Second Swedish ISP Starts Scrubbing IP Addresses

Marzubus writes "Tele2, a popular Swedish ISP, has started to remove IP addresses from its logs. This is the second ISP in Sweden to adopt this new privacy protection strategy." We discussed not long ago when another ISP, Bahnhof, started doing the same. Perhaps this is the corporate equivalent of joining the Pirate Party.

This will likely keep happening

[Jugalator]

It's a competitive advantage, after all. Soon enough, I imagine all major ISP's here will do this as long as there isn't new legislation against it. These are also all very good signs of just how aggressive and poorly thought out the IPRED law in reality was.

Re:This will likely keep happening

[Bios_Hakr]

It also makes pretty good business sense. You never have to spend a few hours chasing backups of logs for investigations. There just isn't anything there for the police to want to look at.

Re:This will likely keep happening

[SausageOfDoom]

Never going to happen in the UK though - it's now a legal requirement that ISPs log all IPs. And all e-mail headers. And soon all web requests. And no doubt keyloggers shortly after that.

And a good thing too! Let's stop those damned terrorists, criminals, paedophiles and other sexual deviants! Living in the UK is awesome - just look how much our government cares about our well-being!

Re:

[SausageOfDoom]

You must be one of those hippies who keep on preaching about rights and liberty. Good job that soon we'll have a central database linked to your compulsory ID card and the GPS tracker in your car, at least then we'll be able to keep an eye on you and your subversive attitude.

Re:

[ultranova]

Good job that soon we'll have a central database linked to your compulsory ID card and the GPS tracker in your car, at least then we'll be able to keep an eye on you and your subversive attitude.

While that is certainly good, it might also be a good idea to make these people wear some kind of visual sign, so that other people know to avoid them in the streets. Maybe some kind of geometric pattern, a star or triangle or something in pink or yellow, worn on the breast?

Re:

[Bios_Hakr]

An ISP could put its logging servers in Germany or France though. If the logs are out of reach, the gov can pound sand...

Re:

[psyclone]

An ISP could put its logging servers in Germany or France though. If the logs are out of reach, the gov can pound sand.

Not if you want to continue doing business in the UK.

Re:

[SausageOfDoom]

But why would you, if you haven't got anything to hide? The only people who would do this must be terrorists, or users of prostitutes! We should lock you up to protect the children. What a shame we didn't get the 42 day detention-without-charge law passed - still, we can hold you for 28, it's better than nothing.

Re:

[Anonymous Coward]

Using prostitutes is not illegal in the UK.

Re:

[SausageOfDoom]

Using prostitutes is not illegal in the UK *yet*.

http://www.independent.co.uk/news/uk/crime/men-targeted-for-buying-sex-with-slaves-1025039.html [independent.co.uk]

But thank god we've got people like Harriet Harman and Jacqui Smith running the country. Soon we'll have banned this sick filth, and the morally corrupt will be where they belong - behind bars!

Incidentally, we're about to build 5 new prisons. And to think some cynical people are pointing out that we're in a recession, but if someone who loses their job is sent to pr

Re:

[Erie Ed]

obvious troll is obvious

Re:

[SausageOfDoom]

Err... there's a big difference between trolling and sarcasm. Oh well, at least you didn't have mod points like the idiot mod who marked my great-grandparent post as flamebait.

Re:

[legirons]

Incidentally, we're about to build 5 new prisons

well, once they've locked-up everyone who views stick-figure porn* [bbc.co.uk] or keeps a secret from the government [wikimedia.org], they'd have to let out all the burglars

* yes I know that's australia, but UK law does the same thing now

Re:

[legirons]

Incidentally, we're about to build 5 new prisons. And to think some cynical people are pointing out that we're in a recession

Uhh, recessions cause increases in crime [itv.com]. Think about it for a moment - lots of people with no jobs and no money and nothing to lose and nothing better to do -- what do you expect to happen if not burglaries?

Re:

[SausageOfDoom]

Well gosh. That is a shocker.

And you may notice that you missed my point. Not that I particularly agree with my point; the new prisons will not house nearly enough people to make any sizeable dent in the unemployment figures. For that, we have to employ them in local government.

"Your local council is now hiring: chief executive bathroom attendant, PA to the chief executive bathroom attendant, researchers for the chief executive bathroom attendant, bathroom assistants, bathroom assistant managers, bathroom a

Re:

[legirons]

And you may notice that you missed my point. Not that I particularly agree with my point; the new prisons will not house nearly enough people to make any sizeable dent in the unemployment figures. For that, we have to employ them in local government.

Or let the government pay them to work at macdonalds [blogspot.com]

Re:

[X0563511]

Excuse me while I go visit my travel agent...

I've got some unplanned "traveling" to do.

Re:

[cstdenis]

Parent message was automatically edited in stream by government filters.

Re:

[eleuthero]

When the options are 1) depression leading to all sorts of negative things or 2) making light of the world--which do think is going to give you a happier life in the midst of corrupt runaway government?

Re:

[SausageOfDoom]

My grasp of history is poor, but even I know that the internet didn't exist in the 18th century.

However, I do know that you still owe us around half a million pounds for destroying our tea (adjusted for inflation, of course).

Re:

[moon3]

It is much much worse.

You can, wait for it, forge fake logs, oh yea, like 123, and abuse anybody. Judges take these text logs as hard evidence, that is scary, really scary. CCTVs footage is one thing but, text logs trace, misuse and abuse another. They see it as the same kind of evidence.

Any so called "log evidence" is laughable and should be banned. Now every other PC have some mal-ware, trojan, virus, bot, you name it installed, that takes this log evidence to another crazy level. Just let you grand

Re:

[Threni]

I don't see anything in the current UK law to prevent you having a server in the US and doing your surfing/emailing via that.

Re:

[SausageOfDoom]

If they start doing that, we'll just have to ban encrypted communication. One way or another, we have to protect the children!

Re:This will likely keep happening

[Jurily]

It also makes pretty good business sense. You never have to spend a few hours chasing backups of logs for investigations. There just isn't anything there for the police to want to look at.

Not having to be a snail for the next life is also a plus.

Pirates of the Scandinavian

[Drakkenmensch]

Any day now, expect your humdrum day at work to be interrupted by a crew of stockbroker corsairs and account privateers assaulting your office tower from the broadside of the Crimson Permanent Assurance.

Incorrect.

[Anonymous Coward]

The first ISP, Barnhof, did not start doing this, they have been doing this since 96 (iirc).

Actually there are a few more than two.

[ckret]

here [integrity.st] you can see a few other ISP's that erases logs.
This behaviour is not a circumvention of the IPPRED law but an enforcement of law of electronic communication that states that customerinformation that is not needed for daily operations must be erased as soon as possible.
This law in itself nullifies the IPRED law.

Didn't Bahnhof do this all along?

[Bromskloss]

As opposed to starting just recently. At least that's what one Slashdotter told us [slashdot.org] last time.

And it's "Bahnhof", not "Barnhof". Hehe.

Re:

[legirons]

Plus bahnhof have the geeky data centre - is there anything else we should consider when deciding on an ISP?

Incorrect.2

[Meneth]

Tele2 is not the second Swedish ISP to scrub IP-customer records. More like the thirteenth [ipredia.se]. It's a big ISP, though. I suppose that's why people could make the mistake.

Re:

[xonar]

That sounds expensive-licious! Sign me up!

ISPs and law enforcement

[BigHungryJoe]

Could ISPs get away with this in the United States without facing legal issues or retribution from the cops?

I love this idea - I don't trust law enforcement at all and would pay a premium to know that I wasn't leaving logs with my ISP for the cops to read.

America is such a "law and order" country though, the cops wield so much power that I doubt such an ISP would be allowed to exist.

Re:ISPs and law enforcement

[SwedishPenguin]

Oh they will "correct" this here as well soon enough. The data retention directive will be implemented this fall, and all the ISPs will be forced to keep logs for at least 6 months.

Swedes: vote for the Pirate Party in European Parliament election on the 7th of June, early voting begins on the 20th of May
Other EU citizens: vote for whatever party has the most integrity friendly platform.

We're facing a big problem in the EU. Corruption is rampant among our politicians and the eagerness of politicians to control our society's access to information and surveil our activities has never been higher.

Re:

[reashlin]

So I my log servers rack fell over yesterday and the HDDs are fecked. So sue me.

Honestly there is almost no way anybody can guarantee any digital data is available tomorrow - one of a million things could happen. Especially if your backup policy is not as good as you hoped it was.

Re:

[Atlantis-Rising]

And if that happened, I'm sure there would be consequences. That's the legal stick. You'd be fined, or imprisoned. It's in your best interests to make your backup policy sufficient.

Re:

[ynohoo]

no, it is in their interest to drag the debacle through the courts for as long as possible, at least until SCOTUS tells the government "what the the were you thinking, haven't you read the constitution?".

Re:

[Kaboom13]

Enjoy having your entire server room confiscated in a raid for "forensics". If you are very lucky, and hire some very expensive lawyers, you will have your equipment back in 2 to 3 years.

Re:

[Bios_Hakr]

You could write a corporate retention policy that stated you store logs in memory on a rotating basis. And you maintain enough memory to track back for 2 days or so.

Still, I think it might be legally hard to do that. And you would have at least one or two police raids before a judge finally slapped the cops hard enough to make them stop trying.

Re:

[King_TJ]

The problem I think you'd have is, even IF your ISP guaranteed they weren't leaving any logs behind, most of the other "big name" web sites you use *do* log your activity.

For example, good old Google keeps records of every single search ever done and which IP address it originated from!

(I was watching a news story not that long ago about a murder suspect that was prosecuted largely because they were able to subpoena Google to turn over all of the search queries done by this individual. They found all sorts

Dynamic IP

[js_sebastian]

The problem I think you'd have is, even IF your ISP guaranteed they weren't leaving any logs behind, most of the other "big name" web sites you use *do* log your activity.

Yeah, but if the IP address cannot be associated to the user (because the ISP has deleted those logs) they won't be able to do much with those logs.

Re:

[maxume]

If you happen to be the only person from your IP pool who was at such and such a place at such and such a time, and the searches line up with some particular detail, the search log would be plenty useful.

Sure, it could be pointed out that it doesn't mean all that much, but the people on a jury will like the story.

Re:

[gnick]

Memo to self:

Log out of Google before searching for the Army Improvised Munitions pdf.

Re:

[eleuthero]

the problem is, logging out won't do anything. There's even a note on google that "stealthing" is worthless if IP addresses are tracked by the server with which you are connecting. And... google tracks these.

Re:

[gnick]

I put my faith in Tor for web-browsing and PeerGuardian 2 for P2P to handle the IP tracking. (I can't remember the last time I needed Tor, though. How many times do you need to download an improvised munitions manual or search for "murder wife untraceable poison"?) But I really do stay logged into Google (typically).

There was actually an interesting comment yesterday [slashdot.org] from somebody who was convinced that using PG2 was equivalent to shooting yourself in the foot, but I'm not sold. It's up no matter what I

Re:

[Lennie]

You would atleast need to clear the Google-cookies.

Atleast for that to be useful, do you really think logging out actually erases any cookies ?

Re:

[CoolCalmChris]

Could ISPs get away with this in the United States without facing legal issues or retribution from the cops?

Two words- Time Warner. They wouldn't think twice about making their cable service a loss leader if this became an issue, nor would they hesitate to paint the boutique "we don't keep logs" ISPs as being complicit in everything from piracy to terrorism in the press...oh wait, they ARE the press. I guess that's covered.

Law enforcement almost seems like an afterthought when corporations like Time Warner have control over every aspect of the media.

Re:

[X0563511]

What happens when everyone says piss off? The internet dissipates?

Simply Economics

[nathan.fulton]

FTS: "Perhaps this is the corporate equivalent of joining the Pirate Party."

Sorry, but no. The pirate party is politically motivated. The motivations of ISPs are purely economic. People don't like the government spying on everything they do, so they will choose services that say "fuck you" to the gov. This is simple business decision making, and should be seen as nothing more or less. Should the government make these actions punishable by fines that exceed new revenues (or if the *AA found a way to create economic incentives,) ISPs would switch back in a heart beat.

Re:Simply Economics

[Anonymous Coward]

Most, if not all, of politics are motivated by economics so I fail to see your point.

Re:

[FourthLaw]

Well...it's economic, but I guess not in the way one might immediately think. The number of grandma's that change ISPs for said benefit may or may not be low. HOWEVER, much like US eDiscovery law strategies, sometimes it is far far far safer for a company to keep nothing (or very little) based upon a company policy, rather than get sued for an email from 9 years ago.

Eight ISPs and counting(?)

[djonsson]

Actually, eight different ISPs have vowed not to keep these records, instead promising to respect the integrity of their users. They've set up a small organization for this purpose at integrity.st [integrity.st] [in swedish]. Tele2 is by far the largest ISP to join so far, though.

Self-protection

[Corson]

They probably do it just so they cannot be sued. No trace, no trial.

I asked this on the Bahnhof story...

[L4t3r4lu5]

... but got no response.

I don't speak the native language of the ISPs' website. Do they offer a VPN service?

Bearing the story in mind, I'd pay to link through them. I'd pay quite a lot.

Re:

[Anonymous Coward]

Bahnhof does. No idea about the price of a VPN as you have to contact their sales department. But you can rent a server for ~145$/month and set up your own VPN.

But if you are looking for a anonymous Swedish VPN service take a look at www.relakks.com. They don't keep any logs either.

Hope that answers your question.

Re:

[Talar]

No, they are just ordinary ISP:s and offer no such service as far as I know, but there are of course others who does like http://ipredator.se/ [ipredator.se]

Data retention time is also interesting

[Slyswede]

Another interesting aspect in this whole IPRED mess is the amount of time the other ISPs save their IP-address data.

According to the IPRED law it is up to the lower court to order an ISP to turn over the subscriber information, but only after examining the evidence of possible copyright infringement.

This means that if the data is saved for a shorter period than the time it normally takes to investigate an infringement, any order to turn over the data would also eventually fail.

I've heard from at least one ISP that they normally save data for three weeks, so that should be sufficient, unless the courts suddenly decide to start prioritizing these cases. :(

Re:

[Katmando911]

Once they receive notice that these logs might be needed in a court case they are probably required to hang on to them until the court officially decides. Otherwise they could be accused of destroying evidence.

Tele2 operates throughout Europe...

[captainpanic]

I wonder if they'll adopt the same strategy in other countries?

I certainly haven't seen any advertisements yet about "Tele2 - the company that brings small bills and big privacy".

Re:

[legirons]

I wonder if they'll adopt the same strategy in other countries?

I certainly haven't seen any advertisements yet about "Tele2 - the company that brings small bills and big privacy".

The UK just decided that [telegraph.co.uk] ISPs should record all internet traffic and store it for a specified period in case the government wants to dip in for a snoop...

so don't trust anyone in the UK, although exit-nodes here should be okay if they only store IP and timestamp.

this is good news

[landaishan]

fight the power!!

Europe

[kinnaz]

There was some initiative made by EU some time ago, that all ips need to be logged for some x amount of time, so i doubt we will see this kind of actions in other countries.

Re:

[MobileTatsu-NJG]

by Anonymous Coward
The name is Bahnhof. Why is it so hard for some people to get the name right?

This from a guy who didn't get his login name right!

UPDATE: They backed down...

[pistolhot]

Tele2 announced today that they will indeed keep the records for a period of 2 weeks. More info here (in Swedish): http://www.metro.se/2009/04/28/32571/tele-2-vi-sparar-visst-kunduppgifter/index.xml [metro.se]