FBI wants records k...
 
Notifications
Clear all

FBI wants records kept of Web sites visited

8 Posts
6 Users
0 Reactions
615 Views
datacarver
(@datacarver)
Estimable Member
Joined: 18 years ago
Posts: 121
Topic starter  

http//news.cnet.com/8301-13578_3-10448060-38.html
^Read article here

I am so torn on this. I understand how helpful this would be on the fight on terror, CP, drug trafficking, etc. But I still think it is another example of our government trying to stick their noses in everything and with no respect for business and privacy. I know privacy is kind of a debate in itself when you deal with it on the technology side, because in our field we know that there is no such thing as private when you have backups, logs, and server administrators monitoring everything anyways. But in principle, you get my point.

I deal with eDiscovery a lot and I constantly see subpoenas requesting “everything under the sun”, which would require my clients to preserve/collect that information. This is obviously a costly process. Typically in these situations, I will work with the client to break down the subpoena with burden arguments and estimates so counsel can go back and argue the request down to something reasonable.

Essentially, I provide an argument showing that this request is ridiculous because it would require us…
to purchase this much additional storage space
cost this much to preserve this information
cost this much for additional backup tapes
this many hours
this much money
this many people to review it
this much to process it
etc, etc depending on the matter and request

There have been times were we would even lay down these burden arguments and the counsel we are working with has said to the other side…”if you want it, you pay for it”. I wonder what the government would say to that?

I think it is still unclear as to what information (URLs, IP addresses, text messages, email content, email headers, etc) they will eventually want, but I still find it unfair that the government is trying to enforce data retention rules on a commercial company. I like to tell my clients that you are in the business for “your business”; not litigation (and in this case, not catching criminals). An ISP should create reasonable retention rules for their own business needs, not in the retention framework the government decides. I am not saying the legal process should be hindered, I am fine with getting the information through the proper channels (subpoenas/wiretap order, etc). I simply do not agree with the government making a law to make the companies follow a mandatory legal retention requirement.

Data retention policies protect many companies from having to produce potentially harmful documents since the documents no longer existed (at the time they received the subpoena) and because they were purged pursuant to a policy and not willfully destroyed/spoliated. Implementing a retention policy that suits the government's needs and not he needs of the business will require companies to store this now discoverable information and could hurt companies in litigation.

If the government was so interested in this data retention, Al Gore should have turned on logging when he invented the Internet.


   
Quote
(@bithead)
Noble Member
Joined: 20 years ago
Posts: 1206
 

I think the practicality aspect is completely missing. Consider how a "mon-n-pop" ISP is going to handle retaining this data vs. a telco. With no real standard on how this is to be implemented, this will be a mess.

Who is going to sift through all the data? The government already has information overload trying to sift through all the "terrorist" voice traffic overseas. Adding this type of data will just make the haystack that much bigger.

The ACLU will take this up and the government will have a black eye yet again.

If the FBI, NSA, Homeland, whoever want to pursue the activities of an alleged criminal they can get a warrant, take their own syslog server and place it at the ISP to track the individual or group that is the subject of the investigation. Then they can create a manageable amount of data and sift through that.

I just cannot fathom the rationality that goes behind these kind of announcements. Unfortunately they never ask those of us that do the work how much data we already have to sift through. This could make the mountain monumental.


   
ReplyQuote
jaclaz
(@jaclaz)
Illustrious Member
Joined: 18 years ago
Posts: 5133
 

At first sight it seems to me stupidity at it's highest levels.

The amount of data stored would be impressive. 😯

And we all know that whenever huge amounts of data are involved retrieveing it is not so easy, it is prone to errors and what not.

Besides the enormous amount of money needed, it seems to me also a bit like wasted money.

I mean, simplifying it, if I were a terrorist, and I don't think that apart from political beliefs they are complete morons, I would find a way to post a file somewhere and delete it soon after the recipient has downloaded it.

An IP access and traffic record would say that user x has downloaded from site y a file named "drawing.zip".

Since the file is not accessible online at any time after the original very short span of time, to have any usefulness, there should be also a cache of the downloaded file, which would mean for the ISP saving several times a conspicuous portion of the internet, with such an amount of duplicated files/data that a centralized 24/7 imaging of the whole internet seems better. roll

But isn't there already Echelon?

jaclaz


   
ReplyQuote
keydet89
(@keydet89)
Famed Member
Joined: 21 years ago
Posts: 3568
 

I'm going to throw this out there…

Perhaps the reason that the FBI is pushing for this is to make up for deficiencies and backlog on their own part in actually analyzing the data that they do have.

I'm not saying that this is the case…I'm simply saying that maybe we should look at it from a different angle.

Further, let me say that there are a LOT of really smart people at all levels of LE…however, much like the military, LE is LE first, forensic nerds second, or perhaps not at all. I'm aware that many federal LEOs go off to training, and before returning to their units and practicing what they learned, they get pulled off to do LE stuff.

If the real issue behind what the FBI appears to be pushing is backlogs, etc., then I don't think that this approach is going to solve any problems…in fact, it's going to create a whole new set of problems and animosity toward LE.

There's another solution here, one that doesn't negatively impact the ISPs…


   
ReplyQuote
(@kovar)
Prominent Member
Joined: 18 years ago
Posts: 805
 

Greetings,

Yea, but if it is the one I am thinking about, there's little to no fertile ground in the US for it…. Outsourcing or contracting with the private sector?

-David


   
ReplyQuote
keydet89
(@keydet89)
Famed Member
Joined: 21 years ago
Posts: 3568
 

David,

There's plenty of fertile ground…it's simply a matter of getting over the hump, as it were, and developing trust.

A buddy of mine does work for his local LE, pro bono. I would do the same in my area…I just don't know who to talk to or approach…most of my talks to LE occur in other cities.

Many commercial companies can't support LE due to business models and billable hourly rates…but some companies that aren't tied that closely to numbers such at those in their business models can do that.

The team I work with has done paid work for LE…in instances involving contraband, we have the acquired images sent to local LE, and we request information from a detective, who ensures that no contraband is in the data we're being given.

At higher levels, say state and federal, LE is often called in for data breaches, and may be on-site along with a QIRA team. In those cases, the QIRA team has very tight/stringent requirements and deadlines to meet for PCI, and often can't focus on providing LE with what they need…intel. However, someone that's NOT QIRA can assist and look at the data for LE and provide them with what they need.

I hesitate to use terms like "outsourcing" and "contracting" because at this point, I don't see that happening. It starts with relationships.


   
ReplyQuote
(@forensicakb)
Reputable Member
Joined: 16 years ago
Posts: 316
 

I disagree that the government will have a black eye again. The patriot act was heavily opposed. Just saying…..

I think the practicality aspect is completely missing. Consider how a "mon-n-pop" ISP is going to handle retaining this data vs. a telco. With no real standard on how this is to be implemented, this will be a mess.

Who is going to sift through all the data? The government already has information overload trying to sift through all the "terrorist" voice traffic overseas. Adding this type of data will just make the haystack that much bigger.

The ACLU will take this up and the government will have a black eye yet again.

If the FBI, NSA, Homeland, whoever want to pursue the activities of an alleged criminal they can get a warrant, take their own syslog server and place it at the ISP to track the individual or group that is the subject of the investigation. Then they can create a manageable amount of data and sift through that.

I just cannot fathom the rationality that goes behind these kind of announcements. Unfortunately they never ask those of us that do the work how much data we already have to sift through. This could make the mountain monumental.


   
ReplyQuote
(@kovar)
Prominent Member
Joined: 18 years ago
Posts: 805
 

Harlan,

I'm slowly building up relationships out here in the midwest. It certainly does take time, and for good reason. I had 15 years of trust built up in California, including going through POST Level III and PC 832 and had to move away from that and start over again.

Thankfully, our company is flexible and pretty open minded. Pro bono work is a viable option. I just need to find the right person to approach to explore it.

-David


   
ReplyQuote
Share: