As you may be aware, Congress is considering a bill that would require internet service providers to retain data on their customer’s assigned IP addresses (as well as name, address, credit card number and a host of other data) for up to 12 months. Though the bill ostentatiously targets child pornographers, the legislation goes so far beyond that one legislator proposed an amendment to rename the bill “Keep Every American’s Digital Data for Submission to the Federal Government Without a Warrant Act.“
While this bill is horribly privacy invasive, for the obvious reasons, Congress has chosen to accept the familiar bugaboo of child protection as justification enough to impose this burden. It’s so especially odd given the number of privacy protective laws also being proposed in this Congress. However, such schizophrenic action by Congress or business is by no mean uncommon. In fact, I would have to say it’s par for the course. Not only is it par for the course for Congress, but most businesses use this approach as well. Collect more data and then ratchet up security in an attempt protect that data.
Of course, there is another approach. The one I’ve been advocating and that was recently picked up recently by none other than Forbes’ Kashmir Hill, is, of course, Privacy By Design.