O Canada! > Canadian > TekSavvy > Why is Tek still keeping logs???

reply to Anonymous225

Re: Why is Tek still keeping logs???

I had a really useful chat with Tom (Copeland, the Chair of the Canadian Association of Internet Providers).

I asked him if I could quote him, and after further legal checks, he was happy for me to quote him confirming the following:

"I have confirmed that the recent copyright legislation
(or any other legislation/regulation) does not require ISPs to maintain logs for any specific period. It's a business decision on the part of the
provider based on their needs/abilities."

The Office of the Canadian Privacy Commissionier has also confirmed they have no legislation in that area.

No response from the CRTC yet.

No response from Trade and Industry yet.

Cheers,
Dave

reply to UK_Dave

Re: Why is Tek still keeping logs???

There's no way an ISP can safely "dump" relevant logs while legal proceedings are underway to acquire said logs. But all of the the non-relevant logs could be dumped.

Other than that, it appears that an ISP could make a statement up front about changes to log retention, and then gradually phase in the changes without trouble.

reply to UK_Dave

reply to mlord
Lets do this, the log thing (clap) go!

reply to Need2Know
HI there Need2Know.

I know nothing of that to which you refer.

I also don't feel it is relevant to the conversation I had with Tom.

For what it's worth, Tom was extremely forthright, very approachable, and knowledgeable on the subject. The only reason for the delay in my posting his comments, was that I asked for permission to quote him directly, and he asked if I could give him just a little time to be absolutely sure that his opinion was 100% accurate.

I asked him about the legislation, as it stands now. He answered me.

What he as a business owner does/wants, and what Marc as a business owner does/wants - is a different issue.

Dave,

What I'm getting at is that some people are speaking from one side of their mouth yet saying something else from the other side of their mouth.

It's all gravy.

There will be no such thing as "no logging" or reduced logging. Only increased logging. Mr. Copeland is very well aware of this since he is part of the secret working group in favour of capturing what IP you have and what you say on facebook (as well as CNOC).

There is no minimum requirement, as we already know, except for revenue purposes (tax records) and these records, logs and transactions are retained already for a minimum of 7 years by law. So those ISP's who have IP info on accounting records with your name basically keep those records for a decade already. Like maybe someone paying for a static IP or VOIP, or IP with B/W usage, as an example.

The "no logging" thing is a pipe dream. A kids fantasy.

reply to globus9991
Here is an interesting idea...

What about the concept of logging "For internal/business use only"

Meaning an ISP can keep logs all they want to reduce problems on their network (Hackers, DDOS, assholes, etc), but essentially "screw you" to anyone external who wants them. It IS a corporate decision after all right? That means there's zero legal obligation to provide those logs to anyone outside of the company.

"Sorry we keep limited logs for internal usage and troubleshooting, but they are not available outside of the company due to privacy/security reasons"

I don't know how that flies in regards to a law enforcement request, but I DO know that if you run a NATed address and are unable to provide customer info because it's a 1 in 300 chance of who it is, there is nothing they can do and the issue is closed. So the obligation to "try" is there, but the obligation to actually "DO" is not.

reply to Need2Know
Hi N2K,

I see what you are saying, given the Geist piece from May.

However, it would only be relevant to the discussion I had with Tom if I was discussing the topic of "What do you want the law to be?".

The topic was "What is the law now?".

I for one, did not know that the Minimum Legal Retention didn't exist - that's why I called a few places to try and learn something.

We all have our opinions on what the law/best practice should be, or could be.

This was an exercise in finding out what it is.

reply to voxframe
Voxframe:

I'm no legal expert as you've probably gathered already.

However, my view on your comments is that such a Chinese Wall seperating "internal" records, from "warrantable" records, isn't workable.

The whole point of going to a court to get the users names (putting aside the issue of IP does not equal a person), is to gain access to the "internal" records.

The only way I can see a defence against this whole approach right now, is to not have the records in the first place, and to have a policy saying that in advance.

I wanted to find out if such a policy would be *legal*.

How *practical* it is to run an ISP on such a basis, I have no idea. I'm not smart enough or ballsy enough to run one.

Cheers,
Dave

reply to voxframe

reply to globus9991
Yeah that's a tough one too. You can't destroy them, but there must be some way to "selectively" decide who gets them and who doesn't.

Granted that's perhaps not the "moral" thing to do either.

Just wish there was a way to have your cake and eat it too.

reply to voxframe
I think that is the heart of what this is about for me.

We would hope, that the distinction between "fair access" and "unfair access", would be the remit of the legal system.

However the encroachment of entertainment industry corporatism into, for example, the US legal system - has moved that line.

First it's "for the cheeeeeldren", then it's "to fight terrorism", and before you know it, the courts and law enforcment are busting down doors, stealing 14 year old girls laptops, utilising a foreign country's Secret Security Services for domestic civil cases, sentencing people to multi million dollar settlements, and acting like Walt Disney's private security force.

I don't want that to happen here, in our Canada.

reply to TSI Gabe

reply to The Mongoose

reply to The Mongoose

reply to HiVolt