[Gllug] New UK push for EU data retention regulations

Jason Clifford jason at ukpost.com
Mon Jul 11 16:14:11 UTC 2005 

On Mon, 11 Jul 2005, Doug Winter wrote:

> I think the basic idea is that they ask you to retain all your logs, and
> if you don't then they send you to prison.
> 
> I got one of these requests on Thursday from my ISP.  They forwarded a
> message from the National Crime Squad to everyone hosting services with
> them.
> 
> Not entirely sure what the legal status of the request is, but I suspect
> that if they really wanted to they could nail you for not logging stuff
> to their satisfaction.

The reqeust for your logs has to come to you from the police. Your ISP is 
not empowered to demand them from you although they can inform the police 
that you handle your own email so they have no logs for you and the police 
can then visit you separately.

If you are running a mailserver and providing electronic communications 
services to others you must keep the logs showing sender and destination 
details along with dates etc. That's a requirement of either RIP or RIPA 
and failure to do so can result in prosecution.

If you are not providing services to others I don't think there is a log 
retention requirement however I don't know for certain.

The problem isn't actually storage of logs. ISPs do that anyway as do most 
others running mail servers.

The problem is grabbing specific data from them in response to a request 
from the police.

Firstly email addresses are not hard wired. That means anyone can 
obfuscate the sender address easily. To get around this you may be 
expected to match up authentication data (radius logs, sasl logs, etc) 
with your email logs but that data isn't always reliable.

Then there's the fact that few servers use ntp (and those that do 
sometimes don't do so properly) so matching up logs isn't necessarily 
easy.

Thankfully I've never had this arise as an issue (yet) although I have had 
the phone call from the police asking for information - to which I 
responded by asking for proper proceedures to be followed and heard 
nothing more.

Jason Clifford
-- 
UKFSN.ORG		Finance Free Software while you surf the 'net
http://www.ukfsn.org/	 2Mb ADSL Broadband from just £14.98 / month 

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list