dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
7743
share rss forum feed


rocca
Start.ca
Premium
join:2008-11-16
London, ON
kudos:23
reply to Who7

Re: Info: Length of time Canadian ISPs retain IP address logs

We feel that 90 days is a good balance of customer privacy, public safety and internal system / billing requirements. Sorry if you thought this was some competition to lure customers away from other ISP's because it wasn't. It is about responding to the question if a year was required, we said we could do it with less and reduced the period substantially.

Riplin

join:2002-05-13
canada
reply to hm
said by hm :

Yup.

Also, I just may try and involve the CRTC after new years as well as Privcom.

Good luck with that. The CRTC proved how useless they are again last night when CBC could find the Air Duct Cleaning scammers in Karachi and they couldn't


hm

@videotron.ca
said by Riplin:

said by hm :

Yup.

Also, I just may try and involve the CRTC after new years as well as Privcom.

Good luck with that. The CRTC proved how useless they are again last night when CBC could find the Air Duct Cleaning scammers in Karachi and they couldn't

As far as I know, Canadian ISP's aren't in Karachi, Pakistan. Again, as far as I know. Though with some of the horror stories we see here, and Ebox's non-existent privacy policy, it wouldn't surprise me

Started writing it up a couple of days ago. Matter of finding time to add more and finish up.

Who7

join:2012-12-18
reply to rocca
said by rocca:

We feel that 90 days is a good balance of customer privacy, public safety and internal system / billing requirements. Sorry if you thought this was some competition to lure customers away from other ISP's because it wasn't. It is about responding to the question if a year was required, we said we could do it with less and reduced the period substantially.

Sorry if you think that peoples privacy is secondary to your convenience or that 90 days is some kind of "protection" to privacy.

What you did is match TSI in order not to look bad in comparison. That's it. Nothing more. PERIOD. Stop spinning it as some kind of achievement when in fact, it's a marketing decision, NOT a privacy decision.

(Cue your "your a troll" because someone exposes your spin)



rocca
Start.ca
Premium
join:2008-11-16
London, ON
kudos:23
It's not a convenience factor, it's a balance.

I can understand if it's not sufficient in your personal opinion but we can't be everything to everyone and for those that feel they need further concealment beyond what their ISP can provide then there are plenty of easy options to accomplish that. Or you could start your own ISP, although you may quickly find that you have legitimate reasons for requiring logs.

Anyway, best wishes for your quest of a zero day logging ISP. Until then, there are lots of VPN providers with various different logging policies that can do what you need.

Who7

join:2012-12-18
Sorry buddy, but it's not "further concealment", as if anyone who cares about their privacy has something to "conceal". it's an expectation of privacy and protection against trolls who make a living off it. To even use "further concealment" speaks volumes about your perception of privacy issues.

You decided as a MARKETING STRATEGY to match EXACTLY what TSI is doing. Fine. Be honest and say that. Don't try to spin it as some sort of "balance" when it comes to rights and expectations of privacy.


rocca
Start.ca
Premium
join:2008-11-16
London, ON
kudos:23
It has nothing to do with marketing, pretty sure you don't see it in publications, it's not on our web site, nor did I make a big splash about it here in DSLR. Simply, we were asked if a year was justified, we evaluated and decided a good balance was 3 months. Whether you agree with that duration or not is certainly your prerogative but all your other nonsense is just that.

You like to confuse 'privacy' with being 'anonymous' as if they are the same thing and that is what prompted my choice of the word concealment. It is obvious what your own personal agenda is and only zero day logging is acceptable to you. If we had come out with a 1-day policy I'm sure you would have said we were exploiting a marketing opportunity while still not protecting against copyright notices since their requests are generally within hours of downloading.

Despite your continued accusations, customer privacy is incredibly important to us and we have never revealed information in response to a copyright complaint. Further, customer privacy is protected by Canadian law for the benefit of subscribers. We do not collect any information about what our customers do, rather we only log what IP address was assigned to their account. The law however provides the requirement for ISP's to reveal that association under a court order and we are not above the law.

Personally I don't care in the slightest what you do or don't download, it's none of my business.

Anyway, we did what we committed to and it's a positive thing. But, undoubtedly you'll find some way to spin it into how evil we are.

Peace out.

MFido

join:2012-10-19
kudos:2
Peter, there is no way you can reach an agreement with Who ... he has a very tweaked way of seeing life

Who7

join:2012-12-18
reply to rocca
said by rocca See ProfileIt has nothing to do with marketing, pretty sure you don't see it in publications, it's not on our web site, nor did I make a big splash about it here in DSLR.[/BQUOTE :

Actually you did. In this thread. As if it was some accomplishment.

As for marketing issue, you doth protest too much. You matched TSI exactly. It wasn't 89 days or 91 days, it was 90 days and given what is happening now, your previous record keeping off one year was too much and unjustifiable.

said by rocca See Profile
Simply, we were asked if a year was justified, we evaluated and decided a good balance was 3 months. Whether you agree with that duration or not is certainly your prerogative but all your other nonsense is just that.[/BQUOTE :

Oh please, stop the whining. You were out there with a year versus TSI 3 months and you decided to match them.

said by rocca See Profile
You like to confuse 'privacy' with being 'anonymous' as if they are the same thing and that is what prompted my choice of the word concealment.[/BQUOTE :

Straw argument. The argument was, is and will be that your record keeping for three months exposes customer to the copyright trolls.

said by rocca See Profile
Personally I don't care in the slightest what you do or don't download, it's none of my business.[/BQUOTE :

Although quick to claim that was "concealment".

said by rocca See Profile
Despite your continued accusations, customer privacy is incredibly important to us and we have never revealed information in response to a copyright complaint. [/BQUOTE :

Never? Not yet, although you do keep records for three months and exposing your customers to copyright trolls.

You can't claim "privacy is incredibly important" and keep records for three months. Nor can you claim it's some kind of legal requirement, which it isn't. Nor can you claim that it's necessary for your business when other companies do with less.

THAT is the issue.

Sorry to burst the bubble of what you thought or want to tout as some accomplishment.

Expand your moderator at work


rednekcowboy

join:2012-03-21
kudos:1
Reviews:
·Acanac

4 edits
reply to Who7

Re: Info: Length of time Canadian ISPs retain IP address logs

WHO--how long a particular ISP holds these logs is completely irrelevant. It's what they do with the logs that matters. I could care less if my ISP holds my logs indefinitely, however I want them to be as scrupulous as possible and extremely critical of any requests for such logs, even one that comes from a court order.

If the request does not meet the burden outlined in PIPEDA, again even if that request is a court order, then I expect my ISP to fight the request as is their responsibility outlined again in PIPEDA. If they simply "roll over" and hand over the information, regardless of whether or not that request has merit, then they make themselves liable for violating PIPEDA.

That being said, the shorter duration that logs are kept, the better for everyone involved for if such a request is made but is past the threshold that logs are kept, then there is nothing to worry about as no potential PIPEDA or any other privacy acts have a chance to be violated because there is no information on record. IE, a short retention span not only protects the customer, but also saves the ISP money and could also help the ISP avoid landing themselves in court on a class action for violations of the Privacy act.

Take Teksavvy, for example. What do you think would happen if all 2000 customers turned around and sued Tek because the request for their information is without merit? What do you think would happen if suddenly the government received 2000 complaints for violation of the privacy act on both a federal and provincial scale? I think this is something that all ISP's need to consider. They are also jeopardizing themselves when they willingly turn over private customer information from a request that does not meet the guidelines outlined in the privacy act, regardless of the source of such request.

EDIT: Just because a judge issues a court order, does not mean that the judge is right, which is why there is a system in place to challenge court orders. If a judge is wrong and a person/company complies with the request and then later that request is overturned, said company can then (possibly) be held liable. In this case that liability would be for violating the privacy act, a very serious offense.


hm

@videotron.ca
said by rednekcowboy:

Take Teksavvy, for example. What do you think would happen if all 2000 customers turned around and sued Tek because the request for their information is without merit?

I've seen people say this in the teksavvy forum... that is, they will sue.

It's all blabbing.

Canadian courts, especially those in Ontario, have already shot down lawsuits in relation to privacy if they can't show any actual and real harm. You can see this on both Privcom and Geists site, a well as google these things.

A privacy breach alone gets you nothing. Zip. Nadda. This isn't the states where a privacy breach lands you a million dollars. Here in Canada you get zero and the case tossed.

But it does make me wonder if getting the voltage extortion letter, or being brought to court and sued by voltage and if you are deemed innocent of this copyright crime, if this would be considered "harm".

There would definitely be real financial harm and mental/physical/emotional/family harm in all that. And you would have to show this and prove it, or you get nothing. That's the way the courts here work in regards to privacy breaches, to date.


rednekcowboy

join:2012-03-21
kudos:1
Reviews:
·Acanac

2 edits
I'd have to mostly agree on a single case, however if 2000 cases flooded the court all at once, there might be a different story. But alas, maybe filing suit would not be the way to go, maybe lodging 2000 complaints with the privacy commissioner for violation of PIPEDA (which this is, BTW) would be the better avenue. There has to be something that can be done. If Teksavvy, who claims to hold their customers privacy near and dear, cannot even follow a few simple guidelines laid out in PIPEDA, either that or are choosing to ignore them, then there must be a way to hold them accountable.

As per the guidelines, a company that is requesting the information has to have an intent to sue. The sheer number of cases here (2000) shows immediately that Voltage has no intention of suing all 2000 account holders. The costs of lawyers, investigators, etc for 2000 cases would damn near bankrupt a small company such as Voltage. They do not have the right to the information.

In order to request this information they have to have to show proof that they are asking for the correct person's private information. It has already been shown that Voltage's IP information is incorrect and flawed.

Just on these 2 accounts alone, the request for the information should be turned down and staunchly refused. It is Teksavvy's duty, bound by PIPEDA, to scrutinize, challenge and, if necessary, fight against any request for customer's private information if the conditions laid out in PIPEDA are not met, regardless of the source of the request.

While Marc has always seemed to be genuine on these forums and willing to help out anyone who needs it, the spin he using saying that it is not his duty to fight on the customers behalf in this type of lawsuit, is almost laughable. No one is asking him to fight a copyright infringement case on their behalf. We haven't even gotten to that point yet. It is his duty to protect his customers privacy as outlined in PIPEDA and he has a responsibility, actually he is legally bound to fight for his customers on that front.

So Marc, and any other ISP out there reading this, this case at this point is not about piracy just yet, it is about PRIVACY. If you truly do care about your customers PRIVACY, and don't want them leaving in droves, I would suggest that today, you get your lawyer into court and challenge this nonsense request for information and fight it every step of the way. If an appeal is needed on the original court order to over-turn it, then that is what you are obligated to do for not only the good of your customers but also for the good or your company and it's reputation.

I guess the question is does Teksavvy want to retain it's image as a customer-focused and driven company or does it want to forever be known as the company that had an obligation to defend it's customer's privacy but didn't follow through?

Who7

join:2012-12-18
reply to rednekcowboy

said by rednekcowboy See Profile

That being said, the shorter duration that logs are kept, the better for everyone involved for if such a request is made but is past the threshold that logs are kept, then there is nothing to worry about as no potential PIPEDA or any other privacy acts have a chance to be violated because there is no information on record. IE, a short retention span not only protects the customer, but also saves the ISP money and could also help the ISP avoid landing themselves in court on a class action for violations of the Privacy act.

THAT is the reason I took rocca to the woodshed. He thinks that it's about "downloading" and "concealment", where in fact, my argument from day one was to minimize the time trolls can, well, TROLL.

There is no legal limit of how long logs can be kept so there is no legal argument.

There are ISP who simply time roll their customers usage. It can be done for ANY period. PERIOD. The most that can arise is some argument of usage, not exactly a huge issues when they are offering train loads of capacity.

Then there is the dubious and self righteous claim of "social responsibility". Which make those who don't keep records irresponsible?

At least we didn't hear the "doing it for the kittens" argument.

Bottom line, just another CEO who talks the game......but doesn't walk.

Who7

join:2012-12-18
reply to Toastertech
rednekcowboy,

We are the same page here. The argument was, is and will be about PRIVACY. Sadly, we have CEO's who talk about it but think nothing of rolling over if there is the slightest hint of pressure.

If I have a store, I can keep my customer receipts in a locked drawer or a safe. I choose the safe. I don't have too, it costs me more time and effort, but I did it because I value my customers privacy and will do whatever is reasonably possible. If someone comes in and asks for those receipts, they will get the "go to hell" response. If they take me to court, I will make sure the judge demands a reasonable need to do so. I'm not walking in with a shoe box and handing over without a fight.

Privacy is a fundamental right and fight worth fighting.