dslreports logo
    All Forums Hot Topics Gallery


how-to block ads

Search Topic:
share rss forum feed


Kitchener, ON
reply to TSI Marc

Re: Discussion about log retention

For what it's worth, I personally am not fond of any type of log retention other than what is necessary for informational purposes (like usage statistics, etc) and for the purposes of service delivery.

I completely agree with the concept of keeping such informational logs (like usage) for a 180 day period, however I can't help but be a little uneasy about anything beyond that. In my opinion, the logging of more in-depth usage such as sites visited, DNS requests, files downloaded, etc. is just as much a gross violation of personal privacy as Telus' policy to keep logs of every text message ever sent or received from your cell phone.

Don't get me wrong though... I do NOT support criminal activity such as that mentioned in the OP, however, I do not believe that this justifies a potential breach of privacy for the rest of us. Unfortunately, I have seen and experienced just how far such logs can be used to destroy an innocent person when they fall into the hands of the law. As such, it is my opinion and personal belief that log keeping beyond the 90-day period, or log keeping of a nature that creates a potential to be used either for extortion or for defamation is a gross violation of FIPPA (aka R.S.O. 1990, c. F.31) s.21(1) (f). That being said however, it also outlines the extenuating circumstance factor in sub section b of the same clause.

It reads:
A head shall refuse to disclose personal information to any person other than the individual to whom the information relates except,
(b) in compelling circumstances affecting the health or safety of an individual, if upon disclosure notification thereof is mailed to the last known address of the individual to whom the information relates;
(f) if the disclosure does not constitute an unjustified invasion of personal privacy.
In the case of an allegation of attempted suicide or child molestation, I completely agree that this would be a justified invasion of personal privacy, particularly when a reasonable ground can be established. In such cases, it would stand to reason that there must be some sort of physical evidence to support the claim. Anything other than an extreme situation like a suicide claim, death threat, bomb threat, act of terrorism or conspiracy to commit an act of terrorism, or a threat to public safety just does NOT constitute a "reasonable" invasion of privacy.

One can also reasonably conclude from this that the simple existence of such records beyond what is absolutely necessary for the delivery of service impedes on the consumer's rights as defined in the Canadian Charter of Rights and Freedoms s.8 where it states:

8. Everyone has the right to be secure against unreasonable search or seizure.
Just my 2 cents worth. Take from it what you will, but perhaps this may give you a bit of an idea where a lot of people are coming from.