Article Lead Image

Why Reddit’s upset about new child-porn bill

Lamar Smith, the social news site's favorite Congressional bogeyman, is at it again.

 

Kevin Morris

Tech

Posted on Feb 2, 2012   Updated on Jun 2, 2021, 9:56 pm CDT

If the Reddit community gets its way, the world’s major porn sites will go black on Feb. 20.

With this smut blackout, users of the social news site aim to protest legislation that redditors say will give the federal government unheard-of power to track Internet activity.

Two front-page posts to the r/politics section yesterday and today inflamed redditors’ outrage. Yet the effort may be much ado about nothing. A deeper look at the legislation shows that it only obliquely amends current laws regulating how Internet service providers track customer data.

Redditors’ anger is motivated  by legitimate civil-liberty and privacy concerns. The bill in question, the Protecting Children From Internet Pornographers Act of 2011 (PCIP), is ostensibly concerned about improving law-enforcement tools for tracking down child pornographers online.

The bill’s sponsor is Lamar Smith, Reddit’s favorite Internet bogeyman.

He’s the congressman from Texas who authored the Stop Online Piracy Act (SOPA), a piece of legislation so reviled on Reddit that the entire site shut down for a day last month to protest it. That blackout helped throttle SOPA, so it’s no surprise redditors are asking porn sites to emulate their protest to combat the PCIP.

Combine Smith’s name and a sensational article that hit Reddit’s front page yesterday, and it’s no wonder redditors are so worried about this bill. To quote the article:

The Protecting Children from Internet Pornographers Act of 2011 would require Internet providers to retain archives of every subscriber’s online activity for up to 18 months, including phone records, credit-card numbers, websites visited, and bank-account data.

For civil libertarians, that sounds horrifying. But hold on a second. What does the bill really say about what consumer data ISPs need to retain?

The only section of the bill related to online privacy amends an already existing piece of legislation: Title 18 of the United States Code.

According to Section 2703 of that code, an ISP must turn over the following information about their customers if issued a subpoena by law enforcement:

name;
address;
local and long distance telephone connection records, or records of session times and durations;
length of service (including start date) and types of service utilized;
telephone or instrument number or other subscriber number or identity, including any temporarily assigned network address;
means and source of payment for such service (including any credit card or bank account number)

It’s not like ISPs need the government to tell them to keep track of your credit card information, address, and phone number. Most of the time, you give that information voluntarily when you sign up for the service. This legislation just says that if the government comes with a warrant, they can ask an ISP to cough it all up.

The PCIP amendment would change only thing: It would require ISPs to keep hold of temporary IP addresses for a year. Here is the paragraph in question from the bill itself:

A commercial provider of an electronic communication service shall retain for a period of at least one year a log of the temporarily assigned network addresses the provider assigns to a subscriber to or customer of such service that enables the identification of the corresponding customer or subscriber information under subsection (c)(2) of this section.

So what does that mean?

An IP address is your unique identifier online. Usually, an ISP gives you a new one each time you connect. That means your address can change on any given day. That gives law enforcement a bit of a headache if, say, they want to track someone down for participation in a child porn ring, and they only have that person’s IP address.

Under this law, ISPs would be required to store those records—who did what, at what time, with which IP address. But the fact of the matter is, most ISPs already keep track of this. Time Warner cable, for instance, already holds on to temporary IP address records for six months. AT&T does, too, and says as much in its privacy policy.

To put it simply: PCIP basically requires ISPs to do things they’re probably doing already.

So is Reddit’s outrage overdone? In a sense, yes. The bill is clearly misunderstood. But it does add a small change to existing data-retention laws, and small changes add up.

As the Cato Institute’s Julian Sanchez has argued:

“Much of the growth of the surveillance state over the last decade has slid under the radar precisely because it’s been done piecemeal.”

So redditors, you should be angry: The erosion of your privacy online happened piece by piece. But it happened years ago.

Share this article
*First Published: Feb 2, 2012, 5:12 pm CST