The U.S. Department of Justice has told Google, Microsoft and other
major Internet companies that it wants them to keep detailed records of where
people go while surfing the Web for up to two years.
The proposal, which would require Congressional approval, could dramatically
change how companies cooperate with law enforcement agencies investigating everything
from terrorist networks to child pornography. Internet service providers such
as Verizon, AT&T and Comcast, could also be forced to comply.
Brian Roehrkasse, a Justice Department spokesman, said the government wants
companies to keep data related to Web searches and e-mail exchanges -- but not
actual content, such as e-mail messages or attachments.
The companies say they want to help law enforcement, but they are also concerned
about providing secure Internet services and protecting the privacy of their
``Child pornography is disgusting and illegal,'' said Steve Langdon, a spokesman
for Google. But he said any proposals related to users' data ``require careful
review and must balance the legitimate interests of individual users, law enforcement
agencies and Internet companies.''
Internet companies have a mixed record in protecting the personal information
of their users.
Earlier this year, Google fought a Justice Department demand for data relating
to Web searches. A federal judge ordered Google to hand over part of what the
government originally requested, but not information about individual searches.
Microsoft said it also resisted a similar demand and likewise won concessions
from the Justice Department. But AOL and Yahoo reportedly complied with the
Eric Rabe, a spokesman for Verizon, said the telecom giant has a history of
``tenaciously guarding'' its users data, including fighting a battle with the
music industry all the way to the Supreme Court over the identity of people
who shared music online.
Current regulations require companies to preserve data that is the subject
of specific criminal investigations for up to 180 days while law enforcement
collects evidence that could support a warrant or subpoena.
``This is a radical departure from current practices,'' said Marc Rotenberg,
executive director of the Electronic Privacy Information Center, who meet with
justice department officials Thursday. ``We've opposed it because we think it
creates an unnecessary risk to privacy and security of Internet users.''
Roehrkasse, the Justice Department spokesman, said the purpose of the meetings
with the Internet companies and others is ``to solicit their input and seek
their assistance in formulating proposals and recommendations on the issue of
Roehrkasse said Gonzales had made clear that government employees would only
have access to the information through ``appropriate legal processes,'' such
as a subpoena. Investigators at the justice department in Washington or at any
of the country's 94 U.S. attorney's offices would also be able to retrieve the
Behind the proposal is Gonzales's concern that the Internet is encouraging
the sexual exploitation of children and that the failure of some Internet providers
to save records may have hampered some investigations.
``Before the Internet, these pedophiles were isolated -- unwelcome even in
most adult bookstores,'' Gonzales said during an April 20 speech before the
National Center for Missing and Exploited Children. ``Through the Internet,
they have found a community. Offenders can bond with each other, and the Internet
acts as a tool for legitimizing and validating their behavior in their minds.''
Under the Patriot Act, which was extended in March over the objections of civil
libertarians and privacy advocates, Internet services providers, or ISPs, have
voluntarily helped the FBI track and arrest terrorists and criminals in the
United States and abroad.
In one case, the FBI arrested an El Paso man who sent an e-mail threatening
to destroy an El Paso mosque. In another, agents identified a 36-year-old Kansas
woman who later confessed to murdering a 23-year-old Missouri woman and cutting
out her unborn eight-month-old fetus.
``We are trying to understand what's not working,'' said Mark Uncapher, senior
vice president of the Information Technology Association of America, whose members
include AT&T, Verizon, AOL, Yahoo and Microsoft.
ISPs do not typically keep detailed records of each individual subscriber's
online wanderings. Dave McClure, president of the US Internet Industry Association,
said requiring companies to keep such data could end up costing billions of
McClure said the cost would likely be passed on to consumers, who would also
face a greater risk of identity theft because more information that's not available
now would be stored. In addition, the stored data would be a tempting target
for people suing each other over civil matters, he said.
``The Department of Justice has yet to tell us what they want us to store,''
McClure said. ``If they decide they want us to store everything, there isn't
a storage facility in the U.S. large enough to store that.''