dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
8653
share rss forum feed

funny

join:2010-12-22
reply to mlord

Re: Why is Tek still keeping logs???

said by mlord:

There's no way an ISP can safely "dump" relevant logs while legal proceedings are underway to acquire said logs. But all of the the non-relevant logs could be dumped.

Other than that, it appears that an ISP could make a statement up front about changes to log retention, and then gradually phase in the changes without trouble.

don't be so sure, if the law says i dont have to wait for a red light to cross the street ( true in canada ) and you want proof at court i did it makes it no less legal that i did or didnt cross the street.

as has been stated there is no law requireing marc to keep them....
if he says oh when you asked i decided to toss them in garbage
what can court do? NO really there is no law requiring logs ....at worst he gets a contempt of court pays a fine and i bet all hte tsi users will donate to pay it off...

hows that and i got a 100$ bill for it right here ( waves hand )

funny

join:2010-12-22
reply to voxframe

said by voxframe:

Here is an interesting idea...

What about the concept of logging "For internal/business use only"

Meaning an ISP can keep logs all they want to reduce problems on their network (Hackers, DDOS, assholes, etc), but essentially "screw you" to anyone external who wants them. It IS a corporate decision after all right? That means there's zero legal obligation to provide those logs to anyone outside of the company.

"Sorry we keep limited logs for internal usage and troubleshooting, but they are not available outside of the company due to privacy/security reasons"

I don't know how that flies in regards to a law enforcement request, but I DO know that if you run a NATed address and are unable to provide customer info because it's a 1 in 300 chance of who it is, there is nothing they can do and the issue is closed. So the obligation to "try" is there, but the obligation to actually "DO" is not.

voltage isnt law enforcement , and like a user said i'd be telling marc to see what verizon is doing and investigating voltage and its business and practices....perhaps some press on the kinds a things they do in courts to game the system , bring up other stories and posts and get real um er nasty about it....
Expand your moderator at work

voxframe

join:2010-08-02
reply to globus9991

Re: Why is Tek still keeping logs???

Here's a better question.

Marc, Gabe... What realistically do you guys see needing as far as logs go for keeping troublemakers off your network?

For me I only see the need of keeping a max of 5 days of logs at the most, if there's a problem user on my network, I know about it quickly as something gets blacklisted, alarms go off, or the phone is ringing.

The only time I've seen a need for an older log is from law enforcement
(Who incidentally is F***ING SLOW in my personal opinion), and if their shit takes that long, that's their problem.
(I'm talking looking for stuff 4+ months old... Where were ya when this shit was happening???)

What is the problem with cutting your logs down to a max of 5 days? It would pretty much eliminate giving out client info for copyright trolls as their legal process alone would tie them up long enough for the logs to be destroyed, and I would think that would give easily enough time to deal with network jerks. Law enforcement kinda gets shafted, but ya know, that's their problem really. Chasing ancient logs isn't going to be a major help to them.



drjp81

join:2006-01-09
canada
reply to Anonymous225

said by Anonymous225 :

My personal suggestion here would be to pay for the content, or do without. I remember coming here years ago and seeing someone suggest that the people who used torrents and were complaining about throttling on Bell's end were torrenting for reasons that were less than legal. It was vehemently denied. It seems that individual has been vindicated by what I see here.

Though I agree for the first half, if you don't like it don't pay (do without). There are other considerations.

If everytime there are internet legal issues, the extreme case of child pornography rears it's head, I think that for argument's sake we must also bring up privacy.

Simply put, it is a business model to use person's activity on the net, to police it and to extort money. Some adult film reps went so far as to threaten to publish names on the net, of people alleged to have shared their copyrighted media, unless they payed up.

They can only do this, because names were handed down, without any consideration for their proper use, if not legally, becasue of a court order.

In essence, they were given a green light to blackmail. And I don't know of a civilized society that can say it upholds copyright but condones blackmail with a good conscience. And personally, I would want no part of it.

That's the first thing off the top of my head and given a day that my brain is not working on 15 other tasks, I'm sure I could come up with others.
--
Cheers!


d4m1r

join:2011-08-25
Reviews:
·Start Communicat..
reply to UK_Dave

said by UK_Dave:

In light of the recent Voltage issues, and given the clarification we now have on Legal Mandatory Minimums, or rather the lack of them, I'm wondering if ISP Log retention times might well become a point on which different ISP's might compete?
Dave

They already do...In Europe. Unfortunately, like many things, they are light years ahead of us. Several ISPs across the bond adamently advertise they keep NO logs and are still able to deal with spammers etc just fine. If they are approached by the Police or government officials requesting information in relation to a crime, well...They don't have any so while they might love to hand it over, they can't. And they are perfectly within their right to do so, as TSI would be in Canada, but I don't think they realize this yet...

Sure things would have to change (dealing with spammers and billing issues apparently) but it would be possible for TSI to implement, and beneficial to them as a business (imho).

Privacy should trump spam related issues, copyright notices, and all other things logs are currently being kept to deal with.
--
www.613websites.com Budget Canadian Web Design and Hosting

BrianON

join:2011-09-30
Ottawa, ON
Reviews:
·TekSavvy Cable

1 edit

The EU directives (not yet passed in each country) call for retaining this type of information for not less than 6 months and not more than 2 years. In addition it lists some requirements to log the traffic/activity of the user which goes far beyond just logging the information to match users with ip addresses assigned to them for a given time period that is being talked about in this thread. Though content of the communications is still off limits (No data revealing the content of the communication may be retained pursuant to this Directive.)


UK_Dave

join:2011-01-27
Powassan, ON
kudos:2
Reviews:
·TekSavvy DSL
·Bell Sympatico

2 edits
reply to Samgee

He's referring to legal implications if they decided not to log. All the investigations would stop at them, and the pressure that could be placed on them because they are in a way obstructing an investigation aren't worth the benefits.
----------------------------------

EDIT: None of the below came from my discussion with the CAIP

If there is no law whatsoever mandating minimum record keeping, what would the implications be for an ISP that had a published zero-day record keeping policy, when for example facing a warrant for customer information.

The answer is that they would respond to the court with their stated Retention Policy, legal by all Provincial and Federal law, and that, would be that. I have had this confirmed, today.

That would be that, in a legal sense.

It was also pointed out, informally, that when that request is a 4 hour Orange Alert, and it will be allowed to slip into the news which ISP could not cooperate. That's a lot of people with pitchforks in the letters columns. And of course, something, would have to be done.

Something, would probably be a group to discuss the way to prevent "it" ever happening again. And the way, would be to propose a mandatory legal minimum data retention policy.

Anyhow, I am led to believe that there is no legal sanction that could be applied to an ISP following a stated policy under current legislation. I'm not saying this is possible, or that it's desired.

It's the way the law stands right now.



sm5w2

join:2004-10-13
St Thomas, ON
reply to globus9991

I've asked this question (legal requirements to log IP assignments) before here on dslr (and on usenet - can.internet.highspeed) and have never gotten any coherent answer.

But I'll tell you why TS and Bell and any other ISP does it. It's a very simple concept.

The telco / ISP industry wants as few laws / rules / regs as possible.

Law enforcement and the courts want to know IP assignments from time to time. So you keep logs and you give them the info they want. They are happy.

If you did not keep logs, they would be unhappy - AND THEY WOULD SIMPLY ENACT LAWS TO COMPEL YOU TO KEEP LOGS. Maybe throw in other rules or requirements while they're at it. Then the telco's / ISP's would be unhappy.

It's just that simple.

Now answer me this:

There is no technical or billing reason why a telco would need to keep logs of any local (non-billable) calls you make with your land-line. But - are there any laws on the books that require such logging?

If the answer is no, then the same logic and rational should apply to logging IP assignments.


kovy

join:2009-03-26
kudos:8
reply to globus9991

Hell I'd keep logs to see who's messing with my wireless... imagine if I had a ISP.


The Mongoose

join:2010-01-05
Toronto, ON
Reviews:
·TekSavvy Cable
reply to sm5w2

said by sm5w2:

Law enforcement and the courts want to know IP assignments from time to time. So you keep logs and you give them the info they want. They are happy.

If you did not keep logs, they would be unhappy - AND THEY WOULD SIMPLY ENACT LAWS TO COMPEL YOU TO KEEP LOGS. Maybe throw in other rules or requirements while they're at it.

Having worked in a highly regulated industry I can tell you that this is absolutely true. There's a reason "voluntary codes of conduct" get rather strictly adhered to...they have a tendency to become compulsory when companies start making regulators and law enforcement unhappy.

qewey

join:2007-10-04
reply to globus9991

curious if TSI can clearly tell us what are their legal logging requirements ?

From this site:
»www.eff.org/issues/mandatory-data-retention

It seems there is no specific mandatory data retention laws in canada.

Is there an existing law or law proposal for mandatory data retention in canada ?


qewey

join:2007-10-04
reply to globus9991

There is a canadian personal information protection and electronic documents act (PIPEDA) that protects personal information that is collected and used in commercial activities.

I guess nobody argued that it should apply to IP info collected by ISP ?

there is a paper from UofOttawa on it from 2005:
www.uoltj.ca/articles/vol2.1/2005.2.1.uoltj.Warner.75-104.pdf


UK_Dave

join:2011-01-27
Powassan, ON
kudos:2
reply to qewey

There is no existing legislation that mandates a legal minimum retention time, either Federally, or Provincially.



sm5w2

join:2004-10-13
St Thomas, ON
reply to qewey

>It seems there is no specific mandatory data retention laws in canada.
>Is there an existing law or law proposal for mandatory data retention in canada ?

There is no specific law that requires such retention by the ISP's.

The reason there is no such law is because the ISP's *voluntarily* keep logs and turn over this info when requested by the courts.

If the ISP's stopped keeping logs now (or back when residential internet was rolled out years ago) our politicians would be lobbied by the courts and law enforcement to create / enact laws that would require the ISP's to keep logs.

ISP's would never admit to that - but it's a fact. They keep logs so the gov't has no reason to create new/additional laws or rules/regs that would force them to keep logs.

Is that correct TSI-Marc?

Admit it - you have no practical, administrative need to keep a log of IP assignments beyond 7 - 10 days (if that).



Guspaz
Guspaz
Premium,MVM
join:2001-11-05
Montreal, QC
kudos:22
reply to globus9991

Gabe has already stated that most of the child pornography cases they've been asked for info on have involved pulling data from one or more months back.
--
Developer: Tomato/MLPPP, Linux/MLPPP, etc »fixppp.org


MaynardKrebs
Premium
join:2009-06-17
kudos:4

said by Guspaz:

Gabe has already stated that most of the child pornography cases they've been asked for info on have involved pulling data from one or more months back.

But is that *alone* enough reason to keep logs > 2 weeks?

I'm pretty sure Sonic is a fair bit bigger than TSI, and given that I'm sure that they too have their share of kidporn law enforcement requests - which once triggered for a customer would be continually siphoned off. The Sonic 2-week standard does not impede that.

voxframe

join:2010-08-02
reply to Guspaz

said by Guspaz:

Gabe has already stated that most of the child pornography cases they've been asked for info on have involved pulling data from one or more months back.

Our network is in the same vote when it comes to our experiences.
I'm sorry to say it but these guys are F***ing slow!
I'm not able to give much for details, asides from the fact that what they are looking for, is usually ancient history.

Not that I want to impede such an investigation, but I figure that a 5 day retention period is all we need. I've never dealt with a problem user where it's gone longer than a day or two. If these idiots (Or lazy morons is better?) want logs from us, they can get their ducks in line, and come back to us in a more appropriate time. A month+ for a criminal level investigation is not acceptable in my books. If the public wants to take up a pitchfork with someone, it should be the investigators who seem to take their sweet time.

voxframe

join:2010-08-02
reply to globus9991

As a side effect, a 5 day retention time, might actually force these people to get off their asses a little faster.

It's the equivalent of waiting 2 months to show up on a murder scene after getting the first call. No excuse, the guy is long gone.



d4m1r

join:2011-08-25
Reviews:
·Start Communicat..
reply to MaynardKrebs

said by MaynardKrebs:

said by Guspaz:

Gabe has already stated that most of the child pornography cases they've been asked for info on have involved pulling data from one or more months back.

But is that *alone* enough reason to keep logs > 2 weeks?

I'm pretty sure Sonic is a fair bit bigger than TSI, and given that I'm sure that they too have their share of kidporn law enforcement requests - which once triggered for a customer would be continually siphoned off. The Sonic 2-week standard does not impede that.

Couldn't agree more....Do a few criminal court proceedings that could *possibly* be impeded justify logging ALL IP assignments and other info for 3 months? The simple answer is no.

@UK_Dave, the way it has played out in Europe is those ISP had those policies in place BEFORE the police came to them looking for information. Like I said, so regardless of whether they actually wanted to give out that information or not in the first place doesn't matter as they can't. There has been no public outcry and the ISPs are perfectly within their right as they are not impeding any criminal investigations because they don't have logs in the first place....To them, it was merely a business decision.
--
www.613websites.com Budget Canadian Web Design and Hosting

UK_Dave

join:2011-01-27
Powassan, ON
kudos:2
Reviews:
·TekSavvy DSL
·Bell Sympatico

@UK_Dave, the way it has played out in Europe is those ISP had those policies in place BEFORE the police came to them looking for information. Like I said, so regardless of whether they actually wanted to give out that information or not in the first place doesn't matter as they can't. There has been no public outcry and the ISPs are perfectly within their right as they are not impeding any criminal investigations because they don't have logs in the first place....To them, it was merely a business decision.
------------------------------------

Yes, I've said the same pretty much here too.

I am not talking about ways for people to wangle their way out of this existing issue - well, apart from my post mentioning log accuracy and corroborating evidence.

The whole reason I dug around was to find out, going forward, if there was a legal minimum (there isn't), and to see if the defence of "sorry we don't keep them" would be possible, again under current legislation (it could) without any legal issues.

If you say you have them, turn them over. If you don't have them, there is nothing wrong with that.

I did suggest to one of my contacts, that in allowing these voluntary held logs to be used for issues such as this, it may dissuade ISP's from having them at all.

At which point, they kill the golden goose and logs are just "not available" in any case, no matter how severe.



hm

@videotron.ca

said by UK_Dave:

At which point, they kill the golden goose and logs are just "not available" in any case, no matter how severe.

And as stated by yourself (or CAIP), this first person raped, or kid that is killed, or whatever terrorist act creeps up, that ISP will be dragged over the coals in public.

You are basically stating too bad for the kid that was stalked on facebook and killed. I think that is rather juvenile. And just to protect some pimple faced kid downloading a movie?

There has to be a balance. Not extremism on either end.

UK_Dave

join:2011-01-27
Powassan, ON
kudos:2
Reviews:
·TekSavvy DSL
·Bell Sympatico

"You are basically stating too bad for the kid that was stalked on facebook and killed. I think that is rather juvenile. And just to protect some pimple faced kid downloading a movie?"
-----------------------

I think you had better start explaining where I said that.


qewey

join:2007-10-04
reply to sm5w2

said by sm5w2:

I've asked this question (legal requirements to log IP assignments) before here on dslr (and on usenet - can.internet.highspeed) and have never gotten any coherent answer.

But I'll tell you why TS and Bell and any other ISP does it. It's a very simple concept.

The telco / ISP industry wants as few laws / rules / regs as possible.

Law enforcement and the courts want to know IP assignments from time to time. So you keep logs and you give them the info they want. They are happy.

If you did not keep logs, they would be unhappy - AND THEY WOULD SIMPLY ENACT LAWS TO COMPEL YOU TO KEEP LOGS. Maybe throw in other rules or requirements while they're at it. Then the telco's / ISP's would be unhappy.

It's just that simple.

Now answer me this:

There is no technical or billing reason why a telco would need to keep logs of any local (non-billable) calls you make with your land-line. But - are there any laws on the books that require such logging?

If the answer is no, then the same logic and rational should apply to logging IP assignments.

Thats where TSI small size relative to the incumbents is finally an advantage here because their actions dont matter much compared to what the big 3 are doing as far as setting the agenda for domestic regulations.

So its a win-win for TSI if they lower their logs to lets say a few days :

First they get the extortionists off their back from further court orders since there is no log to hand over. Second they get strong customer support and further their brand even more. then 2 things can happen :

1) the incumbents dont follow suit because they are afraid of legislation/regulations against the whole industry. Government wont make regulations just for TSI. So its a win for TSI.

2) the incumbents follow suit but then will use all their lobbying powers to avoid/tone down any legislation/regulations against the industry. Again a win for TSI.

If TSI stay as is then its a lose for them because they will be perpetual victims (due to their small size and lack of internal legal department) from court orders from the extortionists costing resources that can used somewhere else. And they take a hit on the customer PR side.

qewey

join:2007-10-04
reply to hm

said by hm :

said by UK_Dave:

At which point, they kill the golden goose and logs are just "not available" in any case, no matter how severe.

And as stated by yourself (or CAIP), this first person raped, or kid that is killed, or whatever terrorist act creeps up, that ISP will be dragged over the coals in public.

You are basically stating too bad for the kid that was stalked on facebook and killed. I think that is rather juvenile. And just to protect some pimple faced kid downloading a movie?

There has to be a balance. Not extremism on either end.

sounds like the same argument line as the infamous "if you are not with us, you are with the child pornographers" from Vic Toews in parliament on the online surveillance bill, C-30.

»news.nationalpost.com/2012/02/14···c-toews/

»www.cbc.ca/news/politics/story/2···ons.html

yes real balanced all right .....


sm5w2

join:2004-10-13
St Thomas, ON
reply to qewey

> So its a win-win for TSI if they lower their logs to lets say a few days :
>
> First they get the extortionists off their back from further court orders since there is
> no log to hand over. Second they get strong customer support and further their brand
> even more. then 2 things can happen :
>
> 1) the incumbents dont follow suit because they are afraid of legislation/regulations
> against the whole industry. Government wont make regulations just for TSI. So its a win for TSI.

Yes, that is the way it would (or should) play out. The ISP's with smaller customer-base could do little or no IP-logging, and in theory they should receive proportionately fewer requests for IP information from the courts - information that they wouldn't be able to provide. The over-all number of failed attempts by the courts to get IP-info from ISP's that don't log wouldn't (or shouldn't) be enough to motivate them to impose legal regulation on the whole industry. Now, we could be completely off-base with that supposition.

So we don't really know why the smaller ISP's maintain IP-logs for such a long period of time given there is no legal requirement for them to do so, and also given that the information is a legal "hot potato" for them and it would be better if they did not have the information in the first place.

Presumably there would be NO downside for them if the courts ordered them to turn over information that they didn't have...???



d4m1r

join:2011-08-25
Reviews:
·Start Communicat..

said by sm5w2 See Profile

So we don't really know why the smaller ISP's maintain IP-logs for such a long period of time given there is no legal requirement for them to do so, and also given that the information is a legal "hot potato" for them and it would be better if they did not have the information in the first place.

Presumably there would be NO downside for them if the courts ordered them to turn over information that they didn't have...

QFT

--
www.613websites.com Budget Canadian Web Design and Hosting