TELECOM Digest OnLine - Sorted: Re: ISPs Must Begin Holding Data For two Years

Re: ISPs Must Begin Holding Data For two Years

Gordon Burditt (gordonb.syc4f@burditt.org)
Fri, 02 Jun 2006 19:34:20 -0000

Review Index Sorted By: [ date ][ thread ][ subject ][ author ]
Next message: hancock4@bbs.cpcn.com: "Re: ISPs Must Begin Holding Data For two Years"
Previous message: hancock4@bbs.cpcn.com: "Re: The Risk of Misplaced Myspace Hysteria"
May be in reply to: Jon Swartz & Kevin Johnson: "ISPs Must Begin Holding Data For two Years"
Next in thread: hancock4@bbs.cpcn.com: "Re: ISPs Must Begin Holding Data For two Years"
TELECOM Digest: Home Page

>> Top law enforcement officials have asked leading Internet companies to

> That is a key, it is a REQUEST, because the justice department doesn't
> want to go to congress for a law requiring it.

The reports posted are also very unclear on WHAT information they want
kept.

There are different kinds of info that have a lot different potential
for abuse. Info needed to track who was using what IP address at what
time (customer name, address, credit card info, and login records for
dialup lines) to track down who posted that horrible child porn is one
thing. Most ISPs need to keep this info (for a short time, anyway) so
they can turn off customers who cancel their accounts and possibly
bill for time used. It can be used to correlate victim server logs to
determine who launched that attack or posted the evil child porn. But
in order to use this info, it has to be matched against someone else's
logs (e.g. they have to get logs from Ebay on what IP and when
searched for "weapons of mass destruction") .

Tracking every web URL accessed and envelope info for every email sent
or received is far more abusable and is something that most ISPs not
using proxies don't keep and don't care about (unless the server
involved is one of theirs). It's also extremely invasive and abusable
and can reveal sensitive information (passwords, and all sorts of info
on one's taste in reading). It's great for fishing expeditions. They
can find out if ANY customers of this ISP, such as George Bush,
searched for "weapons of mass destruction" on any search engine
without going to the search engines.

The difference between the two is much like the difference between
"John Doe lived at 15 Maple Street, Anytown, State of Confusion
between June 1999 and May 2005", and a log of everyone who came and
left during that time and when.

So what kinds of info are they asking for?

Gordon L. Burditt

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: hancock4@bbs.cpcn.com: "Re: ISPs Must Begin Holding Data For two Years"
Go to Previous message: hancock4@bbs.cpcn.com: "Re: The Risk of Misplaced Myspace Hysteria"
May be in reply to: Jon Swartz & Kevin Johnson: "ISPs Must Begin Holding Data For two Years"

Next in thread: hancock4@bbs.cpcn.com: "Re: ISPs Must Begin Holding Data For two Years"

TELECOM Digest: Home Page

Post Followup Article	Use your browser's quoting feature to quote article into reply
Go to Next message: hancock4@bbs.cpcn.com: "Re: ISPs Must Begin Holding Data For two Years"
Go to Previous message: hancock4@bbs.cpcn.com: "Re: The Risk of Misplaced Myspace Hysteria"
May be in reply to: Jon Swartz & Kevin Johnson: "ISPs Must Begin Holding Data For two Years"
Next in thread: hancock4@bbs.cpcn.com: "Re: ISPs Must Begin Holding Data For two Years"
TELECOM Digest: Home Page