|reply to DataRiker |
Re: Disk is cheap and the data is immutable...
Regulations are nothing new. I work for a grocery retailer and years ago we were forced to implement country of origin labeling (COOL) in response to the mad cow scare. This required changing package labels and retaining invoice/shipment/PO records in case the worst happened. We're also a wholesaler and our customers looked to us to keep their invoices in electronic format, which we did. Of course now COOL turns out to be a pretty good idea since purposely tainted food supplies are possible with the uptick in terrorism. Did it cost money to implement? Absolutely. Did it run anyone out of business? Not to my knowledge. Given the seasonal volatility of various supply costs and the length of time we had to implement compliance, I doubt consumers noticed whatever tiny price increase that might have been passed on to them.
It's easy to say something costs more but that's like taking a poll and making a statement about how America thinks. Without the supporting methods of data collection (how many samples, what confidence interval, how random is the sample), the results have zero context. In fact I'm sure people have repeated polls until they get the answer they want to serve dubious purposes.
In an era where minorities complain about skewed results on standardized tests because the tests might have context that cannot be universally understood, how can we be so arrogant as to believe those polled even understand the issues or the question?
I'm sure retention will cost more but if we cannot put context to that cost, there's simply not enough information to form an opinion and take sides. Anyone who does is ignorantly coming to a conclusion that they cannot support.
In whole I would agree with you, but regardless it shouldnt be done.
To implement the scope of this information gathering in hopes of catching maybe 1000 nonviolent criminals and 2-3 violent ones a year is ridiculous at any cost.
The only logs that should be required are DHCP to MAC logs so they can see who had an IP at any one time. And the only time that information should ever be used is when there are crimes against a person that has involved physical or mental harm.
I thought that was all that was required. As I said in another reply, I didn't know they required ALL the data to be kept. That's ridiculous and it seems like an unreasonable request that isn't even feasible. Are we sure they want ISPs to keep ALL the data and not just the logs for 18 months?