FBI Wants Internet Providers to Keep Logs of Which Web Sites Its Customers Visit; Google Camera Helps Nab Alleged Tree Killers; Wi-Fi-Based Real-Time Locating System
FBI Wants Internet Providers to Keep Logs of Which Web Sites Its Customers Visit
February 5, 2010CNet - The FBI is pressing Internet service providers to record which Web sites customers visit and retain those logs for two years, a requirement that law enforcement believes could help it in investigations of child pornography and other serious crimes.
FBI Director Robert Mueller supports storing Internet users' "origin and destination information," a bureau attorney said at a federal task force meeting on Thursday.
As far back as a 2006 speech, Mueller had called for data retention on the part of Internet providers, and emphasized the point two years later when explicitly asking Congress to enact a law making it mandatory. But it had not been clear before that the FBI was asking companies to begin to keep logs of what Web sites are visited, which few if any currently do.
The FBI is not alone in renewing its push for data retention. As CNET reported earlier this week, a survey of state computer crime investigators found them to be nearly unanimous in supporting the idea. Matt Dunn, an Immigration and Customs Enforcement agent in the Department of Homeland Security, also expressed support for the idea during the task force meeting.
Greg Motta, the chief of the FBI's digital evidence section, said that the bureau was trying to preserve its existing ability to conduct criminal investigations. Federal regulations in place since at least 1986 require phone companies that offer toll service to "retain for a period of 18 months" records including "the name, address, and telephone number of the caller, telephone number called, date, time and length of the call."
At Thursday's meeting (PDF) of the Online Safety and Technology Working Group, which was created by Congress and organized by the U.S. Department of Commerce, Motta stressed that the bureau was not asking that content data, such as the text of e-mail messages, be retained.
"The question at least for the bureau has been about non-content transactional data to be preserved: transmission records, non-content records...addressing, routing, signaling of the communication," Motta said. Director Mueller recognizes, he added "there's going to be a balance of what industry can bear...He recommends origin and destination information for non-content data."Motta pointed to a 2006 resolution from the International Association of Chiefs of Police, which called for the "retention of customer subscriber information, and source and destination information for a minimum specified reasonable period of time so that it will be available to the law enforcement community."
Recording what Web sites are visited, though, is likely to draw both practical and privacy objections.
"We're not set up to keep URL information anywhere in the network," said Drew Arena, Verizon's vice president and associate general counsel for law enforcement compliance.Another industry representative with knowledge of how Internet service providers work was unaware of any company keeping logs of what Web sites its customers visit.
And, Arena added, "if you were do to deep packet inspection to see all the URLs, you would arguably violate the Wiretap Act."
If logs of Web sites visited began to be kept, they would be available only to local, state, and federal police with legal authorization such as a subpoena or search warrant.
What remains unclear are the details of what the FBI is proposing. The possibilities include requiring an Internet provider to log the Internet protocol (IP) address of a Web site visited, or the domain name such as cnet.com, a host name such as news.cnet.com, or the actual URL such as http://reviews.cnet.com/Music/2001-6450_7-0.html.
While the first three categories could be logged without doing deep packet inspection, the fourth category would require it. That could run up against opposition in Congress, which lambasted the concept in a series of hearings in 2008, causing the demise of a company, NebuAd, which pioneered it inside the United States.
The technical challenges also may be formidable. John Seiver, an attorney at Davis Wright Tremaine who represents cable providers, said one of his clients had experience with a law enforcement request that required the logging of outbound URLs.
"Eighteen million hits an hour would have to have been logged," a staggering amount of data to sort through, Seiver said. The purpose of the FBI's request was to identify visitors to two URLs, "to try to find out...who's going to them."A Justice Department representative said the department does not have an official position on data retention.
Wi-Fi-Based Real-Time Locating System Introduces Money-Back Guarantee
First-time purchasers of the company's Wi-Fi-based real-time locating system can try it for 30 days, then, if not pleased with the results, get the installation fixed to their satisfaction for free, or receive a full refund.February 5, 2010
RFID Journal - Businesses that still have doubts regarding whether real-time locating systems (RTLS) designed to manage assets or individuals would work in their facility now have a risk-free option to purchase a system without any guarantees, or to launch a limited pilot to test the technology on a small scale.
Ekahau, a provider of Wi-i-based RTLS technology, is bringing a 30-day refundable option to market, offering a provision that, if the system fails to meet a user's needs, the company will correct the problem at no cost—or remove the system and refund the customer's money.
... In a large business such as a hospital, Rutanen says, pilots that are run in small sections of one building, such as on a particular floor or several floors, do not offer a clear indication of just how the system would work across the entire building or campus. In addition, he adds, "pilots do have expenses; they take time, money and effort."
Ekahau can afford to make such an offer due to the nature of the technology it provides. The system requires very little infrastructure, the company reports, since it leverages existing Wi-Fi access points.
... If a site's existing Wi-Fi system turns out to be inadequate, Ekahau or the hospital would install additional Wi-Fi access points, but in approximately 95 percent of the cases, Rutanen says, the existing coverage is sufficient. Once the customer purchases and installs the necessary battery-powered Wi-Fi RFID tags and software (as well as additional access points, if necessary), it has 30 days to determine if the RTLS provides the performance its business requires. If not, Ekahau will fix the problem at no cost, or remove the system components and refund the end user for those components, as well as for the site survey and any installation costs the client may have been charged.
The company has already provided the system to several customers that opted for the Zero-Risk System Guarantee, and expects the guarantee will lead to additional orders for its RTLS technology, from companies in the health-care, manufacturing, logistics and hospitality industries.
Health care has seen the greatest growth in RTLS usage, Rutanen notes, so he expects to see the most activity in that industry.
RTLS technology is currently the highest growth segment in RFID, says Michael Liard, ABI Research's practice director for RFID, with a compounded annual growth rate of 28 percent forecasted for the period from 2009 to 2014, according to a study conducted by the research firm. Not all RTLS customers have applications that would be well suited for a Wi-Fi-based RTLS, however—for example, a business that requires high granularity (the ability to pinpoint a tag's location within a room, for instance) might not be happy with a Wi-Fi-based solution.
Still, Liard says, those inclined to use Wi-Fi RTLS RFID tags might be encouraged to employ a system provided by a vendor that has enough faith in the product to provide a guarantee. While 30 days may not be long enough to determine a return on investment, he notes, it could offer customers an opportunity to ensure that the technology works.
"I think it's great whenever a vendor backs up its technology—that's good news for the vendor and the customer," Liard states.If an offer like this leads to a significant increase in Ekahau's business, he adds, other vendors may feel the pressure to make a similar offer as well.
Google Camera Helps Nab Alleged Tree Killers
February 1, 2010Wired - Forget about all of those ubiquitous police surveillance cameras in your city: the new sheriff in town is that shifty Google Maps camera wheeling through your neighborhood.
Recently, a property owner in Canada was charged with illegal removal of trees after a Google camera helped capture the evidence, according to CanWest News Service.
Last May in Vancouver, Margaret Burnyeat allegedly hired a company to remove 23 cedar, cypress and evergreen trees from two adjacent lots she owned. Neighbors alerted the police, who found some stumps that hadn’t yet been removed.
Luckily for the city, one of Google’s Street View cameras — strapped to cars and driven through neighborhoods to photograph high-resolution, 360-degree images that are then linked to Google’s online mapping tool — caught some of the culprits in action.
The Google camera just happened to be passing through the neighborhood when the axing occurred and caught a truck on the site, as well as workmen and a row of fresh tree stumps.
Authorities say they’re uncertain whether they’ll use the Google image in their prosecution.
“Our city’s legal department is aware of that. How they will use that as evidence, I’m not clear. But it is an interesting new dimension, perhaps, of legal evidence,” a city spokeswoman told the news service.The property was later listed for sale in September for $1,648,000, with a notation that there were “no big trees” on the lots. Burnyeat, her daughter and the tree cutter they hired have all been charged with violating the city’s tree law. The law requires a permit to remove any tree above a certain size. Burnyeat had obtained a permit to remove only two of the 23 trees. The fine for illegal removal ranges between $500 and $20,000 per tree.
Ironically, Canadian authorities have been some of the most resistant to the presence of Google’s controversial cameras in streets. The company launched its Street View service in parts of the U.S. and Canada in 2007 and have since expanded to 12 other countries.
But after the Canadian privacy commissioner and others raised questions about whether the roaming cameras were legal, because Google collected identifiable images of people without their consent, the company implemented an automated feature that blurs faces and license plates. The company will also consider removing some images from its service upon request from the public or governments.
Google Street Pics May Violate Canadian Privacy Law
EFF Privacy Advocate Sighted in Google Street View
Request for Urban Street Sightings
Want Off Street View? Google Wants Your ID and a Sworn Statement
Google Asks NSA to Help Secure Its Network
NSA and Google Form Alliance
Google to enlist NSA to help it ward off cyberattacks
Google Develops People Tracking Software
Google expands tracking to logged out users
Google CEO Eric Schmidt said Google’s mission is to store all the world’s information
New Computer Operating System Stores All Data On Google Servers
Google: Keep User Data Safe by Letting Us Hoard It Forever
Google to offer ‘ultra high-speed’ broadband in US
No comments:
Post a Comment