=======================================================================
[2] Child Protection Bill Includes Privacy Loophole
=======================================================================
Congress has enacted legislation requiring Internet service providers
(ISPs) to report to law enforcement all suspected activities involving
child pornography. The "Child Protection and Sexual Predator
Punishment Act," which passed the House on October 12 and the Senate on
October 9, carves out a new exception to provisions of the Electronic
Communications Privacy Act (ECPA) protecting the confidentiality of
e-mail. While ECPA generally requires the government to obtain a
search warrant before obtaining the "contents" of a communication, the
new legislation appears to waive that requirement where the presence of
child pornography is suspected.
Under the "Child Protection Act," whenever an ISP "obtains knowledge of
facts or circumstances from which a violation of [child pornography
laws] is apparent," it must report such information to a law
enforcement agency. The law does not establish any standard of proof
that must be met, and creates substantial disincentives for
under-reporting; ISPs could be fined up to $50,000 for the first
failure to report suspicious activity, and up to $100,000 for each
subsequent failure to contact law enforcement authorities. While not
requiring ISPs to turn over detailed information on the activities of
subscribers, the legislation clearly permits such disclosures. It
provides, for example, that an ISP's report "may include additional
information or material developed by [the ISP], except that the Federal
Government may not require the production of such information or
material."
Subscribers will have little recourse if an overzealous ISP improperly
discloses confidential information; the bill provides that no ISP
"shall be held liable on account of any action taken in good faith to
comply" with the reporting requirement.
=======================================================================
Subscription Information
=======================================================================
The EPIC Alert is a free biweekly publication of the Electronic
Privacy Information Center. To subscribe or unsubscribe, send email
to epic-news@epic.org with the subject: "subscribe" (no quotes) or
"unsubscribe". A Web-based form is available at:
http://www.epic.org/alert/subscribe.html
Back issues are available at:
=======================================================================
Roger Clarke http://www.anu.edu.au/people/Roger.Clarke/
http://www.etc.com.au/Xamax/
Xamax Consultancy Pty Ltd, 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, and 6288 6916 mailto:Roger.Clarke@anu.edu.au
Visiting Fellow, Faculty of Engineering and Information Technology
The Australian National University Canberra ACT 0200 AUSTRALIA
Information Sciences Building Room 211 Tel: +61 2 6249 3666