A U.S. House of Representatives committee has voted to approve legislation that would require Internet service providers to retain customer IP data for 12 months in the name of combating child pornography.
The Protecting Children From Internet Pornographers Act would require ISPs to retain all customer IP addresses so that law enforcement agents can use the information to investigate online child pornography. Law enforcement agents would gain access to the IP information with subpoenas they issue, not court-ordered warrants.
The House Judiciary Committee voted 19-10 Thursday to approve the bill over the privacy concerns of several committee members. Most Republicans voted for the bill, and most Democrats voted against it.
The bill is "an outrageous expansion of the power of the federal government," said Representative Zoe Lofgren, a California Democrat.
Several Democrats raised concerns that federal law enforcement agents would use the IP data for investigating a wide range of crimes, not just child pornography. Critics also suggested that the data rules would open up the customer data to subpoenas in civil lawsuits and would be a costly burden to small ISPs.
Lofgren offered several amendments focused on softening the data collection requirements in the bill, which now heads to the full House for a vote. A Lofgren amendment to strike the data retention requirements failed by a 15-8 vote.
Also failing was an amendment by Representative Bobby Scott, a Virginia Democrat, to allocate US$45 million a year to pay for more than 200 additional federal investigators and prosecutors dedicated to child pornography cases. Representative Lamar Smith, a Texas Republican and bill sponsor, argued that Scott's amendment didn't address how the government would pay for the extra investigators.
One Lofgren amendment would have renamed the bill the Keep Every Americans' Digital Data for Submission to the Federal Government Without a Warrant Act. The bill uses child pornography as a "stalking horse for this massive expansion of federal powers" long requested by the U.S. Federal Bureau of Investigation to fight a variety of crimes, she said.
The amendment failed, with Smith arguing the amendment "trivializes" the fight against child pornography.
Smith's original bill would have required ISPs to retain IP addresses for 18 months, but an amendment he offered cut the time to 12 months.
Supporters of the bill argued that law enforcement agents need new tools to fight child pornography online.
"Some Internet service providers currently retain these [IP] addresses for business purposes," Smith said. "But the period of retention varies widely among providers, from a few days to a few months. The lack of uniform data retention impedes the investigation of Internet crimes."
The number of child pornography cases in the U.S. has grown by 150 percent a year over the past decade, Smith said.
"The child pornography industry has exploded," Ernie Allen, the president and CEO of the National Center for Missing and Exploited Children, said during a hearing earlier this month. "New technologies such as smartphones, digital cameras and webcams have made it easier for offenders to produce, access and trade images. More robust storage devices enable offenders to collect unprecedented volumes of images."
In addition to the data retention rules, the bill would make it a crime to facilitate financial transactions for child pornography, with a maximum sentence of 20 years in prison. The bill would give the U.S. Marshals Service new subpoena power in sex offender cases and increase prison sentences for some child pornography offenses.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.