Am 20.10.2008 um 15:29 schrieb Dominik Schaefer:
Roger Dingledine schrieb:On Sun, Oct 19, 2008 at 02:30:32AM +0200, Sven Anderson wrote:All sources I know don't let any doubt that ISPs will _only_ keep data, which they log anyways, that is which IP has been assigned to which user at which time.IMHO it is not true, that ISPs will only have to retain data, they anyway log. Until now, they weren't even allowed to log the IP address if they don't need it for billing purposes. The DR law defines, what they have to log.
You have to look at the details here. The law tells them what to _retain_, not what to _log_. It assumes that ISPs log that stuff anyways. I have my information from a talk of the data security officer of the Deutsche Telekom[1], but I just had a look at TKG 113a (1), and it seems indeed that if you don't log, you have to make sure somebody else logs it. Maybe they changed that paragraph after the talk has been held?
Regarding your example: I wrote the same one sentence after the one you quoted from me. With a little difference: they are allowed to log it, but they have to immediately delete it after the connection.[2]
[1] http://www.jura.uni-duesseldorf.de/institute/zfi/materialien/Informationsrechtstag5/070627-Ulmer.pdf (german)
[2] http://www.heise.de/newsticker/meldung/80614 (german) Regards, Sven
Attachment:
smime.p7s
Description: S/MIME cryptographic signature