<html><body><div style="color:#000; background-color:#fff; font-family:Helvetica Neue-Light, Helvetica Neue Light, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif;font-size:16px"><div id="yui_3_16_0_1_1426643986145_64775" dir="ltr"><span id="yui_3_16_0_1_1426643986145_64782">You forgot a step. 2, verify the requester has the right to ask for what they're asking for, to catch both errors and overreach.</span></div><div id="yui_3_16_0_1_1426643986145_64775" dir="ltr"><span><br></span></div><div id="yui_3_16_0_1_1426643986145_64775" dir="ltr"><span>In fact, as you're unlikely to be a lawyer, it'd other be best to pass all the requests through a lawyer, or get a lawyer to define a strict set of common request definitions and who can ask for them, and then punt every non-matching request to your lawyer.</span></div><div id="yui_3_16_0_1_1426643986145_64775" dir="ltr"><span><br></span></div><div id="yui_3_16_0_1_1426643986145_64775" dir="ltr"><br></div><br>  <div style="font-family: Helvetica Neue-Light, Helvetica Neue Light, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif; font-size: 16px;" id="yui_3_16_0_1_1426643986145_64778"> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif; font-size: 16px;" id="yui_3_16_0_1_1426643986145_64777"> <div dir="ltr" id="yui_3_16_0_1_1426643986145_64776"> <hr size="1" id="yui_3_16_0_1_1426643986145_64813">  <font size="2" face="Arial" id="yui_3_16_0_1_1426643986145_64779"> <b><span style="font-weight:bold;">From:</span></b> James Hodgkinson <yaleman@ricetek.net><br> <b><span style="font-weight: bold;">To:</span></b> ausnog@lists.ausnog.net <br> <b><span style="font-weight: bold;">Sent:</span></b> Wednesday, 18 March 2015, 15:24<br> <b><span style="font-weight: bold;">Subject:</span></b> Re: [AusNOG] Warrant-less Info Requests / Cost Recovery<br> </font> </div> <div class="y_msg_container" id="yui_3_16_0_1_1426643986145_65162"><br><div id="yiv6201497886"><style>

#yiv6201497886 body {

padding:1em;margin:auto;background:#fefefe;}

#yiv6201497886 h1, #yiv6201497886 h2, #yiv6201497886 h3, #yiv6201497886 h4, #yiv6201497886 h5, #yiv6201497886 h6 {

font-weight:bold;}

#yiv6201497886 h1 {

color:#000000;font-size:28pt;}

#yiv6201497886 h2 {

border-bottom:1px solid #CCCCCC;color:#000000;font-size:24px;}

#yiv6201497886 h3 {

font-size:18px;}

#yiv6201497886 h4 {

font-size:16px;}

#yiv6201497886 h5 {

font-size:14px;}

#yiv6201497886 h6 {

color:#777777;background-color:inherit;font-size:14px;}

#yiv6201497886 hr {

height:0.2em;border:0;color:#CCCCCC;background-color:#CCCCCC;display:inherit;}

#yiv6201497886 p, #yiv6201497886 blockquote, #yiv6201497886 ul, #yiv6201497886 ol, #yiv6201497886 dl, #yiv6201497886 li, #yiv6201497886 table, #yiv6201497886 pre {

margin:15px 0;}

#yiv6201497886 a, #yiv6201497886 a:visited {

color:#4183C4;background-color:inherit;text-decoration:none;}

#yiv6201497886 #yiv6201497886message {

border:1px solid #ccc;display:block;width:100%;height:60px;margin:6px 0px;}

#yiv6201497886 button, #yiv6201497886 #yiv6201497886ws {

font-size:12 pt;padding:4px 6px;border:1px solid #bbb;background-color:#eee;}

#yiv6201497886 code, #yiv6201497886 pre, #yiv6201497886 #yiv6201497886ws, #yiv6201497886 #yiv6201497886message {

font-family:Monaco;font-size:10pt;background-color:#F8F8F8;color:inherit;}

#yiv6201497886 code {

border:1px solid #EAEAEA;margin:0 2px;padding:0 5px;}

#yiv6201497886 pre {

border:1px solid #CCCCCC;overflow:auto;padding:4px 8px;}

#yiv6201497886 #yiv6201497886 code {

border:0;margin:0;padding:0;}

#yiv6201497886 #yiv6201497886ws {background-color:#f8f8f8;}

#yiv6201497886 .yiv6201497886bloop_markdown table {

border-collapse:collapse;

font-family:Helvetica, arial, freesans, clean, sans-serif;

color:rgb(51, 51, 51);

font-size:15px;line-height:25px;padding:0;}

#yiv6201497886 .yiv6201497886bloop_markdown table tr {

border-top:1px solid #cccccc;background-color:white;margin:0;padding:0;}

#yiv6201497886 .yiv6201497886bloop_markdown table tr:nth-child {

background-color:#f8f8f8;}

#yiv6201497886 .yiv6201497886bloop_markdown table tr th {

font-weight:bold;border:1px solid #cccccc;margin:0;padding:6px 13px;}

#yiv6201497886 .yiv6201497886bloop_markdown table tr td {

border:1px solid #cccccc;margin:0;padding:6px 13px;}

#yiv6201497886 .yiv6201497886bloop_markdown table tr th :first-child, #yiv6201497886 table tr td :first-child {

margin-top:0;}

#yiv6201497886 .yiv6201497886bloop_markdown table tr th :last-child, #yiv6201497886 table tr td :last-child {

margin-bottom:0;}

#yiv6201497886 .yiv6201497886bloop_markdown blockquote{

border-left:4px solid #dddddd;padding:0 15px;color:#777777;}

#yiv6201497886 #yiv6201497886 :first-child {

margin-top:0;}

#yiv6201497886 #yiv6201497886 :last-child {

margin-bottom:0;}

#yiv6201497886 code, #yiv6201497886 pre, #yiv6201497886 #yiv6201497886ws, #yiv6201497886 #yiv6201497886message {

word-wrap:normal;}

#yiv6201497886 hr {

display:inherit;}

#yiv6201497886 .yiv6201497886bloop_markdown :first-child {

}

#yiv6201497886 code, #yiv6201497886 pre, #yiv6201497886 #yiv6201497886ws, #yiv6201497886 #yiv6201497886message {

font-family:Menlo, Consolas, Liberation Mono, Courier, monospace;}

#yiv6201497886 .yiv6201497886send {color:#77bb77;}

#yiv6201497886 .yiv6201497886server {color:#7799bb;}

#yiv6201497886 .yiv6201497886error {color:#AA0000;}</style><div id="yui_3_16_0_1_1426643986145_65165"><div class="yiv6201497886bloop_markdown" id="yui_3_16_0_1_1426643986145_65164"><div id="yui_3_16_0_1_1426643986145_65163">It WILL take much more than 60 seconds to:</div>

<ul id="yui_3_16_0_1_1426643986145_65167"><li id="yui_3_16_0_1_1426643986145_65166">verify the requestor’s identity,</li><li id="yui_3_16_0_1_1426643986145_65168">the parameters of the request,</li><li id="yui_3_16_0_1_1426643986145_65169">do the lookup,</li><li id="yui_3_16_0_1_1426643986145_65170">format it appropriately</li><li id="yui_3_16_0_1_1426643986145_65171">send it</li><li id="yui_3_16_0_1_1426643986145_65172">generate the bill</li><li id="yui_3_16_0_1_1426643986145_65173">manage payment receipt, when it inevitably goes wrong</li></ul>

<div id="yui_3_16_0_1_1426643986145_65174">… should I go on? </div>

<div id="yui_3_16_0_1_1426643986145_65175">This doesn’t include the sunk costs of the infrastructure to host it on, and recovering that cost.</div>

<div id="yui_3_16_0_1_1426643986145_65176">Is there mention of penalties for when your $system goes bye bye (fire/flood/hacker/MTBF of hdd’s) and you can’t respond?</div>

<div>James</div>

<div></div></div><div class="yiv6201497886bloop_original_html"><style>#yiv6201497886 body{font-family:Source Code Pro, Arial;font-size:12px;}</style><div id="yiv6201497886bloop_customfont" style="font-family:Source Code Pro, Arial;font-size:12px;margin:0px;"><br clear="none"></div> <br clear="none"> <div class="yiv6201497886bloop_sign" id="yiv6201497886bloop_sign_1426652414744854016"><div style="font-family:helvetica, arial;font-size:13px;"><br clear="none"></div></div> <br clear="none"><div class="qtdSeparateBR"><br><br></div><div class="yiv6201497886yqt0694757884" id="yiv6201497886yqtfd91825"><div style="color:#000;">On 18 March 2015 at 2:17:21 pm, Paul Brooks (<a rel="nofollow" shape="rect" ymailto="mailto:pbrooks-ausnog@layer10.com.au" target="_blank" href="mailto:pbrooks-ausnog@layer10.com.au">pbrooks-ausnog@layer10.com.au</a>) wrote:</div> <blockquote class="yiv6201497886clean_bq" type="cite"><span></span><div><div></div><div>

</div></div></blockquote></div></div></div><div class="yiv6201497886yqt0694757884" id="yiv6201497886yqtfd19986"><title></title><div><div class="yiv6201497886moz-cite-prefix">They'll tell you you're

dreaming.<br clear="none">

<br clear="none">

counter-view...<br clear="none">

<br clear="none">

Remembering that Telstra recently announced they'll charge $25 to

process a simple request - the same amount they charge a LEO.<br clear="none">

<br clear="none">

If you've built even a dodgy lookup system, should it really take

more than 60 seconds to type in an IP address, a start date/time,

an end date/time, and have the lookup system (that the Gov will

help contribute to your reasonable costs to build *cough*) decrypt

the RADIUS database for the time window, and extract a dump of

records for that IP address?<br clear="none">

<br clear="none">

If you think you'll be able to charge $500 - $1000, you'd better be

prepared to explain to the CAC why you have to have a live person

ruffling through a set of filing-cabinet of printed-out A4 sheets

of paper with your records printed on them. They might be the

Gov't, but even they know we have computers do do this sort of

database lookup these days.<br clear="none">

<br clear="none">

<br clear="none">

On 18/03/2015 1:27 PM, Andrew Yager wrote:<br clear="none"></div>

<blockquote type="cite">

Hi Terry,

<div class="yiv6201497886"><br clear="none" class="yiv6201497886"></div>

<div class="yiv6201497886">We are taking the view that this is an exercise that

is equivalent of up to 2 hours technical services, and given the

costs of verifying and ensuring compliance, our standard cost for a

request will be $500 per request.</div>

<div class="yiv6201497886"><br clear="none" class="yiv6201497886"></div>

<div class="yiv6201497886">For greater time periods (e.g. reporting on two

years), our charging rate will extend to $15 000 for this

service.</div>

<div class="yiv6201497886"><br clear="none" class="yiv6201497886"></div>

<div class="yiv6201497886">More complicated requests (such as access logs from a

web server) will also attract higher rates.</div>

<div class="yiv6201497886"><br clear="none" class="yiv6201497886"></div>

<div class="yiv6201497886">I’d encourage everyone to ensure that their costs are

reasonable relating to the amount of work - and the opportunity

cost associated with complying with this daft legislation.</div>

<div class="yiv6201497886"><br clear="none" class="yiv6201497886"></div>

<div class="yiv6201497886">Andrew</div>

<div class="yiv6201497886"><br clear="none" class="yiv6201497886">

<div class="yiv6201497886">

<div class="yiv6201497886" style="color:rgb(0, 0, 0);letter-spacing:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;word-wrap:break-word;">

<div class="yiv6201497886" style="color:rgb(0, 0, 0);font-family:Helvetica;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;orphans:2;text-indent:0px;text-transform:none;white-space:normal;widows:2;word-spacing:0px;word-wrap:break-word;">

<div class="yiv6201497886" style="word-wrap:break-word;">

<div class="yiv6201497886" style="word-wrap:break-word;">

<div class="yiv6201497886" style="word-wrap:break-word;">

<div class="yiv6201497886" style="word-wrap:break-word;">

<div class="yiv6201497886" style="word-wrap:break-word;">

<div class="yiv6201497886" style="word-wrap:break-word;">

<div class="yiv6201497886" style="word-wrap:break-word;">

<div class="yiv6201497886"><span class="yiv6201497886Apple-style-span" style="border-collapse:separate;color:rgb(0, 0, 0);font-family:Helvetica;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;orphans:2;text-indent:0px;text-transform:none;white-space:normal;widows:2;word-spacing:0px;border-spacing:0px;">

--</span></div>

<div class="yiv6201497886"><span class="yiv6201497886Apple-style-span" style="border-collapse:separate;color:rgb(0, 0, 0);font-family:Helvetica;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;orphans:2;text-indent:0px;text-transform:none;white-space:normal;widows:2;word-spacing:0px;border-spacing:0px;">

<b class="yiv6201497886">Andrew Yager, Managing

Director</b>   <i class="yiv6201497886">(MACS Snr CP BCompSc MCP

JNCIA-Junos)</i><br clear="none" class="yiv6201497886">

Real World Technology Solutions Pty Ltd  - IT people

you can trust<br clear="none" class="yiv6201497886">

ph: 1300 798 718 or (02) 9037 0500<br clear="none" class="yiv6201497886">

fax: (02) 9037 0591<br clear="none" class="yiv6201497886">

<a rel="nofollow" shape="rect" class="yiv6201497886" target="_blank" href="http://www.rwts.com.au/">http://www.rwts.com.au/</a></span></div>

<div class="yiv6201497886"><span class="yiv6201497886Apple-style-span" style="border-collapse:separate;color:rgb(0, 0, 0);font-family:Helvetica;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;orphans:2;text-indent:0px;text-transform:none;white-space:normal;widows:2;word-spacing:0px;border-spacing:0px;">

<br clear="none" class="yiv6201497886"></span></div>

</div>

</div>

</div>

</div>

<br clear="none" class="yiv6201497886Apple-interchange-newline"></div>

<br clear="none" class="yiv6201497886Apple-interchange-newline"></div>

<br clear="none" class="yiv6201497886Apple-interchange-newline"></div>

<br clear="none" class="yiv6201497886Apple-interchange-newline"></div>

<br clear="none" class="yiv6201497886Apple-interchange-newline"></div>

<br clear="none" class="yiv6201497886Apple-interchange-newline">

<br clear="none" class="yiv6201497886Apple-interchange-newline"></div>

<br clear="none" class="yiv6201497886">

<div>

<blockquote class="yiv6201497886" type="cite">

<div class="yiv6201497886">On 18 Mar 2015, at 1:11 pm, Terry Sweetser

<<a rel="nofollow" shape="rect" class="yiv6201497886" ymailto="mailto:terry+AusNOG@skymesh.net.au" target="_blank" href="mailto:terry+AusNOG@skymesh.net.au">terry+AusNOG@skymesh.net.au</a>> wrote:</div>

<br clear="none" class="yiv6201497886Apple-interchange-newline">

<div class="yiv6201497886">Hello Noggers,<br clear="none" class="yiv6201497886">

<br clear="none" class="yiv6201497886">

I'm wondering what policies and pricing any/all of your

organisations have in place to "recover" costs when asked for

(meta-)data about ip addresses, customers and so on?<br clear="none" class="yiv6201497886">

<br clear="none" class="yiv6201497886">

Given the transition for 2-year retention and the expansion of the

(meta-)dataset to be retained, what plans are in place to charge

reasonable fees to state and federal LEOs for the data?<br clear="none" class="yiv6201497886">

<br clear="none" class="yiv6201497886">

Is $200 a fair sum of money for an ip address match up?<br clear="none" class="yiv6201497886">

<br clear="none" class="yiv6201497886">

Is $20,000 a fair sum of money for a dump of the (up to) 2 years of

data for an ip address or customer?<br clear="none" class="yiv6201497886">

<br clear="none" class="yiv6201497886">

--<br clear="none" class="yiv6201497886">

<a rel="nofollow" shape="rect" class="yiv6201497886" target="_blank" href="http://about.me/terry.sweetser">http://about.me/terry.sweetser</a><br clear="none" class="yiv6201497886">

<br clear="none" class="yiv6201497886">

_______________________________________________<br clear="none" class="yiv6201497886">

AusNOG mailing list<br clear="none" class="yiv6201497886">

<a rel="nofollow" shape="rect" class="yiv6201497886moz-txt-link-abbreviated" ymailto="mailto:AusNOG@lists.ausnog.net" target="_blank" href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br clear="none" class="yiv6201497886">

<a rel="nofollow" shape="rect" class="yiv6201497886moz-txt-link-freetext" target="_blank" href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br clear="none" class="yiv6201497886">

</div>

</blockquote>

</div>

<br clear="none" class="yiv6201497886"></div>

<br clear="none">

<fieldset class="yiv6201497886mimeAttachmentHeader"></fieldset>

<br clear="none">

<pre>_______________________________________________

AusNOG mailing list

<a rel="nofollow" shape="rect" class="yiv6201497886moz-txt-link-abbreviated" ymailto="mailto:AusNOG@lists.ausnog.net" target="_blank" href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>

<a rel="nofollow" shape="rect" class="yiv6201497886moz-txt-link-freetext" target="_blank" href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a>

</pre></blockquote>

<br clear="none">

_______________________________________________

<br clear="none">AusNOG mailing list

<br clear="none">AusNOG@lists.ausnog.net

<br clear="none">http://lists.ausnog.net/mailman/listinfo/ausnog

<br clear="none"><div class="yiv6201497886bloop_markdown"><div></div></div></div></div></div><br><div class="yqt0694757884" id="yqtfd40647">_______________________________________________<br clear="none">AusNOG mailing list<br clear="none"><a shape="rect" ymailto="mailto:AusNOG@lists.ausnog.net" href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br clear="none"><a shape="rect" href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br clear="none"></div><br><br></div> </div> </div>  </div></body></html>