The bills, known as the Internet Stopping Adults Facilitating the Exploitation of Today's Youth Act (or Internet SAFETY Act), are designed to enhance the federal government's fight against the producers and distributors of child pornography. In addition to the data-retention policies, the act would establish new penalties of 10 years for people who set up Web servers to distribute child pornography and 20 years for those who fund such activities. The act would also double the funds for the FBI's anti-child pornography initiative, Innocent Images.

At a press conference with Smith and law-enforcement agents, Cornyn urged support for the legislation. "While the Internet has generated many positive changes in the way we communicate and do business," Cornyn said, "its limitless nature offers anonymity that has opened the door to criminals looking to harm innocent children. Keeping our children safe requires cooperation on the local, state, federal and family level."

Potentially Broad Application

But critics are already raising concerns about the bill's broad language, particularly with respect to the definition of Internet service provider. The bill applies to any "provider of an electronic communication service or remote computing service," which could conceivably be interpreted to include everyone from the largest ISP down to an individual who has set up a Wi-Fi network at home.

While most national or regional ISPs have the capability to collect and store IP address information associated with specific users, such record-keeping may be beyond the capability of smaller access providers, like coffee shops with free Wi-Fi. Homeowners might have an even more difficult time complying.

In an op-ed piece in the Dallas Morning News on Thursday, however, Smith compared IP address logs to the logs of telephone numbers that phone companies are required to maintain. "If we require phone companies to retain this same type of information," Smith said, "there is no reason why the law should not be updated to include ISPs."

"Law-enforcement officials should have the tools they need to fight crime, whether committed over the phone, through the mail, or online."

Serious Privacy Concerns

But as numerous privacy advocates have pointed out, the information stored by the typical ISP in its IP address log is often far more revealing than mere phone numbers. For instance, it's not uncommon for the log files to include search terms or e-mail addresses in addition to IP addresses visited by each user. That makes IP log files potentially far more intrusive than phone-number registers, which merely contain the numbers called or received.

There is also the issue of who might have access to the information and under what circumstances. A number of major music and video copyright holders, including Time Warner, Sony Pictures, Walt Disney and EMI, have long been on record as supporting longer IP address retention requirements. The increased availability of such data would be a big help in copyright-enforcement actions against online file sharers.
 

nfn