Greetings. This very recent letter from the House of Representatives demanding that universities "testify" as to their students' use of file sharing (including port numbers, ability to run inbound servers, and other details, no less) demonstrates a profound lack of understanding regarding how the "abuses of concern" could easily migrate to underground, off-campus networks.
But one paragraph in the survey particularly caught my attention:
II.9: Does your institution retain records that enable the identification of specific users of computer and network resources who may be the subject of a notice of infringement from a copyright holder? For how long are these "user logs" maintained? What factors were considered in making the decision to retain such "user logs" and in determining how long to retain such records? Is the lack of such records or a limited retention time a practical impediment to the effective identification of violators of your institution's acceptable use policies?
Ah! There it is -- the handwriting on the wall for yet another "mandated data retention" argument sees the brighter light of day in a public context. First we were told that Internet usage data retention was to fight terrorism. When that argument didn't fly so well, the current popular line -- fighting child abuse -- became the data retention talking point de rigeur. Now we see the next phase brought even further out in the open -- data retention for DMCA enforcement.
There's no need for complex analysis to understand all this. It's abundantly clear that government dreams of the day that they can have unfettered access to the complete Internet usage records (and often content) of everyone on the Net. They view Internet records as a law enforcement and policy enforcement boon of a sort that Stalin and his ilk could never have imagined. Broad data retention advocates will keep dragging out argument after argument, and any persons who fight such concepts will be branded as being soft on crime and as opponents of the American way.
Government has been relying so far mostly on the Internet usage records that are being kept voluntarily by Internet services for their own corporate purposes -- that's created a bad situation in and of itself. But now the moves toward legislation are becoming a drumbeat. In the process, the concepts of privacy and free speech are being pounded into oblivion, and the necessary balance between laudable law enforcement and basic freedoms risks being thrown utterly out of balance.
You can bet that even as universities are the target today, conventional ISPs and their users in general will be in the crosshairs tomorrow.