German data rentention law

Sven Anderson sven at anderson.de
Sun Oct 19 16:01:12 UTC 2008 

Am 19.10.2008 um 17:06 schrieb krishna e bera:

> On Sun, Oct 19, 2008 at 01:45:22PM +0200, Dominik Schaefer wrote:
>> As already said, much more difficult is the part about anonymizing
>> services, which brings us right to the still missing 'technical
>> directive'.
>> That will define the specifics: who is exempted (e.g. WLAN hotspots  
>> in
>> hotels are said to be exempted, WLAN hotspots at airports not), what
>> format has to be used for transmitting the data to law enforcement,
>> what precision the timestamps must have, what 'immediate response' to
>> a request from a law enforcement actually means, what availability  
>> the
>> systems for data retrieval must have and so on...
>> Most of that will be defined first by the European Telecommunications
>> Standards Institute. Then the german agency, which has to supervise
>> the implementation of the law, will adopt that directive. That is
>> expected to happen in spring 2009.
>> Curiously, the telecommunication service providers in germany
>> now have to log stuff, but know nearly nothing about the technical
>> implementation and that is even worse for small service providers or
>> private persons.
>> The conclusion is more or less: nobody knows for sure if Tor relays
>> have to log or not. It seems, that some courts will have to decide  
>> that.
>
> The data retention law seems to be partly an attempt to
> make private operators do the government's work of law enforcement.
> However, suppose the technical implementation is something like  
> requiring ISPs
> to allow wholesale teeing of the pipes as is now done at AT&T in the  
> USA,
> at government/taxpayer expense.
> Then we will not know whether some or all of the data is logged.

This will not (legally) happen. Germany has an old tradition of data  
protection, and as I wrote before, until now the ISP are _not_allowed_  
to keep the exact same data, which the new data retention law requires  
them to store. It's a clear contradiction by different laws. There is  
a pending lawsuit against the data retention law going on, and if the  
storage is legal at all, it will be under very strict conditions.

> Further, what prevents European (or Chinese etc) data spies from  
> cooperating
> with American data spies, enabling monitoring both ends of most  
> connections?

The work of intelligence services is a complete different story. In  
most countries it is already possible for investigators and  
intelligence services to intercept the communication of suspects. And  
they don't need Tor logs for this. If they have a suspect person, they  
intercept his/her access line and the destination server and they  
might time-correlate the connections. So, Tor logfiles are irrelevant  
for them.

We cannot divide the world in logging and non-logging areas. Just in  
areas were we _know_ about logging, and areas where we don't know  
about it, what doesn't mean that they don't log! I would still trust a  
node more that is located in Germany and is affected by the data  
retention, but where I know there also (still) exists one of the  
strongest data protection laws, and the data is not easily accessed,  
than a node located in China, where they officially even don't have  
censorship, but of course they will log the hell out of every bit, if  
they are technically able to.

Regarding the improvement of Tor: I would suggest to assume that  
_every_ node is compromised more or less, and that there are different  
likelihoods between two nodes, that they will cooperate. These  
pairwise likelihoods could be estimated (same country, same  
legislation, same provider, good relations between countries and so  
on...) and be used for circuit building in a way that this likelihood  
is minimal for the circuit. The location of the client and the final  
destination should be included in this calculation. But to be honest:  
I'm not sure that it is worth it.


Regards,

Sven

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2415 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20081019/20f7b1be/attachment.bin>

More information about the tor-talk mailing list