Germany Implements Sweeping Data Retention Policies 210
G'Quann writes "Starting next year, all communication providers in Germany will have to store all connection data for six months. This includes not only phone calls but also IP addresses and e-mail headers. There had been a lot of protest against the new law, but it was ignored by the government. Quoting: 'The content of the communications is not stored. The bill had been heavily criticized. Privacy [advocates] had organized demonstrations against the bill in all major German cities at the beginning of this week. In October there had already been a large demonstration with thousands of participants in Germany's capital Berlin. All opposition parties voted against the bill. Several members of the opposition and several hundred private protesters announced a constitutional complaint.'"
Same old shit (Score:4, Informative)
Re:Germany is officially off my list (Score:3, Informative)
http://www.privacyinternational.org/article.shtml?cmd%5B347%5D=x-347-545223/ [privacyinternational.org]
The German Government is Pissed (Score:4, Informative)
Why is it so hard for some otherwise reasonable people to understand that in a society where everything and everyone is tracable, sooner or later those in power can spank down a few annoying people and everyone will get the idea that if they speak out, they could be next?
IP address tracking: means your ISP IP address (Score:4, Informative)
Just to be clear on one point: the IP address tracking mentioned in articles on this subject is the IP address allocated by your ISP, not the IP addresses you connect to. Which is bad enough, and on the basis of existing laws there was a ruling that ISPs aren't allowed to retain your IP connection history for privacy reasons.
Personally I've alway assumed IP addresses are inherently traceable, so in a practical sense this doesn't make any difference to me (except that no doubt I'll end up paying for the extra costs incurred by my ISP). It's the other stuff I find more worrying - and completely asinine at the same time, because anyone with anything to hide (including teh terrorists) will know how to work round them anyway.
Re:Fascism Anyone? (Score:5, Informative)
The constant vigilance of Big Brother was only to ensure that those who even hinted at seeing past Newspeak and the overall deception were properly dealt with.
It's time to write a nice little tool (Score:3, Informative)
With enough people participating, one could even create a network of some sort, where successful syncs are shared and repeated by others, so actual commections (and thus log entries) are created at an elevated rate.
As my statistics prof always preached, the only thing that's worse than having too little data is to have poisoned data.
Re:Hm, I just wondered... (Score:1, Informative)
Actually, the authorities in Denmark are apparently requiring ISPs to retain, in addition to address allocation data, the header data (source and destination address, source and destination port number, transport protocol) of every 500th IP packet.
You may find this PowerPoint file [fu-berlin.de] an interesting read. It's from this presentation [events.ccc.de], which I higly recommend watching (MPEG-4 H.264 video file, 186 MiB) [chaosradio.ccc.de].
Re:At least they saw it coming (Score:1, Informative)
That doesn't help. The encryption is only used between the client and the server: what happens to your mail once it arrives at the mail server is out of your control. The server has decrypted the data when it received it; if it didn't, it couldn't read & write the headers. There is no reason the server couldn't dump a copy of your mail headers to a file for storage. It could also relay your mail onto another SMTP server using a non-encrypted channel.
The same goes for POP3S & IMAPS: the encryption only exists between the server and the client. You have no control over what the server does, and the mail may have reached the server via. a non-encrypted channel.
Using SSL can help prevent some man in the middle type attacks but when it's applied to an inherently store & forward protocol such as SMTP it's largely pointless.