Swedish ISP Deletes Customer ID Info 177
NewYorkCountryLawyer writes "A Swedish internet service provider, Bahnhof, has begun deleting customer identification information in order to prevent it from being used as evidence against its customers under Sweden's new legislation against copyright infringement via peer-to-peer file sharing. According to this report on 'The Local,' it is entirely legal for it to do so. The company's CEO, Jon Karlung, is identified as 'a vociferous opponent of the measures that came into force on April 1st,' and is quoted saying that he is determined to protect the company's clients, and that 'It's about the freedom to choose, and the law makes it possible to retain details. We're not acting in breach of IPRED; we're following the law and choosing to destroy the details.'"
Wow (Score:5, Insightful)
Re:Wow (Score:5, Insightful)
While I love this decision also, I find it sad that we now applaud people who want to take care of their customers... Didn't that used to be a given?
Re: (Score:2, Insightful)
find it sad that we now applaud people who want to take care of their customers..
modern age: 2 kinds of 'customers':
- the ones that pay the bills by buying your products or services
- the other kind that shows up with as a band of thugs bearing guns and badges
the first one you can abuse and refuse. the 2nd one, well, not so much.
welcome to the brave new world.
Re: (Score:2, Offtopic)
Hell yeah, where do I get my soma!?!
Re: (Score:2)
Please read Brave New World & get back to me.
Re:Wow (Score:5, Funny)
Re:Wow (Score:5, Funny)
Re: (Score:3, Funny)
Good job idiot! Now Slashdot's owners are going to go to jail for a year too! Of course, the site is commercially orientated, they probably make money off it and everything.... it's probably fair then.
Re: (Score:2)
http://thepiratebay.org/torrent/4796035/Huxley__Aldous_-_Brave_New_World_E-book [thepiratebay.org]
Re: (Score:2, Insightful)
Great! Now slashdot is guilty of being "Accessories to pirating" too. ;)
Re: (Score:2)
Between soma and orgy-porgy, I don't think it would be too bad.
It's the transition that would suck.
Re:Wow (Score:5, Interesting)
At least here in the US, our corporations are not afraid of "thugs bearing guns and badges" because they are paying those thugs.
That's the modern-day equivalent of when a US governor would send out National Guard troops to kill striking coal miners and their families.
We should never forget that the people who fought and died to create the labor union movement in this country were every bit heroes as the men who stormed Normandy.
We may be about to find out what it's like to live under the thumb of corporate fascists and their puppets in government.
Re: (Score:3, Interesting)
We may be about to find out what it's like to live under the thumb of corporate fascists and their puppets in government.
About to?
Re: (Score:2)
Didn't that used to be a given?
No. Only in some romanticized version of the past.
Re:Wow (Score:5, Interesting)
While I love this decision also, I find it sad that we now applaud people who want to take care of their customers... Didn't that used to be a given?
Speaking as someone that handles consumer's problems - you are correct. There's nothing I hate more than hearing "Sorry for your inconvenience." - especially from airline employees!
Oh yeah! How about, the next time you're on strike and bitching about how you're not making enough, I walk up to you and say, "Sorry about the inconvenience!"
Here's the thing, with this shitty economy, companies are seeing the light! Amen! They're paying attention to customers. Just walk into a Home Depot now. I got asked 4 times if I found what I'm looking for! Now, they're pissing me off for being so helpful. Talk about the pendulum swinging!
P.S. To you Aladrin: I see that big orange ball by your userID. For what it's worth, whatever I said, I meant nothing personal, but I stand by my opinions. I take responsibility for what I've said that has offended you. Judge me as you will.
Re:Wow (Score:5, Insightful)
Yep, pretty much. What's your point?
Unfortunately a man who has his spine intact is a rare sight these days. Too many people don't understand that being petty and easily upset so that you respond with anger to whatever you dislike is the wrong kind of strength. That anger looks forceful and powerful but there is a great deal of cowardice behind it that comes from looking everywhere but within for your joy and your strength. Thus, anger is almost always about control of externals. It's also being strong in the wrong way because it is a compensation for weakness rather than a removal of weakness.
What you have provided a good counter-example against are the people-pleasers who derive their being and their self-worth (of a worthless sort) from the approval of others. Thus, they have no idea how to be their own person and they have conflict and frustration because their life is not really theirs. Such people usually believe that they are living their own lives because they have personally identified with those external influences that control them, which is why this system is so effective and why so few come to understand it. It needs this deception to work, which is why understanding it is the same thing as having freedom from it.
For you, it may be rather easy to understand that when you have a nation full of people with such weakness, it sets the stage for a powerful government to cater to it. If those people were whole and joyous and complete in the right way, the sort of comfort and security that government can offer would not be tempting to them. There are also economic and political reasons for it, of course, but this is the predecessor to fascism that no one in the media talks about. It is, in fact, the one enabler that makes all of the others possible. The mainstream media really can't talk about it and still have high ratings because most of the population has become this way. Of course, high ratings are more valuable to them than a chance to promote joyous, secure, sane people who cherish freedom. There's not much else to know about what sort of people they are.
Re: (Score:2, Insightful)
Watch for people asking where to sign up...
Re: (Score:2, Interesting)
that move will prolly get his ISP more customers, and if more customers = more moneys .
ez
1. destroy customer information
2. get more customers signed up because of that.
3. ???
4. Profit
Re: (Score:2)
Panty raids
Re:Wow (Score:4, Insightful)
I'll buy an ACCOUNT on his server. even though I don't live anywhere near there.
this guy IS a hero!
Re: (Score:3)
Re:Wow (Score:5, Informative)
Those were the guys with the James Bond villain data center. Just from watching the video, you get the impression they are a good group of nerds.
Re:Wow (Score:5, Insightful)
Actually, that, combined with this, has made me consider a switch from Bredbandsbolaget (a major Sweidsh ISP) to them. They have pretty decent pricing too, and I have no problems at all with BBB -- rather to the contrary. But it would simply feel good to be an ISP customer where the CEO shared my ideals. :-) And know that they at least try to protect the privacy of their customers. That's so little of a given these days that it's scary.
Re:Wow (Score:5, Insightful)
Better yet, if you live in Sweden move your Internet connection over to his ISP. This is a very rare chance to financially support someone who is trying to protect your privacy while having little net cost for yourself.
Re:Wow (Score:5, Interesting)
Re: (Score:2, Insightful)
Re:Wow (Score:5, Interesting)
I hope all the teabaggers who were at the big Fox News Tea Bag Rallies here in the US on Wednesday take note that this head of a company who is striking a blow for the privacy of his customers and liberty in general is acting in what they deridingly refer to as a "European Socialist" country.
If this is European Socialism, I want some of that right here in America and the sooner the better.
What was the last time an American CEO did something like this for his customers?
Re: (Score:3, Informative)
Joe Nacchio refused to cooperate with the NSA. On the other hand, my mom had Qwest stock.
This guy is a hero (Score:5, Insightful)
And sometimes heroes get arrested and thrown in jail for obstructing justice.
Re:This guy is a hero (Score:5, Interesting)
Deleting all non-essential personal data sounds like a good way to limit the possibility of having the data stolen and used for identity fraud. That sounds like a pretty compelling argument.
In fact, here in the UK, data protection laws require each piece of information kept to be justified. If they rules on justification were tightened up...
I'd love to know how they can bill people without even knowing their name though. It would seem to rule out credit cards.
Re: (Score:2, Informative)
Re:This guy is a hero (Score:5, Informative)
You don't need DHCP server logs for billing purposes.
You do need them for hunting file sharers.
Re:This guy is a hero (Score:5, Informative)
Heck, if you sell uncapped, un-metered always-on connectivity, you don't need any logs at all. You need to set up a user name and password, or authorize a MAC address, or energize a particular port on a switch, or something. But it doesn't _matter_ if it ever gets used... the bills are because "you signed up and the month has ended." So you don't need to log it; you just need a way of turning it on when someone starts paying, and off when they stop.
Re: (Score:2)
I wish ISPs could do that here in the UK, but they are required to keep those kinds of logs for at least a year. The government even pays for the equipment to do the logging. Unfortunately I suppose Sweden will be passing similar laws soon.
Re: (Score:2)
Who says he needs to use DHCP... my IP is renewed maybe once or twice a year. With IPv6 it will be a thing of the past.
You won't find any child porn dealer using dhcp logs, the real kind of child porn dealers. You'll get only the small fish or people who somehow got their computers infected or in a bot network.
Same for all the other reasons you list... your privacy should be more important than an eventual need sometimes in the future.
Re: (Score:2, Insightful)
By using such information for hunting file-sharers they pretty much breached the trust relationship with the ISP. If the ISP could keep the data and only give it out in cases of child porn I'm sure they would keep them.. But the law doesnt make that distinction so the only option left to protect his customers is to not keep the data.
Actions have consequences. Sometimes an idea will bite you in the ass in unintended ways... Like the diesel-fuel added to processes in paper-production factories to get money ev
Re: (Score:3, Interesting)
I'd love to know how they can bill people without even knowing their name though. It would seem to rule out credit cards.
Provide service but don't keep DHCP logs? Pretty much all broadband in Sweden is unmetered, so there's no need to keep any traffic details at all.
Re: (Score:2)
If the ISP is getting paid and the customer isn't complaining, the business relationship could be said to be satisfactorily established to the satisfaction of both parties.
There's no legal need to tie usage information from IT to customer information from billing.
Re: (Score:2)
Re: (Score:2)
I'd love to know how they can bill people without even knowing their name though.
The headline is a little deceptive. It sounds like what's actually going on is that they don't retain logs. From a comment to the article:
To clarify, we (Bahnhof) have not "begun deleting information" of any kind, we have always discarded this sort of informationcouplings in the earliest stage possible in our ongoing efforts to provide iNTeGriTY-marked(swedish language ahead) broadband for our customers.
Re: (Score:2)
Re: (Score:2)
Your name is also stored in the magnetic stripe.
Re:This guy is a hero (Score:5, Informative)
Stefan Johansson, deputy director at the Swedish justice ministry, confirmed that Bahnhof was not breaking the law by choosing to destroy IP address details.
"The IPRED regulations do not entail any obligation of this kind. They are only concerned with the retrieval of existing information," he said.
Re: (Score:2)
He'll probably be ok until they change the law in response.
Fixed that for you.
Re: (Score:2)
If the legislation is enacted, Karlung said Bahnhof would continue to stay within the bounds of the law.
"If the state decides that everything has to be handed over to various private organisations[sic], then we will of course comply, even if I think it's unfortunate and hope public opinion pushes the matter in a different direction," he said.
According to wikipedia, the Swedish constitution prohibits Ex Post Facto criminal laws, so again, they should be just fine.
Re: (Score:2, Insightful)
I hope... (Score:5, Insightful)
Re:I hope... (Score:5, Interesting)
I hope this won't be like what happens in the US where the company deletes data, but when pressured by the courts, they happen to recover a backup.
It's worked out GREAT for libraries in the US. The PATRIOT act requires that libraries give up book borrowing records without even a warrant. So within a year or two pretty much all of the common library management software packages were updated to delete all record of who/where/when/what was borrowed as soon as the book is returned. Few people would ever guess it, but most librarians are almost militant about patron privacy.
Re: (Score:3, Insightful)
I hope this won't be like what happens in the US where the company deletes data, but when pressured by the courts, they happen to recover a backup.
And when the courts pressure the gov't. for data, it's lost/unrecoverable.
Sometimes I just have to wonder....
Wow, I wish I could change to them (Score:4, Interesting)
Re: (Score:2)
Re: (Score:2)
Aside from the Bond datacenter fulfilling those requirements (give or take), chances are that if they're a legitimate concern then you've got other more pressing issues to deal with. Such as your impending vaporization.
Judging by the recent trial of TPB (Score:5, Interesting)
Re: (Score:3)
Judging by the recent trial of TPB, following the letter of the law in Sweden is not enough to defend yourself if the case ends up in court.
TPB's trial is the norm rather than the exception. If you think the letter of the law is enough to keep you safe in court try getting out of a traffic ticket where you know you're in the right. This applies in any country.
Re: (Score:2)
I got out of a traffic ticket, and I was guilty. I hired flesh-eating bacteria to infect the leg of the officer so he couldn't show up in court. Ok, I'm making up the 'hired' part, but flesh-eating bacteria is why my ticket got thrown out. (I think I would have won anyway, because the signal was defective, but it really was red when I went thru it...)
Agreed. (Score:5, Funny)
The company's CEO, Jon Karlung, is identified as 'a vociferous opponent of the measures that came into force on April 1st'
I'm not a fan of the new slashdot achievement system, either.
That's it... (Score:3, Insightful)
I'm moving to Sweden.
Anyone want to hire me?
Another law (Score:5, Informative)
They are actually claiming to follow another law from 2003 called the Swedish Electronic Communications law. It states that traffic information should be deleted or anonymized when it is no longer needed to transmit the electronic message.
Try that in the Americas... (Score:4, Insightful)
... and you'll be charged with destruction of evidence, and obstruction of justice, and almost assuredly, they'll think you complicit, because silence = guilt here.
Re: (Score:2)
But I don't think they will. Too much hassle for the ISPs.
One Solution (Score:2)
Offer prepaid internet access. It could be cost-effective for a new player in either a densely populated area without high-rises, or in the boonies using WiFi and clever antennae.
The greatest ISP in the world (Score:2)
Re: (Score:2, Interesting)
Destruction of evidence... (Score:2)
There is a fine line between merely caring for your customers and helping them get away with wrongs (be that wrong a crime [telegraph.co.uk] or just a civil offense).
It is surprising, that it is legal, and they may be mistaken too — The Pirate Bay crew was just sentenced to a year in jail, however long them claimed, they did "nothing wrong".
Re: (Score:3, Informative)
I suppose I don't know how it is in Sweden, but I beileve in America for there to be 'destruction of evidence', the destruction has to occur in the context of an actual investigation.
In fact, this is why companies have "data retention" policies (which typically have more to do with which data to destroy than which to retain) -- when an investigation does come up, if you already don't have the information and it was destroyed in accordance with standing company policy, then there is normally no recourse agai
Re: (Score:2)
In fact, this is why companies have "data retention" policies (which typically have more to do with which data to destroy than which to retain)
That's what Sarbanes-Oxley was about: to make companies start retaining data on purpose. Previously companies attempted to walk the line between destroying everything that could be used against them, and keeping anything that could ever be useful. Now they have a third issue to worry about: legal compliance with data-retention laws.
A law requiring connection of users to addresses is going to be technically unworkable, so if it happens it's a sign that it's time to run for the hills. Or at least another coun
Re: (Score:2)
Yes, and as a result there's been about one IPO since SOX was introduced (Rackspace), and their stock immediately tanked. Despite SOX's noble intentions, all it's really done is make the criminals get more creative while giving a lot of companies incentive to stay privately held.
Re: (Score:2)
all it's really done is make the criminals get more creative while giving a lot of companies incentive to stay privately held.
I don't have a problem with that last part. The criminals will always get more creative. But if they are prevented from doing it on the backs of shareholders, then something has been gained. Anything that discourages the creation of more public corporations which are beholden to only majority shareholders and legally obligated to turn a profit is okay in my book.
Re: (Score:2, Insightful)
They did nothing wrong, you were the one that did when you decided to torrent a file, not them, they did not twist your arm did they. If i build something and you use it for something of an evil nature, then who is the wrong one here?
in case of an attack on the datacenter (Score:5, Funny)
Well, these guys have a nuclear bunker for a data-center [datacenterknowledge.com], they probably think that even if the government comes and attacks them, they can just ride it out inside. They'll probably survive even if US decides to blast them with a nuke (I wonder what the rest of the world would think of the USA if that happened though - US blasting an entrance into a datacenter with a thermo-nuclear weapon in a populated Swedish area. Oh well, just pretend there are WMDs in there and anything would go...
New Swedish Data Retension Law (Score:5, Insightful)
Re:New Swedish Data Retension Law (Score:4, Funny)
New Swedish Data Retension Law
I thought most backup systems did this to the tapes automatically...
Re: (Score:2)
Re:New Swedish Data Retension Lawl (Score:5, Funny)
Re: (Score:2)
Oh, fuck me, that's embarrassing. And now it's +5 Insightful. I love the spotlight!
Its a highly appropriate grammar mix-up - their would indeed be a "retensioning" as in tightening down the screws.
I used to know a guy who made those kinds of ontopic grammatical errors all the time. I would really like to know if there is a name for them - kind of like mondegreen.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
New Swedish Data Retension Law
Actually more like EU in 2009, 2008, 2007, 2006 - Directive 2006/24/EC. They'll just bitch Sweden into not ignoring it anymore and you'll have a minimum of six month mandatory logging.
Re: (Score:2)
I can't help wondering if you're referring to the DATA, or to the LAW...
In next month's news... (Score:5, Insightful)
Preview of next months news:
Swedish authorities discover that ISPs deleting cutomer ID info has led to them being unable to determine the ID of file sharers, but also child pornographers, terrorists, people threatening suicide, etc.
New laws will be up for debate trying to outlaw deleting this kind of customer ID info, with privacy groups outraged.
(Not advocating anything here, just figuring this is where this is going.)
Re: (Score:3, Insightful)
Welcome to the world of Government intrusion into every aspect of our lives.
The camel is in the tent. The Elephant is in the living room. We are sliding down the slippery slope. The Frog in the pan is getting well done.
The problem is, one cannot have privacy, if the government controls everything, because they will claim a need to know.
And how many of you people want government run health care? You think the government will want to keep your health info private?
Progressives want what they want, until it is
Re:In next month's news... (Score:4, Insightful)
You goddammed fucking stupid moronic yankee. Only a yankee would be that stupid in his irrational stupid hatred of government.
Everywhere there is GOVERNMENT HEALTH-INSURANCE (repeat: GOVERNMENT HEALTH-INSURANCE), the health info is KEPT PRIVATE (repeat yet again so it goes through your thick cranium: KEPT PRIVATE) because THE FUCKING GOVERNMENT IS ***NOT*** PROVIDING THE HEALTH-CARE, JUST PAYING FOR IT.
And there is NO FUCKING NEED for the insurer to "share" private patient information, BECAUSE EVERYONE GETS THE SAME COVERAGE BY THE SAME INSURER, SO THERE IS NO NEED TO SNOOP IN ORDER TO FIND PRE-EXISTING CONDITIONS (as a manner to be able to deny coverage) BECAUSE PRE-EXISTING CONDITIONS CANNOT BE USED TO DENY COVERAGE (I repeat again: BECAUSE PRE-EXISTING CONDITIONS CANNOT BE USED TO DENY COVERAGE).
Re: (Score:3, Funny)
Re: (Score:2)
The linked article already talks about this. Data retention laws for antiterrorism purposes are already going through the legislative pipeline in Europe apparently.
Re: (Score:2)
Swedish authorities discover that ISPs deleting cutomer ID info has led to them being unable to determine the ID of file sharers, but also child pornographers
Mostly teenagers these days.
terrorists
What terrorists? The ones you need to worry about don't use the internet.
people threatening suicide, etc.
How is that an ISP's business at all?
Re: (Score:2)
perhaps not applicable outside the US, but...
Why don't big bro just get a warrant for that crap...like they should be doing to begin with?
Only exigent circumstances allow you to get a warrant after the fact. You still have to show probable cause to keep evidence from getting tossed by a motion to suppress.
I talked to one of them (Score:3, Informative)
They use dynamic IP-addresses and do not refresh them unless there's good reason.
You can choose to renew your IP address any time you choose though.
It's a really neat system and I really hope the data storage directive fails and that I can switch to them.
Cause they are awesome.
Statement by Bahnhof (Score:5, Informative)
VPN service (Score:2)
US Libraries/Patriot Act (Score:5, Interesting)
US Libraries started doing something similar after the passing of the Patriot Act: deleting customer's borrowing history so that their information couldn't be subpoenaed for the data by the government.
Actually, I think this guy is legally in the wrong (Score:4, Insightful)
A fairly recent round of laws to come into play for all EU member states specifies that data like this must be retained for 6months.
But fuck the legality of it, he may be in the wrong legally, but he's one of the few ISPs in the right morally. It's just a shame more wont stand up across the industry and do this.
I find it odd that the EU recognises that storing people's DNA on a DNA database when they're innocent and haven't been convicted of any crime is clearly wrong, but that on the flip side of it they support the storage of what people did and where on the internet.... even if people are innocent and haven't been convicted of any crime.
It's just a shame they don't understand technology and the implications of their decisions related to it as well as they do real world justice.
Re: (Score:2)
Re:Actually, I think this guy is legally in the wr (Score:2)
Yeah, I'm confused, too. 2006/24/EG is pretty clear that the source of a internet message has to be identifiable for at least 6 month.
OTOH, there's a lawsuit pending against the directive in Ireland and the German constitutional court has granted a temporary injunction against it*, so it maybe not all is lost. It's pretty controversial politically.
* Except in cases of serious crimes, which is how they were able to bust a child porn ring recently. Next thing you know the 5 major German ISPs sign a contract t
Re: (Score:2)
Correcting myself here, but on further reading I've just found out that the Irish lawsuit was denied in February. Bummer!!
Summary Got it Wrong (Score:5, Informative)
Double oh Datacenter (Score:2)
This is the ISP that has the fancy underground data center.
http://royal.pingdom.com/2008/11/14/the-worlds-most-super-designed-data-center-fit-for-a-james-bond-villain/ [pingdom.com]
Re: (Score:2)
Re: (Score:2)
So Bahnhof means "railway station" in Swedish too?
Re: (Score:2)
Nope, in Swedish it's "jÃrnvÃgsstation", or "tÃ¥gstation" (train station).
Re: (Score:2)
Fuck you Slashdot for failing to properly support UTF-8. :P "järnvägsstation" or "tågstation".