[AusNOG] Welcome to Metadata Retention
Paul Brooks
pbrooks-ausnog at layer10.com.au
Mon Mar 2 10:17:08 EST 2015
On 2/03/2015 9:36 AM, Mark McKibbin wrote:
> Not sure how this would work (from the report)
>
> (a) the type of communication; Examples: Voice, SMS, email, chat, forum, social
> media. (b) the type of the relevant service; Examples: ADSL, Wi-Fi, VoIP, cable,
> GPRS, VoLTE, LTE. (c) the features of the relevant service that were, or would have
> been, used by or enabled for the communication. Examples: call waiting, call
> forwarding, bandwidth allowances
>
> Surely the ISP cannot record Chat, Forum, Social Media (there is a comma between
> Chat and Forum) this would have to be up to the Facebooks, Googles etc?
Near as we can figure out (and IANAL, and this is not legal advice, consult your own
legal professional) you are correct- you only need to store data about services you
actually provide, not services that pass through you that are provided by someone
else. If you provide email service, you need to collect your email logs. If your
customers use Gmail etc or any external email source - you don't need to detect or
store data about that. If you provide a webmail interface into your own email service
- you'll probably need to collect records for email interactions through that interface.
You would need to collect chat or forum records if you provided the chat or forum
service/facility yourself - not for an external chat service. If you run your own
forum, presumably you have the mappings between the forum userids and your customer
details, or at least login records that map a userid login with the origin IP address.
Or perhaps you don't have those mappings, and the authority would have to provide you
a forum userid to report on, separate from a IP address/date/timestamp to report on.
If you were an ISP and only provided Internet access and no other value added
functions, you might only have to report 'Type of Comms: Internet Access, Type of
Service: ADSL2+' along with allocated IP address and date/time records for example
(and apparently their plan details, things like whether Annex M was enabled, etc.).
Over time, that might be a bigger mix of 'Type of Comms: Internet Access, Type of
Service: FTTx' for various values of 'x'.
However, this is all up for discussion between you and the CAC and your Data Retention
Implementation Plans.
See *187E Applying for approval of data retention implementation plans*.
I can see a huge backlog in the CAC department over the next few years as 400+ ISPs
attempt to get between 1 - 10+ DRIPs approved each.
P.
>
>
>
> On 2 March 2015 at 09:20, Stuart Low <stuart.low at me.com <mailto:stuart.low at me.com>>
> wrote:
>
> Hmm, ok so a little bit off topic but 2 years, is that all that's required?
> Lucky you guys! In finance it's 7 years for typical and infinite for specific
> elements (trader convos). For even a small organisations that translates to 10+
> PB and it's expensive and often tediously look after (hello from the trenches :p).
>
> RE: Glacier, realise that Amazon provides no guarantee it will be available (ie.
> Best effort) which depending on your risk appetite might not be good enough. I
> believe Hitachi has been offering a private label setup based on HCP for a
> while, probably an order of magnitude more expensive though.
>
> Never thought I'd say this but dual spool tape onsite/offsite may be cheaper...
>
> Stu
>
>
>
> On 2 Mar 2015, at 9:06 am, Damien Gardner Jnr <rendrag at rendrag.net
> <mailto:rendrag at rendrag.net>> wrote:
>
>> Is that all it's going to be? If that's the case, I'm set, as I already
>> archive 90% of my mailserver logs for 2 years as a requirement of one of my
>> customers (funnily enough, AGD :-p)
>>
>> We were just discussing it at $dayjob, and the Network team were of the
>> understanding it would require us archiving our sflow data (or is that no
>> longer on the table?? If so, that makes it a lot easier!). I did some quick
>> sums, and shoving that into Amazon Glacier (80TB/month growth) would be growing
>> at $800/month^2 - so once you hit the 2 years retention requirement, you're
>> holding at 1.9PB of storage (!@#!#!), and paying $19k/month for that storage.
>> And that's at 100:1 sflow sampling (full netflow would NOT be possible)
>>
>>
>> On 2 March 2015 at 09:00, Mark McKibbin <mark at team.dcsi.net.au
>> <mailto:mark at team.dcsi.net.au>> wrote:
>>
>> I don't agree with the legislation, however as we are now stuck with it it
>> does not seem over onerous. At a glance it looks like encrypted mail logs
>> (no big deal), telephone call data that we already record.... have I missed
>> something?
>>
>> Cheers
>> Mark McKibbin
>> DCSI
>>
>> On 2 March 2015 at 08:47, Nathan Brookfield
>> <Nathan.Brookfield at simtronic.com.au
>> <mailto:Nathan.Brookfield at simtronic.com.au>> wrote:
>>
>> I know it covers me without any hesitation unfortunately so I’ve come
>> to grips with the fact I just need to suck it up. Storage is cheap,
>> mirror ports are easy to implement and we’re small enough at the moment
>> that it’s not going to cause me any major pain and we’ll likely never
>> be asked for the data…
>>
>>
>>
>> *From:*Damien Gardner Jnr [mailto:rendrag at rendrag.net
>> <mailto:rendrag at rendrag.net>]
>> *Sent:* Monday, 2 March 2015 8:43 AM
>>
>>
>> *To:* Nathan Brookfield
>> *Cc:* Paul Wilkins; ausnog at lists.ausnog.net
>> <mailto:ausnog at lists.ausnog.net>
>> *Subject:* Re: [AusNOG] Welcome to Metadata Retention
>>
>>
>>
>> Sorry, but I just don't agree. The way I read it as it currently
>> stands, I can basically ignore the legislation until someone
>> definitively says I have to (i.e. the 'The minister may issue a
>> determination specifically declaring a company to be a hosting provider').
>>
>>
>>
>> It sounds like you WANT to have to collect metadata Nath ;) Why are
>> you arguing so hard to be covered by the new legislation??
>>
>>
>>
>> On 2 March 2015 at 08:38, Nathan Brookfield
>> <Nathan.Brookfield at simtronic.com.au
>> <mailto:Nathan.Brookfield at simtronic.com.au>> wrote:
>>
>> In the best case scenario they are leasing the ‘Hardware’ but that does
>> not mean they are leasing the space, in the majority of cases they are
>> going to be paying for a ‘service’ which you are providing on your own
>> hardware (hosting/vps) and you ‘the hosting provider’ are leasing the
>> space, not the end client.
>>
>>
>>
>> I think on this argument you would need a REALLY good lawyer…..
>>
>>
>>
>> Very different argument to the Megaport/PIPE issue.
>>
>>
>>
>> *From:*Damien Gardner Jnr [mailto:rendrag at rendrag.net
>> <mailto:rendrag at rendrag.net>]
>> *Sent:* Monday, 2 March 2015 8:33 AM
>> *To:* Nathan Brookfield
>> *Cc:* Paul Wilkins; ausnog at lists.ausnog.net
>> <mailto:ausnog at lists.ausnog.net>
>>
>>
>> *Subject:* Re: [AusNOG] Welcome to Metadata Retention
>>
>>
>>
>> But the customer is located within the facility? They're leasing
>> hardware/space/etc from you, so they are your tenant - therefore they
>> are located in the facility?
>>
>>
>>
>> On 2 March 2015 at 08:26, Nathan Brookfield
>> <Nathan.Brookfield at simtronic.com.au
>> <mailto:Nathan.Brookfield at simtronic.com.au>> wrote:
>>
>> But you are providing said (hosting/colo/dedi/vds) services in multiple
>> data centres and the actual customer is not located within that
>> facility, I think that one would be hard pressed to stand behind.
>>
>>
>>
>> *From:*AusNOG [mailto:ausnog-bounces at lists.ausnog.net
>> <mailto:ausnog-bounces at lists.ausnog.net>] *On Behalf Of *Damien Gardner Jnr
>> *Sent:* Monday, 2 March 2015 6:32 AM
>> *To:* Paul Wilkins
>> *Cc:* ausnog at lists.ausnog.net <mailto:ausnog at lists.ausnog.net>
>> *Subject:* Re: [AusNOG] Welcome to Metadata Retention
>>
>>
>>
>> If you're going to quote the Carriage Service definition from the
>> Telecommunications Act, you also need to note Section 89, the 'same
>> premises' exclusion. This excludes services delivered inside the same
>> building, which reads to me that provided you're only supplying
>> internet services inside of Datacenters (which most
>> hosting/colo/dedi/vds companies do), you're not providing carriage
>> services, and thus aren't affected by this bill?
>>
>>
>>
>>
>>
>>
>>
>> On 2 March 2015 at 02:51, Paul Wilkins <paulwilkins369 at gmail.com
>> <mailto:paulwilkins369 at gmail.com>> wrote:
>>
>> The fundamental qualifier is whether you provide a 'carriage service',
>> as defined by the Telecommunications Act, 1997. (The Broadcasting
>> Services Act relies on the definition in the Telco Act).
>>
>> */carriage service/* means a service for carrying communications by
>> means of guided and/or unguided electromagnetic energy.
>>
>>
>>
>> If you provide a service (or resell a service) for the termination of
>> cables or fiber, you're clearly within the scope of the bill.
>>
>> If you don't touch the physical or data link layers, the bill may or
>> may not apply, subject to interpretation and legal argument. It's not
>> clear if a communication at the IP layer is to the opposite IP (which
>> arguably requires transmission by electromagnetic energy). Then again,
>> IP doesn't deal with electromagnetic radiation, so perhaps not, but I
>> wouldn't think this a strong argument.
>>
>> Alternatively, if the communication is viewed as from the IP to the
>> MAC, then the communication is local and there is no transmission via
>> electromagnetic energy (except from what is local to the NIC chipset).
>> Assuming this interpretation, the IP<>IP conversation would be
>> 'content' of the MAC<>IP communication, and still remains outside the bill.
>>
>> As I've said, the lawyers will have a lot of fun with this. I'm not a
>> lawyer and don't represent myself as a legal expert. If you need
>> informed opinion, consult a legal professional, or ask the advice of
>> the Dep't of Communications, who administer both the Telco Act, and the
>> Broadcasting Services Act.
>>
>>
>>
>> Paul Wilkins
>>
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>>
>>
>>
>>
>> --
>>
>> Damien Gardner Jnr
>> VK2TDG. Dip EE. GradIEAust
>> rendrag at rendrag.net <mailto:rendrag at rendrag.net> -
>> http://www.rendrag.net/_
>> _--
>> We rode on the winds of the rising storm,
>> We ran to the sounds of thunder.
>> We danced among the lightning bolts,
>> and tore the world asunder
>>
>>
>>
>>
>>
>> --
>>
>> Damien Gardner Jnr
>> VK2TDG. Dip EE. GradIEAust
>> rendrag at rendrag.net <mailto:rendrag at rendrag.net> -
>> http://www.rendrag.net/_
>> _--
>> We rode on the winds of the rising storm,
>> We ran to the sounds of thunder.
>> We danced among the lightning bolts,
>> and tore the world asunder
>>
>>
>>
>>
>>
>> --
>>
>> Damien Gardner Jnr
>> VK2TDG. Dip EE. GradIEAust
>> rendrag at rendrag.net <mailto:rendrag at rendrag.net> -
>> http://www.rendrag.net/_
>> _--
>> We rode on the winds of the rising storm,
>> We ran to the sounds of thunder.
>> We danced among the lightning bolts,
>> and tore the world asunder
>>
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>>
>>
>>
>> --
>>
>> DCSI Logo
>>
>>
>>
>> *Mark McKibbin*
>> Director
>>
>>
>>
>> DCS Internet Pty Ltd | 64 Queen St, Warragul VIC 3820
>> W: www.dcsi.net.au <http://www.dcsi.net.au> | P: 1300 665 575 | F: 1300 556
>> 595
>>
>>
>>
>>
>> --
>>
>> Damien Gardner Jnr
>> VK2TDG. Dip EE. GradIEAust
>> rendrag at rendrag.net <mailto:rendrag at rendrag.net> - http://www.rendrag.net/_
>> _--
>> We rode on the winds of the rising storm,
>> We ran to the sounds of thunder.
>> We danced among the lightning bolts,
>> and tore the world asunder
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
>
> --
>
> DCSI Logo
>
>
>
> *Mark McKibbin*
> Director
>
>
>
> DCS Internet Pty Ltd | 64 Queen St, Warragul VIC 3820
> W: www.dcsi.net.au <http://www.dcsi.net.au> | P: 1300 665 575 | F: 1300 556 595
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20150302/18115427/attachment.html>
More information about the AusNOG
mailing list