Criminals can hide behind new Internet protocols, law agencies warn
It may solve a looming name shortage on the Internet, but Internet Protocol version 6 (IPv6) may also shield criminals from the law, United States and Canadian authorities warned.
The US Federal Bureau of Investigation and the Drug Enforcement Administration, and the Royal Canadian Mounted Police, said it may be harder to trace Internet addresses with the new wave of available names.
New laws may be necessary if industry does not address their concerns, tech site CNET quoted representatives of the three agencies as saying.
"We're looking at a problem that's about to occur. It occurs as service providers start to roll out V6," John Curran, president of the American Registry for Internet Numbers, which allocates blocks of IPv4 and IPv6 addresses in North America and the Caribbean.
CNET said the three agencies stressed to industry representatives the need for IPv6 traceability to identify people suspected of crimes.
It said the FBI even suggested that a new law may be necessary if the private sector does not do enough.
An FBI spokesman told CNET the Bureau is concerned about IPv6 because an issue may arise around the amount of registration information maintained by providers and the amount of historical logging that exists.
Presently, CNET said there are complete registries of what IPv4 addresses belong to an operator. If IPv6 is rolled out, that registry may or may not be sufficient for law enforcement to identify what device is accessing the Internet.
"This is not a question of willful rejection. ISPs are happy to do this. They're just lazy... It doesn't have a direct impact on them and their ability to get new address space because they don't need new address space," Curran said, referring to the service providers who are receiving huge blocks of IPv6 addresses.
During an investigation, police usually look up the originating IP address in the Whois database to trace the organization sending the problematic traffic.
But if the database is not kept up-to-date, including what Internet engineers call "subdelegations," it can mean repeated subpoenas or court orders, which could delay investigations.
"When law enforcement is looking at these records, we need to know who to serve our legal process to. When we're looking at this information, we need for it to be accurate... We need the speed because digital evidence evaporates so quickly. That's why it's so key to us," FBI supervisory special agent Bobby Flaim said at an ARIN meeting in April.
CNET said most Internet providers it contacted declined to comment publicly.
Some said they were still drafting IPv6 transition policies.
CNET said Arin estimates about a quarter or a third of Internet providers have automated systems to keep track of their address assignments.
The rest keep track of where their IP addresses are used through spreadsheets or in-house databases.
Flaim also warned last April that legislation could be introduced if the industry doesn't keep good IPv6 records.
"We're hoping through all of this you can come up with some self regulatory method in which you can do it. Because otherwise there will be other things that people are going to consider," he said.
RCMP Staff Sgt. Marc Moreau added they are "hoping that people in the community seize the opportunity to work and to have that self-regulation, because, if not, if all of the different governments then get involved, it could get uglier."
Another FBI priority is requiring Internet providers to keep records of what IP addresses their customers are assigned, or data retention. CNET said a House of Representatives committee approved those requirements last summer.
The FBI said investigations from kidnappings, the September 11 terrorist attacks, and the Mytob worm involved tracing previous-generation IPv4 addresses back to an Internet provider's customer.
Now, the FBI said it needs the same level of traceability for IPv6.
The FBI is redoubling its efforts to combat what it calls the "Going Dark" problem, meaning its surveillance capabilities may diminish as technology advances.
CNET noted the FBI had formed a Domestic Communications Assistance Center to keep abreast of technological changes that may otherwise imperil government surveillance.
But CNET said law enforcement's difficulty with IPv6 traceability has more to do with the problems of human bookkeeping than the underlying technology.
Yet, it said accurate IPv6 record-keeping is needed, not only to help law enforcement but to help combat abuse such as spam, distributed denial-of-service attacks, and for civil litigants. — TJD, GMA News
Talk of the web