Brainstorming about Tor, Germany, and data retention

Carsten Krüger C.Krueger at
Wed Oct 8 14:13:19 UTC 2008

Hello Roger,

> 1) Will ISPs be required to log connection timing information of their
> users? What exactly will the information be -- destination IP address,
> port, timestamp of beginning of connection, timestamp of end? Or more
> than that? Or less?

That's not planed.
The ISPs have to log the dynamic IP of the user, the time (log in/log
out including timezone) and the identifier of the telephone/dsl line.
Only for email, telephone and sms there are more rulez.

Directive 2006/24/EC of the European Parliament and of the Council
(I've attached it, the server is down at the time of writing)

> 2) Are there ISPs that plan to not log? If so, how many?

very unlikly

> 3) Do we expect the authorities will only use the logs in a pinpoint
> way, or will they also trawl? That is, will they go to an ISP and say
> "tell me what this user did during this five minute period", or can they
> ask every ISP at once "tell me all your info about every connection to
> on Saturday"? As a special case of this, is asking for info
> from 500 Tor relays more like a pinpoint request or more like trawling?

That's not possible.
Authorities can lawfull intercept the traffic of some users (sniff the
hole traffic). That could be an end user or an tor operator.
Lawfull interception is only applicable if the person is suspicios.
There are more or less well defined criteria when it is allowed to
intercept (it's not allowed for prevention)
Additionaly they can ask for there logfiles.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: Directive 2006-24-EC of the European Parliament and of the Council.txt.bz2
Type: application/octet-stream
Size: 8029 bytes
Desc: not available
URL: <>

More information about the tor-dev mailing list