[AusNOG] Data retention

[Ben McGinnes]

On 13/10/2015 12:30 pm, Paul Brooks wrote:
> On 13/10/2015 12:03 PM, Ben McGinnes wrote:
>>
>>   So instead I propose that those who have implemented their plan
>> state that they have and at least list whether communication is
>> being interpreted as each email or IM connection, or if it actually
>> means each packet. Since the government never actually specified
>> that publicly, just let politiicians with little clue and worse
>> sense talk about it. Anyway, that way we can make sure that those
>> with exemptions don't break their word, whilst still revealing what
>> everyone really needs to know over the next 18 months. Regards, Ben
>
> Email is interpreted as each email. not packet-by-packet. They have
> said this publicly several times. They don't care about protocols,
> they care about services.

So they are sticking with that, good.

> Its not each IM connection, unless you provide your own IM
> service. If you don't, and your customers are setting up IM
> connections and exchanging IM messages with servers you don't
> control/provide/collect-logs-for, then these are OTT and out of
> scope - you don't need to log it at all.

Even better, there has been an undercurrent of concern that DPI to try
to determine at least some data about IM or other chat services would
be monitored.  Though with enough repetiotious connections to
freenode.net (amongst others) servers, that could do a lot of damage
to the storage capacity.

> Don't make it any more complex than it needs to be!

I'm not, but even though I don't have networking customers to worry
about there, likewise I don't want to have to worry about the ssh and
git over ssh connections to playfair.gnupg.org.

> I'm not sure what you could possibly mean by "those with exemptions
> don't break their word" - an exemption isn't a promise to customers,
> its a stay-out-of-court card.

That was my point, if the details are discussed, the ISP loses the
exemption.  So, by all the non-exempt ISPs stating, "we are now
compliant" the inference reveals those who aren't and most likely have
a reprieve.  This at least some of the information the gov't doesn't
want released is anyway.  The thought was along the lines of an
inverted "canary in the mine" similar to some U.S. companies with
regards to national security letters and gag orders.

> Note also that data retention has never meant that this stuff isn't
> being retained anyway - its always been perfectly legal to
> voluntarily log and keep all this data, and hand it over on
> request.

It was also, to some extent, necessary (or preferable) to destroy it
too, usually when the month's billing run completed.  Not to mention
the frequent requirement to wait for a warrant, which would then
determine whether or not the circumstances were appropriate for the
access to the data.  Yeah, I know, they've said they'll still need a
warrant to look here too, but they've also kept the minimum penalty
for crimes to be investigated at the 2 years in prison level - which
is pretty much most of the crimes on the books.  Including the bugbear
mentioned earlier, copyright infringement (the corporate version, at
least) and graffiti.

> All this new legislation does is force everyone to do it, whether
> they want to or not. Just because someone has an exemption, doesn't
> mean they aren't doing some of it anyway.

True, but most companies do purge it because it builds up rapidly and
once they know how much to charge for their services there's rarely
any value in keeping it.


Regards,
Ben



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20151013/e6a3da95/attachment.sig>