Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

FBI Head Wants Strong Data Retention Rules 256

KevHead writes "Speaking at a conference of international police chiefs, FBI Director Robert Mueller called for strict data retention guidelines for US ISPs. Echoing DHS head Michael Cherthoff's assertion that the Internet was enabling terrorists to telecommute to work, Mueller went further and said that the US needs stricter data retention guidelines. '"All too often, we find that before we can catch these offenders, Internet service providers have unwittingly deleted the very records that would help us identify these offenders and protect future victims," Mueller said. The solution? Forcing ISPs to retain data for set periods of time.' If that happens, how long before the MPAA and RIAA start asking to take a peek at the data too, as they have in Europe?"
This discussion has been archived. No new comments can be posted.

FBI Head Wants Strong Data Retention Rules

Comments Filter:
  • by Animats ( 122034 ) on Thursday October 19, 2006 @03:06AM (#16498075) Homepage

    Add stopping this to the list of "things to do after the Democrats take over Congress".

    Don't forget to vote, everybody.

    And remember, as one leading Democrat has said, if Democrats control either house, there's going to be "oversight, oversight, oversight". Look how much has come out with the Republicans in charge: everything from the plan to divide up northern Iraq amongst oil companies to the CIA's torture program. There has to be more stuff we haven't heard about. Look forward to people like the FBI Director testifying under oath before Congress. Coming soon to a C-SPAN channel near you.

    You might also want to volunteer to be a poll watcher, especially if you're in a state with Diebold voting machines.

  • by rf0 ( 159958 ) <rghf@fsck.me.uk> on Thursday October 19, 2006 @03:32AM (#16498217) Homepage
    I would hope that the UK's Data Protection Rules [direct.gov.uk] will basically tell the US to get lost if they come knocking. However as there is the special relationship I expect it will just be ignored
  • by i-neo ( 176120 ) on Thursday October 19, 2006 @03:33AM (#16498223)
    [...] If that happens, how long before the MPAA and RIAA start asking to take a peek at the data too, as they have in Europe?"
    If you had read the article about what will be done in Europe, you would know they only store connection logs (phone, internet...) and not the data. This makes quite a big difference. Please don't travestite reality.
  • by mark-t ( 151149 ) <markt@nerdflatEULER.com minus math_god> on Thursday October 19, 2006 @03:34AM (#16498227) Journal

    Phone companies do it, after all...

    It is nevertheless impractical for ISP's to do the same because there are several orders of magnitude more simultaneous connections than there are with phone companies because phone calls typically last on the order of minutes, while individual IP packets take less than a fraction of a second to transmit and they are done. One could track entire TCP streams, but even those can be over in less than a second, and it wouldn't be helpful for tracking things like UDP or even raw IP. It would require absolutely huge amounts of data storage to chronicle even a single hour's usage in entirety on a major ISP, let alone keeping it around for days or weeks.

  • by panaceaa ( 205396 ) on Thursday October 19, 2006 @04:02AM (#16498395) Homepage Journal
    data retention aint going to help you track a hacker.

    This is logically false. I can give you a theoretical and a practical example. Theoretically, any information is more helpful than no information. The only practical exception would be polluting good information with bad information, but since this information would be logically separate from existing information, this problem would not exist.

    Practically, have you ever tracked down a hacker at your company? Logs are the BEST place to do this. Look for SQL injection attempts in URLs. Track those IP addresses to see where else they went. If you know the IP address already, you can look up what user account they were using. There's tons and tons of information in logs. You're suggesting that it's wise for a corporation to delete this data??? The argument is less concrete when you're talking about an ISP's logs, but data retention within a corporation's network is a great idea.

"In order to make an apple pie from scratch, you must first create the universe." -- Carl Sagan, Cosmos

Working...