Balkinization: Data Retention in the National Surveillance State

Data Retention in the National Surveillance State

The Justice Department has asked Internet companies to keep records of what sites individuals visit on the web and what search terms individuals enter in order to aid law enforcement, the New York Times reports.

The department proposed that the records be retained for as long as two years. Most Internet companies discard such records after a few weeks or months.In its current proposal, the department appears to be trying to determine whether Internet companies will voluntarily agree to keep certain information or if it will need to seek legislation to require them to do so.

Data retention is a crucial element of surveillance. One of the most significant protectors of privacy is amnesia. Ordinarily, much of what we do is forgotten, even if it is done in public or is otherwise easily captured. But if the government or private parities keep records of what we do, they can not only recall it, but trace our behavior over time. Hence if government is really serious about surveillance, it is not surprising that they want as much data retention as possible. One key question is who will bear the cost-- although data retention is increasingly cheap, it is not costless, and the Justice Department's request will put some burden on Internet companies.

Although Attorney General Gonzales initially offered enforcement of child pornography laws as the reason for requiring data retention, it soon became clear that the Justice Department wants to use the records for terrorism and general law enforcement. This is inevitable, and it is one of the risks of systematic data retention. Once Internet companies save data and make it routinely available to government, it is very hard for government to restrain itself from using it for many different purposes, not just simply the worst offenses. It would be like putting a very large and delicious cake in front of a very hungry person and expecting them not to want to take a bite.

It is sometimes said that data collection by computers does not invade privacy as long as no human being is watching. But when data is collected and retained, the fact that no human being is watching is irrelevant. Human beings always have the ability to view the data later on, and, moreover, to collate it, discovering features of our lives that were not obvious from isolated elements. This makes data retention a powerful tool of law enforcement, but also a powerful danger to individual privacy.

Posted 9:00 AM by JB [link]