[AusNOG] Data Retention - are you kidding me??

[Mark Andrews]

In message <CAO42Z2yZx7n9mZuRJ4SuwYi9+xY66YRyvgsKjx8M0OtJ_5ybQw at mail.gmail.com>
, Mark Smith writes:
> On 22 Nov. 2016 3:27 pm, "David Beveridge" <dave at bevhost.com> wrote:
> >
> >
> https://www.ag.gov.au/NationalSecurity/DataRetention/Documents/Dataset.pdf
> >
> > 2. The source of a communication
> > Identifiers of a related account, service or device from which a
> > communication has been sent or attempted to be sent by means of the
> > relevant service.
> >
> > Identifiers for the source of a communication may include, but are not
> > limited to:
> > • the phone number, IMSI, IMEI from which a call or SMS was made
> > • identifying details (such as username, address, number) of the
> > account,
> > service or device from which a text, voice, or multi-media communication
> > was made (examples include email, Voice over IP (VoIP), instant message
> > Topic Description of information Explanation or video communication)
> > • the IP address and port number allocated to the subscriber or device
> > connected to the internet at the time of the communication,
>
> This is badly written, because in the case of CGN, a range of port numbers
> are allocated to the subscriber or device, and in the case of IPv6, port
> numbers are not allocated at all. The IPv6 host is in charge of those not
> the ISP.

I think a Judge would say you allocated them the entire port range
as you allocated them the address(es) and everything that comes
with it(them).

> Now imagine the text used to look like this:
>
> • "the phone number and port number allocated to the subscriber or device
> connected to the telephone network at the time of the communication"
>
> If you didn't understand the significant architectural differences between
> the Internet and the POTS, then search and replace for what you think are
> equivalent POTS and Internet terms is logical and could be expected.
>
> >or
> > • any other service or device identifier known to the provider that
> > uniquely identifies the source of the communication. In all instances, the
> > identifiers retained to identify the source of the communication are the
> > ones relevant to, or used in, the operation of the particular service in
> > question.
> >
> > On Tue, Nov 22, 2016 at 2:14 PM, Paul Brooks
> <paul.brooks at tridentsc.com.au>
> wrote:
> >>
> >> On 22/11/2016 2:52 PM, David Beveridge wrote:
> >>>
> >>> Pretty sure you're also meant to be keeping the source and destination
> tcp ports as well which weren't there.
> >>>
> >>> dave
> >>
> >>
> >> Why?  why would you need to?
> >>
> >>
> >>>
> >>> On Tue, Nov 22, 2016 at 1:49 PM, <russell at central-data.net> wrote:
> >>>>
> >>>> Yes you are correct you should not be keeping record of the Subject
> line and i should have made it clear to strip it out when transporting the
> logs. Thanks for catching it though and ensuring people are clear on it
> >>>> Most systems will have the subject line in their standard logs and
> can
> simply be stripped out later \ not collected at all when sending over to
> data retention.
> >>>>
> >>>> Its a pretty fine line to collect all of the "relevant" data while
> not
> infringing on the privacy laws
> >>>>
> >>>>
> >>>> Kind Regards,
> >>>>
> >>>> Russell Brooks
> >>>>
> >>>>
> >>>> Central Data Systems Pty Ltd
> >>>> 88 Havelock Street, West Perth, WA 6005
> >>>> Phone: 08 9481 4010
> >>>>
> >>>> www.central-data.net
> >>>>
> >>>> -----
> >>
> >>
> >>
> >> Paul
> >>
> >
> >
> > _______________________________________________
> > AusNOG mailing list
> > AusNOG at lists.ausnog.net
> > http://lists.ausnog.net/mailman/listinfo/ausnog
> >
>

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org