The U.S. Department of Justice has told Google, Microsoft and other major Internet companies that it wants them to keep detailed records of where people go while surfing the Web for up to two years.
The proposal, which would require Congressional approval, could dramatically change how companies cooperate with law enforcement agencies investigating everything from terrorist networks to child pornography. Internet service providers such as Verizon, AT&T and Comcast, could also be forced to comply.
This is a radical departure from current practices.
Marc Rotenberg, executive director of the Electronic Privacy Information Center
Brian Roehrkasse, a Justice Department spokesman, said the government wants companies to keep data related to Web searches and e-mail exchanges -- but not actual content, such as e-mail messages or attachments.
The companies say they want to help law enforcement, but they are also concerned about providing secure Internet services and protecting the privacy of their users.
``Child pornography is disgusting and illegal,'' said Steve Langdon, a spokesman for Google. But he said any proposals related to users' data ``require careful review and must balance the legitimate interests of individual users, law enforcement agencies and Internet companies.''
Internet companies have a mixed record in protecting the personal information of their users.
Earlier this year, Google fought a Justice Department demand for data relating to Web searches. A federal judge ordered Google to hand over part of what the government originally requested, but not information about individual searches. Microsoft said it also resisted a similar demand and likewise won concessions from the Justice Department. But AOL and Yahoo reportedly complied with the government's request.
Eric Rabe, a spokesman for Verizon, said the telecom giant has a history of ``tenaciously guarding'' its users data, including fighting a battle with the music industry all the way to the Supreme Court over the identity of people who shared music online.
Current regulations require companies to preserve data that is the subject of specific criminal investigations for up to 180 days while law enforcement collects evidence that could support a warrant or subpoena.
``This is a radical departure from current practices,'' said Marc Rotenberg, executive director of the Electronic Privacy Information Center, who meet with justice department officials Thursday. ``We've opposed it because we think it creates an unnecessary risk to privacy and security of Internet users.''
Roehrkasse, the Justice Department spokesman, said the purpose of the meetings with the Internet companies and others is ``to solicit their input and seek their assistance in formulating proposals and recommendations on the issue of data retention.''
Roehrkasse said Gonzales had made clear that government employees would only have access to the information through ``appropriate legal processes,'' such as a subpoena. Investigators at the justice department in Washington or at any of the country's 94 U.S. attorney's offices would also be able to retrieve the stored information.
Behind the proposal is Gonzales's concern that the Internet is encouraging the sexual exploitation of children and that the failure of some Internet providers to save records may have hampered some investigations.
``Before the Internet, these pedophiles were isolated -- unwelcome even in most adult bookstores,'' Gonzales said during an April 20 speech before the National Center for Missing and Exploited Children. ``Through the Internet, they have found a community. Offenders can bond with each other, and the Internet acts as a tool for legitimizing and validating their behavior in their minds.''
Under the Patriot Act, which was extended in March over the objections of civil libertarians and privacy advocates, Internet services providers, or ISPs, have voluntarily helped the FBI track and arrest terrorists and criminals in the United States and abroad.
In one case, the FBI arrested an El Paso man who sent an e-mail threatening to destroy an El Paso mosque. In another, agents identified a 36-year-old Kansas woman who later confessed to murdering a 23-year-old Missouri woman and cutting out her unborn eight-month-old fetus.
``We are trying to understand what's not working,'' said Mark Uncapher, senior vice president of the Information Technology Association of America, whose members include AT&T, Verizon, AOL, Yahoo and Microsoft.
ISPs do not typically keep detailed records of each individual subscriber's online wanderings. Dave McClure, president of the US Internet Industry Association, said requiring companies to keep such data could end up costing billions of dollars.
McClure said the cost would likely be passed on to consumers, who would also face a greater risk of identity theft because more information that's not available now would be stored. In addition, the stored data would be a tempting target for people suing each other over civil matters, he said.
``The Department of Justice has yet to tell us what they want us to store,'' McClure said. ``If they decide they want us to store everything, there isn't a storage facility in the U.S. large enough to store that.''
Copyright © 2006 Knight Ridder