German data rentention law
Sven Anderson
sven at anderson.de
Mon Oct 20 14:18:37 UTC 2008
Am 20.10.2008 um 15:29 schrieb Dominik Schaefer:
> Roger Dingledine schrieb:
>> On Sun, Oct 19, 2008 at 02:30:32AM +0200, Sven Anderson wrote:
>
>>> All sources I know don't let any doubt that ISPs will _only_ keep
>>> data, which they log anyways, that is which IP has been assigned
>>> to which user at which time.
> IMHO it is not true, that ISPs will only have to retain data, they
> anyway log. Until now, they weren't even allowed to log the IP address
> if they don't need it for billing purposes. The DR law defines, what
> they have to log.
You have to look at the details here. The law tells them what to
_retain_, not what to _log_. It assumes that ISPs log that stuff
anyways. I have my information from a talk of the data security
officer of the Deutsche Telekom[1], but I just had a look at TKG 113a
(1), and it seems indeed that if you don't log, you have to make sure
somebody else logs it. Maybe they changed that paragraph after the
talk has been held?
Regarding your example: I wrote the same one sentence after the one
you quoted from me. With a little difference: they are allowed to log
it, but they have to immediately delete it after the connection.[2]
[1] http://www.jura.uni-duesseldorf.de/institute/zfi/materialien/Informationsrechtstag5/070627-Ulmer.pdf
(german)
[2] http://www.heise.de/newsticker/meldung/80614 (german)
Regards,
Sven
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2415 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20081020/4642c34b/attachment.bin>
More information about the tor-talk
mailing list