reply to rradina
Re: Disk is cheap and the data is immutable...
said by rradina:Costlier means it would cost more money.
Can we define "costlier"? Even if it's exceedingly large volumes of data, they can use tiered storage, compress the hell out of it and move it off-line onto something cheap. Off-line also adds a security barrier. Furthermore, if they separate url logs, DHCP logs and customer data (i.e. mac address), that's a second security barrier. Access logs are anonymous until cross-referenced with the DHCP logs and customer data. Finally, off-line retention can be encrypted which adds another security barrier.
Of course if the customer is at risk because the ISP is tempted... If you cannot trust the palace guards perhaps it's time to flee.
And more than likely make us all a lot less safe.
OK...I'll reword it just for you...
How much does this raise my monthly bill if they have to comlpy?
Whatever your ISP decides it costs to hire people to do this, buy the equipment, and establish new protocols for compliance and various legal fee's for the drove of Patriot act requests.
Take that cost and add at least 20%
Regulations are nothing new. I work for a grocery retailer and years ago we were forced to implement country of origin labeling (COOL) in response to the mad cow scare. This required changing package labels and retaining invoice/shipment/PO records in case the worst happened. We're also a wholesaler and our customers looked to us to keep their invoices in electronic format, which we did. Of course now COOL turns out to be a pretty good idea since purposely tainted food supplies are possible with the uptick in terrorism. Did it cost money to implement? Absolutely. Did it run anyone out of business? Not to my knowledge. Given the seasonal volatility of various supply costs and the length of time we had to implement compliance, I doubt consumers noticed whatever tiny price increase that might have been passed on to them.
It's easy to say something costs more but that's like taking a poll and making a statement about how America thinks. Without the supporting methods of data collection (how many samples, what confidence interval, how random is the sample), the results have zero context. In fact I'm sure people have repeated polls until they get the answer they want to serve dubious purposes.
In an era where minorities complain about skewed results on standardized tests because the tests might have context that cannot be universally understood, how can we be so arrogant as to believe those polled even understand the issues or the question?
I'm sure retention will cost more but if we cannot put context to that cost, there's simply not enough information to form an opinion and take sides. Anyone who does is ignorantly coming to a conclusion that they cannot support.
In whole I would agree with you, but regardless it shouldnt be done.
To implement the scope of this information gathering in hopes of catching maybe 1000 nonviolent criminals and 2-3 violent ones a year is ridiculous at any cost.
The only logs that should be required are DHCP to MAC logs so they can see who had an IP at any one time. And the only time that information should ever be used is when there are crimes against a person that has involved physical or mental harm.
I thought that was all that was required. As I said in another reply, I didn't know they required ALL the data to be kept. That's ridiculous and it seems like an unreasonable request that isn't even feasible. Are we sure they want ISPs to keep ALL the data and not just the logs for 18 months?