The House Judiciary Subcommittee on Crime, Terrorism and Security held a 12 July 2011 hearing on H.R. 1981, a federal Bill that would require Internet Service Providers (ISPs) to retain customers' IP addresses for at least 18 months, in the event that law enforcers require them during 'child pornography and other internet investigations'.
''To combat online child pornography, H.R. 1981 would modify the Electronic Communications Privacy Act (ECPA) to require ISPs to retain for at least 18 months the IP addresses they assign to their customers'', Madeleine Findley, Associate at Wiltshire & Grannis LLP, told DataGuidance. ''ISPs' data retention periods currently vary and are generally much shorter than 18 months. The data retention requirements would represent a significant and costly burden on ISPs.'
© 2013 Cecile Park Publishing Ltd. All rights reserved
Currently, US law stipulates that ISPs are only required to preserve these records for 90 days upon the issuance of a warrant by law enforcement agencies. Lamar Smith (R-TX), the sponsor of the Bill, noted that it often takes more than 90 days for investigators to properly identify a suspect and obtain a warrant. The Federal Bureau of Investigation, the National Sheriffs' Association, and the National Centre for Missing and Exploited Children have all indicated that they are in favour of mandatory data retention period.
The data retention provision in the Bill is applicable 'unless that address is transmitted by radio communication (as defined in section 3 of the Communications act of 1934)'. ''[This means] the Bill applies only to ISPs, not to wireless broadband or WiFi network providers'', said Findley.
Smith acknowledged the discrepancy during the hearing, saying that ''[we hope to] figure out a way so that we do not exempt wireless providers''.