[148229] in North American Network Operators' Group
Re: question regarding US requirements for journaling public email
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Thu Jan 5 22:42:20 2012
In-Reply-To: <CAO9uaO0CjwOjFMbwNkfSNDCaL=AAEyYFw42NSJE1_wK+9j7Rvg@mail.gmail.com>
Date: Fri, 6 Jan 2012 09:11:30 +0530
From: Suresh Ramasubramanian <ops.lists@gmail.com>
To: John Adams <jna@retina.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
I would love to ask the EFF just what you do when you don't log stuff,
and then need to troubleshoot someone causing a DDoS or something from
your network in a hurry.
Not that I'd get any sort of a useful answer from them, beyond random
propaganda that spam filtering is evil, DPI is demoniacal etc etc.
On Fri, Jan 6, 2012 at 3:54 AM, John Adams <jna@retina.net> wrote:
>
> OSPs cannot be forced to provide data that does not exist. EFF suggests
> that OSPs draft an internal policy that states that they collect only
> limited information and do not retain any logs of user activity on their
> networks for more than a few weeks. If a court order requests data that is
> more than a few weeks old, the OSP can simply point to the policy and
> explain that it cannot furnish the requested data. Likewise, if unnecessary
> PII is regularly deleted, the OSP cannot supply what it does not retain.
> This saves the OSP time and money, while also providing the OSP with
> sufficient data for its own administrative and business purposes.
--
Suresh Ramasubramanian (ops.lists@gmail.com)
