[AusNOG] Welcome to Metadata Retention
Nick Stallman
nick at agentpoint.com
Mon Mar 2 12:23:10 EST 2015
But if a ISP isn't logging other services, and the other services are
non-local, or are excluded from the legislation, then what is the point?
E.g. Say someone makes a bomb making forum, hosts it on some cheap
$5/month aussie hosting, then ASIO gets none of that.
Or someone puts a bomb making IRC channel on a cheap Australian VPS.
Completely ignoring that you could do this offshore of course.
So did they just design this legislation to catch the dumbest of the
dumbest organised criminals?
Cause it sure won't catch anyone else.
On 02/03/15 10:17, Paul Brooks wrote:
> On 2/03/2015 9:36 AM, Mark McKibbin wrote:
>> Not sure how this would work (from the report)
>>
>> (a) the type of communication; Examples: Voice, SMS, email, chat,
>> forum, social media. (b) the type of the relevant service; Examples:
>> ADSL, Wi-Fi, VoIP, cable, GPRS, VoLTE, LTE. (c) the features of the
>> relevant service that were, or would have been, used by or enabled
>> for the communication. Examples: call waiting, call forwarding,
>> bandwidth allowances
>>
>> Surely the ISP cannot record Chat, Forum, Social Media (there is a
>> comma between Chat and Forum) this would have to be up to the
>> Facebooks, Googles etc?
> Near as we can figure out (and IANAL, and this is not legal advice,
> consult your own legal professional) you are correct- you only need to
> store data about services you actually provide, not services that pass
> through you that are provided by someone else. If you provide email
> service, you need to collect your email logs. If your customers use
> Gmail etc or any external email source - you don't need to detect or
> store data about that. If you provide a webmail interface into your
> own email service - you'll probably need to collect records for email
> interactions through that interface.
>
> You would need to collect chat or forum records if you provided the
> chat or forum service/facility yourself - not for an external chat
> service. If you run your own forum, presumably you have the mappings
> between the forum userids and your customer details, or at least login
> records that map a userid login with the origin IP address. Or perhaps
> you don't have those mappings, and the authority would have to provide
> you a forum userid to report on, separate from a IP
> address/date/timestamp to report on.
>
> If you were an ISP and only provided Internet access and no other
> value added functions, you might only have to report 'Type of Comms:
> Internet Access, Type of Service: ADSL2+' along with allocated IP
> address and date/time records for example (and apparently their plan
> details, things like whether Annex M was enabled, etc.). Over time,
> that might be a bigger mix of 'Type of Comms: Internet Access, Type of
> Service: FTTx' for various values of 'x'.
>
> However, this is all up for discussion between you and the CAC and
> your Data Retention Implementation Plans.
> See *187E Applying for approval of data retention implementation plans*.
> I can see a huge backlog in the CAC department over the next few years
> as 400+ ISPs attempt to get between 1 - 10+ DRIPs approved each.
>
> P.
>
>
>
>
>
>>
>>
>> On 2 March 2015 at 09:20, Stuart Low <stuart.low at me.com
>> <mailto:stuart.low at me.com>> wrote:
>>
>> Hmm, ok so a little bit off topic but 2 years, is that all that's
>> required? Lucky you guys! In finance it's 7 years for typical and
>> infinite for specific elements (trader convos). For even a small
>> organisations that translates to 10+ PB and it's expensive and
>> often tediously look after (hello from the trenches :p).
>>
>> RE: Glacier, realise that Amazon provides no guarantee it will be
>> available (ie. Best effort) which depending on your risk appetite
>> might not be good enough. I believe Hitachi has been offering a
>> private label setup based on HCP for a while, probably an order
>> of magnitude more expensive though.
>>
>> Never thought I'd say this but dual spool tape onsite/offsite may
>> be cheaper...
>>
>> Stu
>>
>>
>>
>> On 2 Mar 2015, at 9:06 am, Damien Gardner Jnr
>> <rendrag at rendrag.net <mailto:rendrag at rendrag.net>> wrote:
>>
>>> Is that all it's going to be? If that's the case, I'm set, as I
>>> already archive 90% of my mailserver logs for 2 years as a
>>> requirement of one of my customers (funnily enough, AGD :-p)
>>>
>>> We were just discussing it at $dayjob, and the Network team were
>>> of the understanding it would require us archiving our sflow
>>> data (or is that no longer on the table?? If so, that makes it a
>>> lot easier!). I did some quick sums, and shoving that into
>>> Amazon Glacier (80TB/month growth) would be growing at
>>> $800/month^2 - so once you hit the 2 years retention
>>> requirement, you're holding at 1.9PB of storage (!@#!#!), and
>>> paying $19k/month for that storage. And that's at 100:1 sflow
>>> sampling (full netflow would NOT be possible)
>>>
>>>
>>> On 2 March 2015 at 09:00, Mark McKibbin <mark at team.dcsi.net.au
>>> <mailto:mark at team.dcsi.net.au>> wrote:
>>>
>>> I don't agree with the legislation, however as we are now
>>> stuck with it it does not seem over onerous. At a glance it
>>> looks like encrypted mail logs (no big deal), telephone call
>>> data that we already record.... have I missed something?
>>>
>>> Cheers
>>> Mark McKibbin
>>> DCSI
>>>
>>> On 2 March 2015 at 08:47, Nathan Brookfield
>>> <Nathan.Brookfield at simtronic.com.au
>>> <mailto:Nathan.Brookfield at simtronic.com.au>> wrote:
>>>
>>> I know it covers me without any hesitation unfortunately
>>> so I’ve come to grips with the fact I just need to suck
>>> it up. Storage is cheap, mirror ports are easy to
>>> implement and we’re small enough at the moment that it’s
>>> not going to cause me any major pain and we’ll likely
>>> never be asked for the data…
>>>
>>> *From:*Damien Gardner Jnr [mailto:rendrag at rendrag.net
>>> <mailto:rendrag at rendrag.net>]
>>> *Sent:* Monday, 2 March 2015 8:43 AM
>>>
>>>
>>> *To:* Nathan Brookfield
>>> *Cc:* Paul Wilkins; ausnog at lists.ausnog.net
>>> <mailto:ausnog at lists.ausnog.net>
>>> *Subject:* Re: [AusNOG] Welcome to Metadata Retention
>>>
>>> Sorry, but I just don't agree. The way I read it as it
>>> currently stands, I can basically ignore the legislation
>>> until someone definitively says I have to (i.e. the 'The
>>> minister may issue a determination specifically
>>> declaring a company to be a hosting provider').
>>>
>>> It sounds like you WANT to have to collect metadata Nath
>>> ;) Why are you arguing so hard to be covered by the new
>>> legislation??
>>>
>>> On 2 March 2015 at 08:38, Nathan Brookfield
>>> <Nathan.Brookfield at simtronic.com.au
>>> <mailto:Nathan.Brookfield at simtronic.com.au>> wrote:
>>>
>>> In the best case scenario they are leasing the
>>> ‘Hardware’ but that does not mean they are leasing the
>>> space, in the majority of cases they are going to be
>>> paying for a ‘service’ which you are providing on your
>>> own hardware (hosting/vps) and you ‘the hosting
>>> provider’ are leasing the space, not the end client.
>>>
>>> I think on this argument you would need a REALLY good
>>> lawyer…..
>>>
>>> Very different argument to the Megaport/PIPE issue.
>>>
>>> *From:*Damien Gardner Jnr [mailto:rendrag at rendrag.net
>>> <mailto:rendrag at rendrag.net>]
>>> *Sent:* Monday, 2 March 2015 8:33 AM
>>> *To:* Nathan Brookfield
>>> *Cc:* Paul Wilkins; ausnog at lists.ausnog.net
>>> <mailto:ausnog at lists.ausnog.net>
>>>
>>>
>>> *Subject:* Re: [AusNOG] Welcome to Metadata Retention
>>>
>>> But the customer is located within the facility? They're
>>> leasing hardware/space/etc from you, so they are your
>>> tenant - therefore they are located in the facility?
>>>
>>> On 2 March 2015 at 08:26, Nathan Brookfield
>>> <Nathan.Brookfield at simtronic.com.au
>>> <mailto:Nathan.Brookfield at simtronic.com.au>> wrote:
>>>
>>> But you are providing said (hosting/colo/dedi/vds)
>>> services in multiple data centres and the actual
>>> customer is not located within that facility, I think
>>> that one would be hard pressed to stand behind.
>>>
>>> *From:*AusNOG [mailto:ausnog-bounces at lists.ausnog.net
>>> <mailto:ausnog-bounces at lists.ausnog.net>] *On Behalf Of
>>> *Damien Gardner Jnr
>>> *Sent:* Monday, 2 March 2015 6:32 AM
>>> *To:* Paul Wilkins
>>> *Cc:* ausnog at lists.ausnog.net
>>> <mailto:ausnog at lists.ausnog.net>
>>> *Subject:* Re: [AusNOG] Welcome to Metadata Retention
>>>
>>> If you're going to quote the Carriage Service definition
>>> from the Telecommunications Act, you also need to note
>>> Section 89, the 'same premises' exclusion. This excludes
>>> services delivered inside the same building, which reads
>>> to me that provided you're only supplying internet
>>> services inside of Datacenters (which most
>>> hosting/colo/dedi/vds companies do), you're not
>>> providing carriage services, and thus aren't affected by
>>> this bill?
>>>
>>> On 2 March 2015 at 02:51, Paul Wilkins
>>> <paulwilkins369 at gmail.com
>>> <mailto:paulwilkins369 at gmail.com>> wrote:
>>>
>>> The fundamental qualifier is whether you provide a
>>> 'carriage service', as defined by the Telecommunications
>>> Act, 1997. (The Broadcasting Services Act relies on the
>>> definition in the Telco Act).
>>>
>>> */carriage service/* means a service for carrying
>>> communications by means of guided and/or unguided
>>> electromagnetic energy.
>>>
>>> If you provide a service (or resell a service) for the
>>> termination of cables or fiber, you're clearly within
>>> the scope of the bill.
>>>
>>> If you don't touch the physical or data link layers, the
>>> bill may or may not apply, subject to interpretation and
>>> legal argument. It's not clear if a communication at the
>>> IP layer is to the opposite IP (which arguably requires
>>> transmission by electromagnetic energy). Then again, IP
>>> doesn't deal with electromagnetic radiation, so perhaps
>>> not, but I wouldn't think this a strong argument.
>>>
>>> Alternatively, if the communication is viewed as from
>>> the IP to the MAC, then the communication is local and
>>> there is no transmission via electromagnetic energy
>>> (except from what is local to the NIC chipset). Assuming
>>> this interpretation, the IP<>IP conversation would be
>>> 'content' of the MAC<>IP communication, and still
>>> remains outside the bill.
>>>
>>> As I've said, the lawyers will have a lot of fun with
>>> this. I'm not a lawyer and don't represent myself as a
>>> legal expert. If you need informed opinion, consult a
>>> legal professional, or ask the advice of the Dep't of
>>> Communications, who administer both the Telco Act, and
>>> the Broadcasting Services Act.
>>>
>>> Paul Wilkins
>>>
>>>
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>
>>>
>>>
>>> --
>>>
>>> Damien Gardner Jnr
>>> VK2TDG. Dip EE. GradIEAust
>>> rendrag at rendrag.net <mailto:rendrag at rendrag.net> -
>>> http://www.rendrag.net/_
>>> _--
>>> We rode on the winds of the rising storm,
>>> We ran to the sounds of thunder.
>>> We danced among the lightning bolts,
>>> and tore the world asunder
>>>
>>>
>>>
>>> --
>>>
>>> Damien Gardner Jnr
>>> VK2TDG. Dip EE. GradIEAust
>>> rendrag at rendrag.net <mailto:rendrag at rendrag.net> -
>>> http://www.rendrag.net/_
>>> _--
>>> We rode on the winds of the rising storm,
>>> We ran to the sounds of thunder.
>>> We danced among the lightning bolts,
>>> and tore the world asunder
>>>
>>>
>>>
>>> --
>>>
>>> Damien Gardner Jnr
>>> VK2TDG. Dip EE. GradIEAust
>>> rendrag at rendrag.net <mailto:rendrag at rendrag.net> -
>>> http://www.rendrag.net/_
>>> _--
>>> We rode on the winds of the rising storm,
>>> We ran to the sounds of thunder.
>>> We danced among the lightning bolts,
>>> and tore the world asunder
>>>
>>>
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>
>>>
>>>
>>>
>>> --
>>>
>>> DCSI Logo
>>>
>>>
>>>
>>> *Mark McKibbin*
>>> Director
>>>
>>> DCS Internet Pty Ltd | 64 Queen St, Warragul VIC 3820
>>> W: www.dcsi.net.au <http://www.dcsi.net.au> | P: 1300 665
>>> 575 | F: 1300 556 595
>>>
>>>
>>>
>>>
>>> --
>>>
>>> Damien Gardner Jnr
>>> VK2TDG. Dip EE. GradIEAust
>>> rendrag at rendrag.net <mailto:rendrag at rendrag.net> -
>>> http://www.rendrag.net/_
>>> _--
>>> We rode on the winds of the rising storm,
>>> We ran to the sounds of thunder.
>>> We danced among the lightning bolts,
>>> and tore the world asunder
>>>
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>>
>>
>>
>> --
>>
>> DCSI Logo
>>
>>
>>
>> *Mark McKibbin*
>> Director
>>
>> DCS Internet Pty Ltd | 64 Queen St, Warragul VIC 3820
>> W: www.dcsi.net.au <http://www.dcsi.net.au> | P: 1300 665 575 | F:
>> 1300 556 595
>>
>>
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
--
Nick Stallman
Agentpoint Pty Ltd
The Real Estate Web Developers
Melbourne | Sydney | Miami
nick at agentpoint.com
www.agentpoint.com.au | www.zooproperty.com | www.ginga.com.au |
www.business2.com.au
Business2.com.au is a real estate agent information website that helps
you understand Portals, Technology and comes with FREE tools to help
your Agency become an online success!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20150302/2c5cc3d8/attachment.html>
More information about the AusNOG
mailing list