Consumer Federation of California

After stalling two measures in Congress that would have made it easier for law enforcement to go after alleged copyright scofflaws, digital rights activists might now be turning their attention to a lesser-noticed bill aimed at requiring Internet companies to store identifying information about their customers.

Republican U.S. Rep. Lamar Smith of Texas, chairman of the House Judiciary Committee, met withering resistance last month to his proposed Stop Online Piracy Act. Internet heavyweights such as Wikipedia and Google blacked out their sites or used their iconic logos to protest the bill and its companion in the Senate, the PROTECT IP Act.

The deluge of protests led Smith to put his bill on hold, and Senate Majority Leader Harry Reid, D-Nev., said he would do the same with the PROTECT IP Act on the other side of the hall.

Backers of the two bills ‘ which would arm the Justice Department with more power to demand the removal of links to sites where suspected copyrighted content is located ‘ argue that the laws are necessary for protecting intellectual property and stopping the tide of counterfeit consumer products.

But opponents viewed it as Washington policymakers doing the bidding of entertainment conglomerates in Hollywood and their lobbyists. Online protesters argued that the bills threatened free speech by raising the possibility that large volumes of content on the web could be blacklisted or removed if it happened to come into contact with material alleged to be pirated.

If passed a decade ago, YouTube might not even exist today, argues the Electronic Frontier Foundation.

While the bills might be tabled for now, Smith still has his sights set on the Internet. Last year, he proposed H.R. 1981, ostensibly to protect children from online pornographers. It would require service providers to keep records for at least one year of Internet Protocol, or IP, addresses that can be used to uniquely identify a computer and, by extension, its user.

Police already can request individually that a user’s information be preserved for investigative purposes. But that ability means nothing if investigators can’t get to Internet companies before potential evidence of a crime is lost, say backers of Smith’s bill. The Internet has made it too simple for criminals to anonymously transmit images of sexual abuse involving even toddlers.

‘The bill does not require the retention of any email or telephone content,’ stated a November report from the House Judiciary Committee, led by Smith. ‘It only requires providers to retain a log of the IP addresses they assign to their customers and the information necessary to link that information to a specific customer.’

The Electronic Frontier Foundation and others counter that attempts to mandate data retention, as it’s known, are shot through with shortsightedness. They say such sensitive private information could be leaked accidentally by companies, IP addresses are not always reliable enough to identify perpetrators, and web users could be ‘chilled’ into dodging sites that contain unpopular political opinions or discuss potentially embarrassing medical conditions.  

Rainey Reitman, activism director for the foundation, said that while the bill is called the Protecting Children From Internet Pornographers Act, the government could use it for much more, such as immigration and IRS investigations, something the bill’s sponsors readily acknowledge.

‘It treats everyone like major criminals, and it’s not actually targeted at child pornography,’ Reitman said. ‘It has a totally misleading title.’

U.S. Rep. Zoe Lofgren, a Democrat from San Jose whose district includes Silicon Valley, has emerged as a vocal critic of Smith’s Internet initiatives. She even sought to change the data-retention proposal’s name to ‘reflect what the bill actually does:" Keep Every American’s Digital Data for Submission to the Federal Government Without a Warrant Act. It failed in committee.  

Last month, lawmakers in Hawaii considered a state law [PDF] that would have gone further, requiring Internet service providers to vacuum up and store browser histories and IP addresses for two years, affecting not just people who live in the Aloha State, but also tourists who happen to visit.

It was met with an immediate chorus of protests, and by Jan. 26, CNET’S Declan McCullagh was reporting that the bill’s supporters had begun to back away. The outcry wasn’t just from individual privacy activists. Lobby groups like NetChoice, whose members include Facebook and eBay, and the U.S. Internet Service Provider Association argued that the plan would be enormously expensive to comply with and threatened the Constitution.

While debate continues among policymakers, officials elsewhere in Washington haven’t shied away from pursuing suspected copyright infringers. Just days before Sunday’s Super Bowl in Indianapolis, the Department of Homeland Security announced that it had taken down more than 300 websites, accusing them of illegally streaming sportscasts and selling counterfeit memorabilia.

In one of its largest criminal copyright actions to date, the Justice Department in January announced charges against Megaupload.com, its founder and several other people claiming massive intellectual property violations. It accused the company of enabling the online exchange of copyright-protected television shows, e-books, music and movies. Authorities claim that they have seized $50 million in assets as part of the probe and that the company generated more than $175 million in criminal proceeds for itself.