[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Traffic retention of TOR-Relays in Denmark


I am not even sure this data retention directive applies to [all]
Denmark Tor exits.
Let me highlight a few things:

> "2.2.1. Session logging (section 5(1) of the Executive Order)
> *Providers of access to the internet* must, in respect of the
> initiating and terminating package of an internet session, retain
> data that identifies the sending and receiving internet protocol
> address (in the following called IP address), the sending and
> receiving port number and the transmission protocol."

At least in Germany, and some other EU countries, the data retention
directive does/will only be relevant to ISPs that provide "access to the
Internet", ie. dial-up, cable, DSL and the like. NOT VPN or anonymizing
software. That paragraph sounds much like it.

> "2.2.2. Sampling (section 5(4) of the Executive Order) The obligation
> to retain data about the initiating and terminating package of an
> internet session does not apply to providers in case such retention
> is not technically feasible in their systems. In that case, data must
> instead be retained for every 500th package that is *part of an end*
> *user’s communication* on the internet."

If I run a Tor exit, I am not an end user. So, in my understanding, my
ISP would not need to log anything.

Moritz Bartl
tor-talk mailing list