[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Brainstorming about Tor, Germany, and data retention



Hello Roger,

> 1) Will ISPs be required to log connection timing information of their
> users? What exactly will the information be -- destination IP address,
> port, timestamp of beginning of connection, timestamp of end? Or more
> than that? Or less?

That's not planed.
The ISPs have to log the dynamic IP of the user, the time (log in/log
out including timezone) and the identifier of the telephone/dsl line.
Only for email, telephone and sms there are more rulez.

Directive 2006/24/EC of the European Parliament and of the Council
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32006L0024:EN:HTML
(I've attached it, the server is down at the time of writing)

> 2) Are there ISPs that plan to not log? If so, how many?

very unlikly

> 3) Do we expect the authorities will only use the logs in a pinpoint
> way, or will they also trawl? That is, will they go to an ISP and say
> "tell me what this user did during this five minute period", or can they
> ask every ISP at once "tell me all your info about every connection to
> amazon.com on Saturday"? As a special case of this, is asking for info
> from 500 Tor relays more like a pinpoint request or more like trawling?

That's not possible.
Authorities can lawfull intercept the traffic of some users (sniff the
hole traffic). That could be an end user or an tor operator.
Lawfull interception is only applicable if the person is suspicios.
There are more or less well defined criteria when it is allowed to
intercept (it's not allowed for prevention)
Additionaly they can ask amazon.com for there logfiles.

greetings
Carsten

Attachment: Directive 2006-24-EC of the European Parliament and of the Council.txt.bz2
Description: Binary data