[102055] in North American Network Operators' Group
Re: EU Official: IP Is Personal
daemon@ATHENA.MIT.EDU (Roland Perry)
Thu Jan 24 06:57:06 2008
Date: Thu, 24 Jan 2008 11:50:57 +0000
To: nanog@merit.edu
From: Roland Perry <lists@internetpolicyagency.com>
In-Reply-To: <1E2B60F8-A74E-41C7-B1F0-84F4B42911F2@cisco.com>
Errors-To: owner-nanog@merit.edu
In article <1E2B60F8-A74E-41C7-B1F0-84F4B42911F2@cisco.com>, Fred Baker
<fred@cisco.com> writes
>What I find interesting here is the Jekyll/Hyde nature of it. European
>ISPs are required to keep expensive logs of the behavior of subscribers
>for forensic data mining, accessible under subpoena, for extensive
>periods like 6-24 months (last I heard it was 7 years in Italy, but
>that may now be incorrect), but the information is deemed private and
>therefore inappropriate to keep under EU privacy rules. ISPs are
>required to keep inappropriate information at their own expense in case
>forensic authorities decide to pay an occasional pittance to access
>some small quantity of it.
Putting aside for a moment the issue of "whose dollars pay for it" there
is no fundamental contradiction in the proposition that private sector
information can be mandated to be kept for minimum periods, is
confidential, but nevertheless can be acquired by lawful subpoena.
Think about banking records, for example, which are confidential,
routinely examined in criminal enquiries, and which have to be kept for
various minimum periods by accountancy law. Operationally, the banks
have had to invest in special departments to do just that, it's simply
part of the cost of doing business.
--
Roland Perry
Internet Policy Agency
