Can an Anti-Child Porn Bill Go Too Far?
Sep 12, 2011 6:00 AM PT
H.R. 1981, a U.S. federal bill which apparently seeks to combat child pornography, has stirred up opposition from various lawmakers as well as civil rights groups.
The proposed law, introduced in May and now under consideration in Congress, is the joint creation of Rep. Lamar Smith, R-Texas, chairman of the Judiciary Committee; and Rep. Debbie Wasserman Schultz, D-Fla., who chairs the Democratic National Committee. It has 24 sponsors.
The bill seeks to make it a federal crime to fund the sale, distribution and purchase of child pornography and to increase the maximum penalty for certain child pornography offenses.
It's supported by the National Center for Missing and Exploited Children, the National Center for Victims of Crime, the National Sheriff's Association, the Major County Sheriff's Association, the International Union of Police Associations, and the Fraternal Order of Police.
The bill's title is "The Protecting Children From Internet Pornographers Act of 2011." Judging the bill by its cover, it's difficult to image who in the world would oppose such an idea. However, groups such as the Electronic Frontier Foundation, the Center for Democracy and Technology, the Electronic Privacy Information Center, and several members of Congress including Rep. Zoe Lofgren, D-Calif., have spoken out against certain aspects of the bill.
Other opponents include Republican Bob Barr, a former congressman from Georgia, and Rep. Jim Sensenbrenner, R-Wis., who is one of the authors of the REAL ID Act. That act establishes federal standards for state-issued drivers' licenses and other identification, among other things.
What H.R. 1981 Seeks to Do
The aims of H.R. 1981 include more tightly defining acts related to child pornography and increasing the punishment for those convicted of child porn.
For example, it proposes that whoever financially facilitates access to child porn will be fined or imprisoned for up to 20 years, or both.
The bill also seeks to provide greater protection to child witnesses against harassment and intimidation.
Further, it seeks to impose heavier penalties on the possession of child pornography.
Few would argue against these aims.
However, the issue attracting heavy debate concerns a provision in the bill that would require Internet service providers (ISPs) to retain the network addresses they temporarily assign to each account for, after amendment, a period of 18 months. They would also have to securely store those records to protect customer privacy and prevent data breaches.
Further, ISPs will not be legally liable for releasing the data they have stored under the provisions of this bill.
Wireless Internet access like the kind provided by cellphone networks is exempted.
Arguments for the Bill
"The bill is an attempt to come up with a reasonable compromise regarding an issue of great law enforcement concern for many years -- data retention," Ernie Allen, president of the National Center for Missing & Exploited Children (NCMEC), told TechNewsWorld.
H.R. 1981 only requires ISPs to retain information proving or establishing connectivity and doesn't require them to retain content, Allen said.
The biggest challenge in child pornography cases is connecting a real person to illegal content at the precise moment that content was accessed or distributed online, Allen stated.
"Most people do not understand that IP addresses are dynamic," Allen pointed out. Dynamic IP addresses can change at any time. "The bill is intended to capture the concept that IP addresses are assigned at time of log-in" because it uses the phrase "temporarily assigned network address," Allen said.
Last year alone, NCMEC received 223,000 reports of suspected child sexual exploitation crimes, more than 90 percent of which involved online child porn, Allen said. During that period, the Center's Child Victim Identification Program reviewed and analyzed 13.6 million child pornography images and videos to try and identify and rescue victims.
"The greatest challenge here is that there is a significant missing link," Allen said. "There can be no prosecution until law enforcement connects the data and time of that online activity to an actual person -- the type of information found in an ISP's connectivity log."
Those connectivity logs are analogous to the records United States federal law requires telephone companies to keep of the date and time that a phone number is dialed, Allen contends.
Why Some Fear H.R. 1981
Many of the arguments from members of Congress opposed to the bill can be summed up in Lofgren's stance: While child pornography is a very serious crime, the bill's provisions are much too sweeping, and it will let ISPs track every website Americans visit and make that information available to the federal government without a warrant.
They contend that H.R. 1981 will go way beyond fighting child porn.
That's a stance also taken by civil rights groups.
"Language in the bill strongly suggests that not only the IP address has to be retained but also information that identifies the customer who had that address at the time -- what credit card you use to pay for the service, what bank you write your checks on," pointed out Gregory Nojeim, a director at the Center for Democracy and Technology.
"What really concerns me is the data that will be retained will be used in investigations that are not the subject of the bill, which is protecting children from child pornography," Nojeim told TechNewsWorld.
Law enforcement already has the powers it needs to track criminals online, argued Richard Esguerra, a senior activist at the Electronic Frontier Foundation.
"With the correct permissions, law enforcement already has the ability to tell ISPs to track a subscriber suspected of a crime," Esguerra told TechNewsWorld. "This approach is more appropriate and allows law enforcement to focus on actual, useful data without forcing ISPs to manage mountains of data tied to Internet users' normal, legal Internet activities," he added.
The length of time that ISPs retain customer data varies.
"Some do retain this information and some don't, and it appears that the length of time that such information is stored -- if at all -- is as short as seven days," Esguerra said.
Maintaining IP addresses for 12 months or so may not be as effective as claimed, warned Darren Hayes, CIS Program chair at Pace University.
In fact, the law "will actually push more pedophiles to use a proxy service or go to a local library to mask their identity," Hayes told TechNewsWorld.
If law enforcement wants help with its investigations, Hayes wondered, why not access Google's databases?
"Google can provide a great deal more information on a suspect than any ISP can," Hayes pointed out. "It's not a privacy issue because Google is already collecting a huge array of information about individuals and their online activity."
ISPs Verizon and AT&T did not respond to requests to comment for this story. The office of Rep. Schultz, one of the co-sponsors of the bill, also did not respond to requests for comment.