Lawmakers propose Internet Safety Act.(LEGISLATION).

Republican lawmakers want to enact a broad new federal law that would require all Internet service providers (ISPs) and operators of millions of Wi-Fi access points to retain user records for two years to aid in police investigations.

The legislation, which echoes the European Union's controversial Data Retention Directive, would mandate data retention requirements for most ISPs and is certain to raise protests from businesses and privacy advocates.

Senate Bill 436 and House Bill 1076 were introduced in February. Both are titled "Internet Stopping Adults Facilitating the Exploitation of Today's Youth Act," or the Internet Safety Act.

And both include the same language: "A provider of an electronic communication service or remote computing service shall retain for a period of at least two years all records or other information pertaining to the identity of a user of a temporarily assigned network address the service assigns to that user."

According to a CNet report, that means the proposed law would apply not only to providers such as AT&T, Comcast, and Verizon, but also to individuals, small businesses, large corporations, libraries, schools, universities, and even government agencies with Wi-Fi access points or wired routers that use the standard method of dynamically assigning temporary addresses, called Dynamic Host Configuration Protocol (DHCP). Experts say the law would cover every employer that uses DHCP for its network. CNET said voice-over-IP services may be covered, too.

Under the Internet Safety Act, these types of companies would have to retain user and network data for at least two years.

Former Attorney General Alberto Gonzales had called for similar rules, and current Attorney General Eric Holder said in 1999 that "certain data must be retained by ISPs for reasonable periods of time so that it can be accessible to law enforcement." Rep. John Conyers, the Democratic chairman of the House Judiciary Committee, has called FBI proposals for data retention legislation "most welcome."

The 1996 Electronic Communication Transactional Records Act regulates data preservation, requiring ISPs to retain records for 90 days "upon the request of a governmental entity." CNet said another U.S. law requires ISPs to report child pornography online to the National Center for Missing and Exploited Children, which must forward that report to law enforcement.

As it stands, the Internet Safety Act goes beyond just data retention. For example, according to CNet, some sections add criminal penalties to child pornography-related offenses, increase punishment for sexual exploitation of minors, and provide $30 million to the FBI for the Innocent Images National Initiative.

As the IM goes to press, it is uncertain when the House or Senate might vote on either Internet Safety Act bill.

Source Citation:"Lawmakers propose Internet Safety Act.(LEGISLATION)." Information Management Journal 43.3 (May-June 2009): 18(1). Computer Database. Gale. BROWARD COUNTY LIBRARY. 20 Aug. 2009
.