of us is their sexual attraction, "very bad human beings"? And for WHAT? For being born different? For having a different sexual attraction?

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      BigKeithO (profile), Feb 23rd, 2012 @ 2:12pm

      Re:

      You nailed it. Reading comprehension is at 100%.

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        mildkisses (profile), Feb 23rd, 2012 @ 3:49pm

        Re: Re:

        Honestly, I dont care about the new in itself. I dont care about "internet spying laws". I care about people and people suffering. I care about young people suffering, because they are pedophiles and society makes them think they are "child molesters" or "bad".

         

        reply to this | link to this | view in chronology ]

        •  
          icon
          silverscarcat (profile), Feb 23rd, 2012 @ 3:57pm

          Re: Re: Re:

          Because children don't have the capacity to see all the choices in front of them the same way adults do.

          Yes, there are exceptions, but that's a general rule of thumb.

          Why do you think if a child under the age of 7 commits a felony, the child is just sent home with a stern talking?

          Their brains aren't developed enough to know that stuff.

           

          reply to this | link to this | view in chronology ]

          •  
            icon
            mildkisses (profile), Feb 23rd, 2012 @ 4:02pm

            Re: Re: Re: Re:

            ... what does that have to do with anything? I complained about the vilification and demonization of pedophiles in this article, and pointed out that many pedophiles are young people who suffer from depression and even try to kill themselves because society thinks they are "predators" or "very bad people", as the author put it. If you think that is fair for these people who have never done anything wrong, and who are as good and honest as the best heterosexual/homosexual, to be vilified and demonized by an ignorant moron, then I dont know what to tell you.

             

            reply to this | link to this | view in chronology ]

            •  
              identicon
              teka, Feb 23rd, 2012 @ 9:45pm

              Re: Re: Re: Re: Re:

              Let us act on the side of charity and assume, reasonably, that Rich and posters are not using the term "pedophile" in exactly the same way as you.

              They are using the (regrettably too common) usage where the term is interchangeable with "child molesting criminal". This also abandons the distinctions like ephebophilia, creating a more confusing swath of issues.

              Perhaps this misuse of language can be laid at the feet of law enforcement, politicians and sensational media. It is regrettable that it caught on, no matter the source.

              Let us all try to more precise and sensitive with language instead of letting it be splashed around like buckets of paint.

               

              reply to this | link to this | view in chronology ]

  •  
    identicon
    LyleD, Feb 24th, 2012 @ 3:32am

    "one of the largest private data breaches by law enforcement in history."

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 24th, 2012 @ 4:05am

    Politicians talk so much about movies that are starting to think they are inside one.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Overcast (profile), Feb 24th, 2012 @ 8:10am

    Yes, these jobs *monitoring* everything - will become prime jobs for freaks and criminals.

    I won't mention any specifics, of course, but a place where I work or worked, I found a massive amount of pretty fringe porn - and it was in the home folder of someone in the upper tier of IT security.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    sabacat (profile), Feb 24th, 2012 @ 9:14am

    Lamar Smith is like Pink's crazed psycho mamma in The Wall. - Irrelevant I know, but every time I see that nutjob's name I think of that.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    wvhillbilly (profile), Feb 24th, 2012 @ 10:01am

    Police state preps?

    I not only see tremendous potential for abuse in all these proposed laws and measures, I see it as stage setting for a police state society that a lot of politicians would be delighted to see happen.

    It's all about control.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 24th, 2012 @ 2:30pm

      Re: Police state preps?

      funny, above you posted that you agree with the ability of law enforcement to act on thought crime, and here you are saying the opposite.

      Make up your damn mind.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    TheLaughingMan, Feb 24th, 2012 @ 3:24pm

    Who Watches The Watchmen?

    Stephen Harper, Rob Nicholson, John Baird and Vic Toews, along with the rest of the Conservatives are liars, cheats and thieves. They are fascists and would turn our country into an Orwellian nightmare! Canada needs to rise up and occupy the parliament, remove the Conservatives from power, followed by some good old fashion tarring and feathering, finish with banishing from Canada! Finally Canadians need some laws that allow us to force referendums on the government and punish corrupt politicians who think they can screw with their people, their employers, you and me!

    People shouldn't fear the government, the government should fear the people!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    some guy, Feb 29th, 2012 @ 8:25am

    bad article

    buncha scrubs.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    evilscientist, Feb 29th, 2012 @ 6:51pm

    Re: Re: Re: Re: Re: Re: Re: Re: But there is no database!

    FYI From Bill C-30, Section 33 allows the Minister to appoint anyone he/she pleases to be an "inspector"

    Section 34 allows the inspector without warrant and at the pleasure of the Minister to copy any and all data held by a telecommunication provider (ISP/phone company) and send it to the Minister. The only "limitation" is that the data is to be used to ensure compliance with the act. Given the current government's track record, there is little doubt in my mind that this information could be given to the RCMP or CSIS without a warrant to ensure "compliance" and if it just happens to fall onto someone's desk who'd use the information for another purpose. oh well...

    Further Section 17 allows a peace officer to intercept any communication without warrant if they think it's necessary with no oversight.

    So as it is currently written, Bill C-30 allows warrantless spying on Canadians for whatever nefarious purposes the government feels it needs.

    One can now only hope that the Minister has now bothered to read his own legislation. http://bit.ly/wrHfDA

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    LaughingMan3000, Mar 1st, 2012 @ 12:57pm

    Who Watches The Watchmen?

    Stephen Harper, Rob Nicholson, John Baird, Jim Flaherty, Diane Finley, Peter MacKay, Tom Lukiwski and Vic Toews, along with the rest of the Conservatives are liars, cheats and thieves! Bill-C10 threatens to throw many in jail longer and needlessly! Bill C-11 would strip Canadians of even more rights to what we already own and censor our flow of information! Bill-30 will strip us of our privacy! Now lets not forget the G20 fiasco, Vic Toews immortal speech about Canadians being pedophiles, the planned pension cuts, they place gag orders on those they appoint to various studies so that if the studies turn up data contradicting their ideals, they can suppress the data, or their election fraud, and now they can't even get our budget out on time!
    The fascist Conservatives would turn our country into an Orwellian nightmare! How can they even call themselves a legitimate government?! How dare they act like they have our best interests in mind! Who do they think they are telling us what we need and how to live our lives?! They're the middle management and we're the ones who hired them! We should be telling them what we want and how we want it!
    Canada needs to rise up march on Ottawa and occupy the parliament! We need to take back our country, remove the Conservatives from power! Our government, as a whole needs to be dismantled and rebuilt (that goes for those other parties as well. I'm looking at you Liberals and NDP. Fat load of good they've ever done for the country)! All our political parties have ever really done to us has been to divide Canadians. This only serves to make us easy prey for predators in the night! I say no more! Canadians need to stand up as one, divided by zero! Those that would appose the will of the people need to be taught a lesson, followed by some good old fashion tarring and feathering, finish with banishing traitors from Canada! Finally Canadians need some laws that allow us to force referendums on the government and punish corrupt politicians who think they can screw with their people, their employers, you and me! Fellow Canadians I implore you raise up and shout out your discontent for the horrible state of our country and the world for that matter. Shout from every mountain top (email, letters, phone calls, blogs, forums, twitter, youtube, ect…), "WE WILL NOT STAND FOR CORRUPTION WITHIN OUR GOVERNMENT! WE WILL NOT GO QUIETLY INTO THE NIGHT AS OUR FREEDOMS ARE SLOWLY ERODED! WE'RE COMING FOR YOU HARPER REGIEM! EXPECT US!" Let the voice of the masses resinate as one, thundering and deafening our oppressors. Keep screaming and screaming, every day, all day, don't stop screaming until this country is ours again!
    'Things have got to change. But first, you've gotta get mad!… You've got to say, "I'm as mad as hell, and I'm not going to take this anymore!" Then we'll figure out what to do about the depression and the inflation and the oil crisis. But first get up out of your chairs, open the windows, stick your head out, and yell, and say it: "I'M AS MAD AS HELL, AND I'M NOT GOING TO TAKE THIS ANYMORE!"
    'People shouldn't fear the government, the government should fear the people!'
    For more information, check out www.cananon.info

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This