[88629] in North American Network Operators' Group
RE: Fed Bill Would Restrict Web Server Logs
daemon@ATHENA.MIT.EDU (Bill Nash)
Tue Feb 14 11:39:39 2006
Date: Tue, 14 Feb 2006 11:29:44 -0500 (EST)
From: Bill Nash <billn@odyssey.billn.net>
To: David Hubbard <dhubbard@dino.hostasaurus.com>
Cc: nanog@nanog.org
In-Reply-To: <FCD26398C5EDE746BFC47F43EA52A1730166D312@dino.ad.hostasaurus.com>
Errors-To: owner-nanog@merit.edu
On Tue, 14 Feb 2006, David Hubbard wrote:
>
> From: Andy Davidson
>>
>>
>> Speaking with my e-commerce vendor hat on, server logs (apache, mail,
>> application audit logs) and other information about visitors
>> (especially those who have conducted a purchase transaction with
>> us, or signed up to our newsletter) never stop having a business
>> purpose - it's called referential integrity.
>>
>> We want to use them to track the behaviour fraudulent users
>> for example.
>
> Anyone who runs mailing lists has to keep that info to be
> able to prove how and when someone opted in.
>
Have you ever tried getting opt-in information out of someone, especially
when they know they've screwed up? You practically need a subpeona to do
it. In many cases (I went through this recently with ZDnet) you literally
have to play the escalation game just to rattle enough cages to get people
to realize you're a: serious and b: not a kook. Oddly enough, I have the
hardest time with the latter. ;)
It'll be interesting to see what this legislation looks like when/if it
gets signed. Maybe it'll finally be the extra kick I need to get some of
our larger databases purged.
- billn
