Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Hawaii legislators bid aloha to controversial data retention bill

Proposal would have required ISPs to store 'Net browsing data for two years

Lawmakers in Hawaii on Thursday quietly dropped a bill that would have required Internet service providers to collect the detailed browsing histories of Internet users in the state and store the data for at least two years.

The bill, HB 2288 , would have required anyone providing access to the Internet in Hawaii to maintain "consumer records" of every Internet user's subscriber information and data such as the IP addresses, domain names and host names of the sites they visit.

In theory at least, the bill would have covered not only ISPs but also libraries, coffee shops and employers, the Electronic Frontier Foundation noted in a blog post Thursday.

"This is one of the most poorly drafted pieces of data retention legislation we've ever seen," the EFF's activism director Rainey Reitman wrote in the blog.

If passed, HB 2288 would have infringed "on the privacy of hundreds of thousands of Hawaiian citizens as well as any tourists who used Internet services while visiting the Aloha State," Reitman said.

The bill was scheduled to be heard on Thursday before the Hawaii State Legislature's House Committee on Economic Revitalization & Business (ERB). It was instead tabled, in what appears to have been a response to overwhelming opposition to the bill from many quarters.

One of those opposing the bill was the U.S. Internet Service Provider Association, which earlier this week sent a letter to the committee's chairman. The bill was overbroad, raised a "myriad privacy concerns," and would be hugely expensive to comply with, wrote the ISP association's Executive Director Kate Dean.

"We do not have a cost estimate in dollars to propose to the Committee due to the sheer breadth of the legislation," Dean wrote. But the potential cost implications for ISPs would be substantial, she said.

In similar testimony, Steve DelBianco, executive director of the NetChoice Coalition, a group of privacy and consumer groups, said the bill raised serious privacy concerns.

"This bill would enable government to find out where a Hawaiian is located every time they check their email, go online with a smartphone , or pay to access the Internet in a hotel room or airport," DelBianco wrote. "Forcing companies to store this for government use opposes the goals of the 4th and 5th Amendments to the Constitution," which protect against unreasonable searches, DelBianco wrote.

Others who wrote in to oppose the measure included the Center for Democracy and Technology, Hawaiian Telecom, T-Mobile and the Hawaii State Privacy and Security Coalition.

"This Hawaiian bill is an incredibly odd piece of legislation that doesn't list penalties, outline when data could be shared, or even touch on secure handling procedures," the EFF's Reitman told Computerworld on Friday. "This is part of a growing movement we're seeing in countries across the globe to mandate Internet companies to spy on users and keep the records just in case it might be useful to law enforcement later," she said.

A national data retention proposal (HR 1981) is making its way through the U.S. House of Representatives, she said. "Governments and other stakeholders are attempting to force the Internet companies which allow us to connect and communicate online to become mechanisms for spying and censorship."

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is jvijayan@computerworld.com .

Read more about privacy in Computerworld's Privacy Topic Center.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: EFF, Electronic Frontier Foundation, NetChoice, Technology, T-Mobile, T-Mobile, Topic
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Electronic Frontier Foundation, government, Government/Industries, Gov't Legislation/Regulation, privacy, Regulation, security
Latest Blog Posts
Whitepapers
  • Consolidated Storage for Virtualised Server Environments
    This research brief is based on a recent Tech Target survey with more than 200 storage administrators and IT professionals in mid-sized and enterprise-class companies, and focuses on how these decision-makers view the storage-related challenges that result from server virtualisation. See the results.
    Learn more »
  • Unified Communications Strategy Guide
    Articles include: How to ensure a successful UC project; Five reasons to set up unified communications; Unified communications: Is your network ready?; How to get the most from unified communications. Read this Computerworld Strategy Guide.
    Learn more »
  • Providing effective endpoint management at the lowest total cost
    Endpoints, otherwise known as servers, workstations, laptops, mobile devices, and virtually any other network-connected device, are critical components that enable business to be transacted. Properly implemented, endpoint management ensures continuous compliance with IT policies, regardless of where the machines are located and what type of network they are connected to.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.