Sonic.net's CEO On Why ISPs Should Only Keep User Logs Two Weeks 190
Sparrowvsrevolution writes "Dane Jasper's tiny Internet service provider Sonic.net briefly took the national spotlight last October, when it contested a Department of Justice order that it secretly hand over the data of privacy activist and WikiLeaks associate Jacob Appelbaum. But Sonic.net has actually been quietly implementing a much more fundamental privacy measure: For the past eighteen months it's only kept logs of user data for two weeks before deletion, compared with 18 to 36 months at Verizon, AT&T, Comcast, Time Warner and other ISPs. In a lengthy Q&A, he explains how he came to the decision to limit logging after a series of shakedowns by copyright lawyers attempting to embarrass users who had downloaded porn films, and he argues that it's time all ISPs adopt the two-week rule."
excellent good sense (Score:5, Insightful)
excellent good sense, what more can one say?
-wb-
Re: (Score:2, Insightful)
bring back dynamically assigned IP addresses too.. then I'm sold.
Re: (Score:2, Troll)
Re:excellent good sense (Score:4, Interesting)
Well, of course. The shorter the better, privacy-wise.
That said: can anyone tell me the arguments for keeping logs that much longer (other than legal requirements)?
Many ISPs as the summary mentions keep logs for up to three years; there must be a reason for them to do this - as I understand from other commenters there is no legal requirement in the US to keep them this long. Logs can be quite bulky, there is an immense amount of data to log for a largish ISP, so keeping those logs costs money, and quite a bit of it. So, why do they do this? Is there any technical/managemental need or use for that? Another reason?
Re: (Score:2)
On the basis of document retention, if the company decides to retain documents (in this case log files) for only 2 weeks, prepares a document retention plan that specifies it and ensures it is adhered to, I doubt there is any legal requirement to retain more than that. You offered a number of reasons why they might want to limit the volume of the log files they retain, to which I can add the cost of proper backup and offsite storage etc. The expense adds up quickly.
Re: (Score:2)
The question is: why do they want to keep the logs much longer? I know all the arguments for keeping them for a short time - not for keeping them for long, as many do.
Re: (Score:3)
Logs can be quite bulky, there is an immense amount of data to log for a largish ISP, so keeping those logs costs money, and quite a bit of it.
The only thing that the ISP should be logging is assignment of dynamic IPs, which wouldn't take up that much room (likely less than 32 bytes per entry, with customer ID, IP, and start and end time). For user-based services (e-mail, etc.) that the ISP provides, then they would also log normally for those, but that's not the sort of logging the article is talking about.
Any other logging (like what websites you browsed) would be a massive invasion of privacy.
Duopoly (Score:5, Insightful)
If you want to congratulate someone, congratulate those who teach the public to vote that "two week rule" with their money.
If neither the local cable company nor the local DSL company observes the two-week rule, should people vote with their feet and move to a different city? The consensus last time I asked [slashdot.org] was that moving is not practical.
Re:Duopoly (Score:4, Informative)
There are other options for DSL. The ILEC has to allow other ISPs to colocate a DSLAM and use their outdoor plant to deliver IP. If you're in the Seattle area a good choice is w-link.net. A true Mom & Pop shop where the person that answers the phone has enable on the routers. It costs me about $50/month for DSL and two static IPv4 addresses.
If you are in another area, use your googlefoo to find someone.
Re:excellent good sense (Score:4, Informative)
Dane's a good guy. I had a creative writing class with him 15 years ago. He chooses to pay his people well AND provide less expensive service to his customers. I'm sure there's not much left over for him.
have you checked sonic.net's prices?
Re: (Score:3)
The problem isn't pricing. I'd choose Sonic if they cost double the amount that the other ISPs. Unfortunately, Sonic is dicking around in Sebastopol, Santa Cruz, and other communities that I'm not a part of. I will sign up the instant they show up in my neighborhood, but right now the chances of that happening in the next five years are close to zero. As such, I'm stuck with (shudder) ATT or Comcast.
Re:excellent good sense (Score:4, Insightful)
The Police will soon have a list of all the people who changed ISP after this announcement. People who demand privacy obviously have something to hide.
Re:excellent good sense (Score:5, Funny)
The Police will soon have a list of all the people who changed ISP after this announcement. People who demand privacy obviously have something to hide.
What does an 80s rock band have to do with this? Are they suing downloaders?
Re:excellent good sense (Score:5, Funny)
No, but they like to watch every breath you take and every move you make.
Re: (Score:3)
And your old ISP Can't Stand Losing You, but It's Alright For You, On Any Other Day :P
Re: (Score:2)
You'd be a terrible CEO to the marketing team and shareholders, but fuck the marketing team and shareholders.
Re: (Score:3)
A CEO who says "fuck the shareholders" would quite probably be in violation of the law, given that his/her primary responsibility is to the shareholders.
Shocking! (Score:5, Insightful)
It is truly shocking that some people resist the idea of the police state! If for your own good! Think of the children! The only people with anything to hide are terrorists and criminals!
Face it, folks. The bottom line is, our governments and the corporations that control them, want a police state. They are afraid of freedom, and they will go to any lengths to limit freedom. Badmouthing the president is cause for the Secret Service to put a bullseye on you, and your communications channels. Exposing fraud in the corporate world is reason to haul your ass through the court system, and to take everything you own, along with everything that you might ever hope to own. And, cheating an author out of a dollar of royalties? Phht - ten years in prison sounds about right - to the police state, anyway.
Re:Shocking! (Score:5, Funny)
It is truly shocking that some people resist the idea of the police state! If for your own good! Think of the children! The only people with anything to hide are terrorists and criminals!
Face it, folks. The bottom line is, our governments and the corporations that control them, want a police state. They are afraid of freedom, and they will go to any lengths to limit freedom. Badmouthing the president is cause for the Secret Service to put a bullseye on you, and your communications channels. Exposing fraud in the corporate world is reason to haul your ass through the court system, and to take everything you own, along with everything that you might ever hope to own. And, cheating an author out of a dollar of royalties? Phht - ten years in prison sounds about right - to the police state, anyway.
Right. So basically, you are saying that you have something to hide?
Re:Shocking! (Score:4, Insightful)
So basically, you are saying that you have something to hide?
I invite anyone who claims otherwise to install a permanently on webcam in their bedroom so we can get some nice videos of their pet sheep.
Re:Shocking! (Score:5, Insightful)
Basically - I have things that I hide. I share some strange humor with some buddies. I share intimate moments with other people. I share some silly moments with other people. My life is sort of compartmentalized - as most people's lives are. The people I ride bikes with would see some of my silly moments with little kids in a way that I might not appreciate. And, the females with whom I am intimate wouldn't appreciate having tales spread around town. Think about it. Your parents, your siblings, your buddies, your kids, nieces and nephews, and your workmates aren't interchangeable, are they?
As for other important matters - perhaps I am working to have a sick criminal representative exposed, impeached, and run out of Washington. Do you think that representative should be empowered to put me under surveillance, with the goal of neutralizing me through blackmail, or murder, or some bogus judicial action?
Show me a person with nothing to hide, and I'll show you a moron without a life. Retards in institutions have nothing to hide, after all. Are you an institutionalized moron?
Re:Shocking! (Score:5, Funny)
So you're deeply ashamed of who you are and don't have courage or the conviction to own up to your life?
For a second there I thought you were some sort of dissident in a third world nation or corporate whistleblower.
Re: (Score:2, Insightful)
So you're deeply ashamed of who you are and don't have courage or the conviction to own up to your life?
Most people simply desire privacy. It often has nothing to do with being "ashamed." That can be one (valid) concern, but that needn't be the answer.
Would you please allow me to install security cameras in every single room in your house? If not, why? Are you "deeply ashamed" of your life?
Re: (Score:2)
Sure. I've got nothin' to hide. But I do have a lot to be deeply ashamed of.
But that's not my point. My point was that he's arguing from an extremely privileged point of view.
He's saying that he's paranoid that Government or corporate business interests will out his proclivities if they ever catch wind and should he ever cross their path.
It's not good, but it's not horrible either. What's going on isn't Big Brother snooping in on your every little detail.
Re:Shocking! (Score:5, Insightful)
But I do have a lot to be deeply ashamed of.
You've got plenty to hide, then.
It's not good, but it's not horrible either. What's going on isn't Big Brother snooping in on your every little detail.
It would be quite impossible for them to do that to more than a minuscule portion of the population. But it's possible if they the limit it to a few people. I'd rather not have anyone be spied on, even if that someone isn't myself.
Re:Shocking! (Score:5, Insightful)
"What's going on isn't Big Brother snooping in on your every little detail."
That statement is less true with every passing minute
Re: (Score:2)
You don't need privacy. If you're not willing to show the public every aspect of your life, then you're surely a terrorist or a criminal. We need to ban privacy for the good of the children, and to keep us all safe from terrorists!
Okay, just so long as the members of Congress, the President, the Vice-President, the members of the Cabinet, and the justices of the Supreme Court go first. If they do EVERYTHING on record for six months, I'll consider giving up my privacy.
Re:Shocking! (Score:4)
Two AC's have answered already, at least as well as I could have answered.
Am I ashamed of - ohhhh - let's say, the dark humor I shared with shipmates? Of course not. Would I share that same humor with a preacher? My wife? Some schoolkids? No way. It would be entirely out of context, and none of those people are likely to understand the context.
One of my sons has matured in a fashion, where he seems to appreciate some of that dark humor. One, of three.
Re:Shocking! (Score:5, Insightful)
I propose we call these people extroverts and introverts.
Re: (Score:2)
Great post - deserves to be modded up, even if it isn't very "geeky" or "nerdish". And, yes, I'm something of an introvert. ;^)
Re: (Score:3)
There are people who are happy to share their lives. There are people who are not happy to share their lives. I propose we call these people extroverts and introverts.
It doesn't really fit though. Introversion is nothing about wanting privacy. It applies to being comfortable in solitude or with a small number of people. Extraverts like to be social butterflies at parties and go out in large groups. But an introvert may very well like to write a very detailed autobiography, in solitude, to share with the world his/her experiences in life, without interacting with them directly.
Re:Shocking! (Score:5, Insightful)
Please post the names, addresses and photographs of every woman you've had sexual relations with. Publish your own home address, phone number, social security number and credit card details. Post a list of every digital purchase you've made, every website you've visited.
Failure to do so reveals you for the hypocrite you are. Yes, people have things to hide. No, things people are hiding aren't necessarily bad, or any of your freaking business.
Re: (Score:3, Funny)
Please post the names, addresses and photographs of every woman you've had sexual relations with.
Here is his list:
(Remember, this is Slashdot!)
Re: (Score:2)
A Cutlass Supreme is a regular Cutlass with tomatoes and sour cream shoved into the transaxle.
I'll get hit with offtopic for this, but that's awesome. Although my first thought was more along the lines of lettuce, tomato, french fries, and/or onion rings.
Re: (Score:2)
For a second there I thought you were some sort of dissident in a third world nation or corporate whistleblower.
When it comes to dissidents and whistleblowers the US can be at least as bad as your average third-world country, if not worse.
Re: (Score:2)
> And, the females with whom I am intimate
The what you are what with ? Oh... I get it. Good one, you almost had me for a second there.
Re: (Score:2)
Think about it. Your parents, your siblings, your buddies, your kids, nieces and nephews, and your workmates aren't interchangeable, are they?
Where can I send the bill for 1 gallon of mental bleach?
Re: (Score:2)
The White House will be happy to cover this trivial cost. Just tell Barack that I said it was alright.
Re: (Score:3)
Unless you killed someone or do something harmful, I don't see what you're so ashamed off besides that tinfoil hat of yours, lol.
The fact that different people have varying degrees of desire to protect their privacy doesn't mean that they're criminals (or doing something "wrong"). And since the government decides who the criminals are, it probably isn't an intelligent decision to allow them to spy on its own citizens with no oversight.
Re: (Score:3)
you should.. what other people think does matter. they control the doors to opportunity in the future.
Re: (Score:3)
I invite anyone who claims otherwise to install a permanently on webcam in their bedroom so we can get some nice videos of their pet sheep.
You scoff, but people do it. Have a look at some of them [pastebin.com], it can get kinda creepy.
Re: (Score:2)
Here's a webcam screen capture/shot [picdn.net] my jumping sheep in my bedroom. Yeah, jumpy types! ;)
Re: (Score:2)
So basically, you are saying that you have something to hide?
I invite anyone who claims otherwise to install a permanently on webcam in their bedroom so we can get some nice videos of their pet sheep.
Don't forget that they also should have their debit card number and PIN, or their credit card number and authentication code, tattooed to their forehead.
Re:Shocking! (Score:5, Insightful)
Re: (Score:2, Insightful)
As a human being [wikipedia.org], I have many things I'd like to hide. Human's are complex, social creatures and being able to keep secrets is important to our sanity. Please "think of the humans" the next time you discuss privacy of web denizens.
Why Privacy? (Score:5, Insightful)
Because a government that can search any person at any time can falsely incriminate anyone, and motives for doing so are abundantly self-evident.
"During a routine anti-terrorism sweep, civil liberties activist John Doe was found to be in possession of methamphetamine, child pornography, explosive-making material, and pirated ABBA songs. He was immediately taken into custody and is being held at an undisclosed location for the public's safety..."
Right now we have an important check in the form of a search warrant. Before searching me, a law enforcement agent must demonstrate to a judge probable cause that I have committed, or will commit, a crime. It's not perfect, and there are notable loopholes, but at least there is some documentation and accountability.
Search warrant standards (Score:3)
False. Before searching you (in conditions that don't permit warrantless searches), a law enforcement agent must demonstrate to a judge probable cause to believe that a search with the parameters specified in the warrant application will unveil evidence relating to a crime (the specific type of evidence al
Re: (Score:2)
[citation needed]
Seriously? Can you back any of that up?
Re: (Score:3)
Patriot Act
NDAA
ACTA
NPP
That should be enough for starters. If you need more, just post back, and I'll try to get a longer list put together for you.
Re: (Score:2)
Has anyone actually been jailed or snooped on for talking smack about Obama?
Re: (Score:3)
Re: (Score:2)
Who knows? With the government's blatant disregard for the constitution, they don't need to answer to anyone.
Re: (Score:2)
I never claimed to have a precise answer, now did I? I just hinted at the dangers of a government that violates its own laws.
Re: (Score:3)
Someone is a "looney" for suggesting that a government that disregards its own laws is quite possibly a government you don't want to have? I'd say that's a strange definition of "looney" you have there. I believe I simply have a healthy distrust of people with extraordinary power and limited oversight. I can't see why anyone wouldn't.
1. Don't want hypocrites; 2. U.S. is hypocrites (Score:2)
Someone is a "looney" for suggesting that a government that disregards its own laws is quite possibly a government you don't want to have?
Someone's a "looney" for suggesting without evidence that the United States Government in particular has become such a government. There are two statements here: "I don't want to live under hypocrisy" and "the United States Government is such a hypocrisy". You insinuated the latter when you said "the government's blatant disregard", not merely "a government's blatant disregard".
Re: (Score:2)
Someone's a "looney" for suggesting without evidence that the United States Government in particular has become such a government.
The one above already listed a few pieces of evidence (which is all it takes, really). Although he neglected to mention things such as the TSA or free speech zones. I thought it was plainly clear that I was referring to those things and that it needn't be said again in order to be understood.
Re:Shocking! (Score:5, Insightful)
Jailed? Not that I'm aware of. Snooped on? Yes - let me find at least two links to stories that come to mind - - -
http://abcnews.go.com/blogs/politics/2012/04/secret-service-investigates-ted-nugent-remarks-on-obama/ [go.com]
http://www.usatoday.com/news/politics/story/2012-03-23/louisiana-comment-obama/53741346/1 [usatoday.com]
http://blogs.browardpalmbeach.com/pulp/2012/06/terry_jones_hangs_obama.php [browardpalmbeach.com]
http://gawker.com/5498597/obama-death-tweeter-being-investigated-by-secret-service [gawker.com]
That should be enough, I would think. I was looking for a couple others - one was a crusty old redneck, the other some black guy from a southern city, each of who made similar comments to those linked to above.
Before you ask - I think the Secret Service is basically doing the job they are supposed to do, in each of these stories. But - there is a very thin line between doing their job properly, and becoming something like the KGB or the Stazi. Very thin line, indeed. Recent events have shown that the Secret Service is NOT incorruptible. It is improbable, but possible, that the SS could be turned into a tool of the administration to round up people like Ted Nugent, and to "silence" them, in whatever manner. Ted would have to be handled very carefully. Some redneck from Backwoods, Nowhere could just be snuffed, and his family told that he "resisted arrest".
"Snooped on" is common, these days. No less common than it was during the McCarthy days. Less public than in the McCarthy days, but just as common.
Re: (Score:2)
Before you ask - I think the Secret Service is basically doing the job they are supposed to do, in each of these stories. But - there is a very thin line between doing their job properly, and becoming something like the KGB or the Stazi. Very thin line, indeed. Recent events have shown that the Secret Service is NOT incorruptible. It is improbable, but possible, that the SS could be turned into a tool of the administration to round up people like Ted Nugent, and to "silence" them, in whatever manner.
I'm not sure you intended the double meaning you introduced by shortening the Secret Service to the same two letters an other prominent organization used in their insignia.
PS: oh and the others where called "Stasi" - short for "Staatssicherheit" (state security). This has interestingly the same meaning as the letters "G" and "B" where as K stands for "committee".
Re: (Score:2)
After I hit the submit button, I realized what I had done. Freudian slip? I don't know. I don't think I intended that "SS" in the manner you have pointed out.
Re:Shocking! (Score:5, Insightful)
What do you mean, "If you're right"? Perhaps you misread my post. I said that corrupting the SS into a political tool is unlikely - but possible. You find that to be incorrect, in some way?
Or, are you just arguing for the sake of argument?
Anytime a person or collection of people holds power, there is potential for abuse. The sheep don't give it any thought, and certainly don't worry about it. Responsible men and women do think about it - and they start worrying when signs indicate that abuse is growing more likely.
Today, the potential for abuse is considerably higher than it was when I was a kid. McCarthy ruined careers and reputations. Today's potential abuses can end freedom, and possibly even lives.
Re: (Score:2)
your slightly mixed up about who controls who.
The political class controls all, the corporate class merely has sufficient money to pay the required bribes to maintain a false sense of freedom.
Props to him (Score:3, Interesting)
Re: (Score:3)
Cool! I wish ISPs could do that here (Score:5, Informative)
European law forces ISPs to retain traffic data for half a year. Germany is the only state currently refusing to implement the law, but I don't have any illusions that this will last.
Re: (Score:3)
Re: (Score:2, Informative)
Sorry to squash your hopes, but it's a little more complicated. Germany supported the EU directive which it now refuses to implement. It had implemented it as well, but the Federal Constitutional Court (Bundesverfassungsgericht) found the implementation to be unconstitutional. There is currently strong opposition among the public to a new implementation that the Interior Ministers are pushing, and this has fueled the rise of the Pirate Party, but inside the government, the liberal Justice Minister (Mrs Leut
Re: (Score:2)
Re: (Score:2, Insightful)
Small ISP here. When I spoke to the Home Office at the time they stated the directive applied only *after* they had expressed interest, i.e. up to that point as a small ISP we need not worry about keeping data.
The only thing this will achieve (Score:4, Insightful)
Is multi-year log and data retention required by law, as it already is in the EU.
Re: (Score:2)
Re: (Score:3)
Is multi-year log and data retention required by law, as it already is in the EU.
And if companies refuses to do business in the EU because they can't comply with this law I am pretty sure that that particular law will be adjusted.
You didn't get the point. Right now, if you are an ISP in EU, you keep logs for 2 years. As mandated by EU laws.
The ISP behaviour described in the TFA will (as sad as it is) only lead to similar legislation being introduced in the US.
Re: (Score:2)
Minor correction: Six months, not two years (though two years some places). And not in Germany (yet). But yeah, it sucks - I don't trust the logs not to be abused.
Give it a few months... (Score:5, Insightful)
And if more ISP's jump on the 2-week "band-waggon" you'll quickly see one of the next "Defence Appropriations Bill" (or something like that) have a little addition sneaked in by someone in Homeland Security to legally require ISP's to hold 12 months of Logs/Emails.
Just like what's happening in the UK...
Re:Give it a few months... (Score:4, Informative)
Oh no, they don't tag things onto bills in the UK, they just plough ahead and write new legislation while ignoring experts, the industry and most importantly, public opinion. Politicians over here don't give a shit about how stupid their legislation makes them - you could stick a red rosette on a pig and it would get elected in Birmingham. Likewise, you could stick a blue rosette on a fox (the one you hunt, not the one you eye up in the pub) in my constituency and it'd get elected.
Re: (Score:2)
The UK data retension legislation on this is set at the EU level [statewatch.org].
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
And if more ISP's jump on the 2-week "band-waggon" you'll quickly see one of the next "Defence Appropriations Bill" (or something like that) have a little addition sneaked in by someone in Homeland Security to legally require ISP's to hold 12 months of Logs/Emails.
If the US passes a bill requiring ISP's to retain the data it would mean that their data (US Congress) would also be retained and possibly be subject to FOIA requests. I doubt that many in Washington DC want their data held for any longer than it takes to complete the http request.
Re:Give it a few months... (Score:5, Interesting)
If the US passes a bill requiring ISP's to retain the data it would mean that their data (US Congress) would also be retained and possibly be subject to FOIA requests. I doubt that many in Washington DC want their data held for any longer than it takes to complete the http request.
Congress commonly exempts itself from complying with laws, since prosecutable offenses are for the little people usually.
In 1994/5, the Republican-led (under Newt Gingrich) Congress changed that somewhat by passing the Congressional Accountability Act [compliance.gov], but once the Republicans were out of power the Democrats resumed business as usual.
To be fair, though, the Republicans probably would have done the same, if only a little slower, and no one made any moves to every fix up the insider trading [cbsnews.com] issues back then, either. And Congress has always been exempt from FOIA requests [foxnews.com] and other petty laws that as an employer I could have been heavily fined for if I ignored.
Comment removed (Score:5, Interesting)
Re: (Score:3, Informative)
There is nothing "free" about it. For many ISP's, that logging is a valuable commodity to sell for targeted advertising.
Summary links to page 2 of the article (Score:2)
Hack? (Score:3)
As far as I can read (which is not too far... I didn't dig deeply), the European directive doesn't specify that the data has to be stored electronically. All it says regarding storage requirements is: Member States shall ensure that the data specified in Article 5 are retained in accordance with this Directive in such a way that the data retained and any other necessary information relating to such data can be transmitted upon request to the competent authorities without undue delay.
So why not spool your old logs onto microfiche? And when you get a demand for logs, hand over all the films and say "Go nuts!"
Re: (Score:2)
Re: (Score:3)
Think harder... Maybe along the lines of "...the manpower required..." to search a microfiche copy of an ISP's logs.
Yet another thing messed up by piracy (Score:3)
The libraries sucessfully fight this all the time (Score:5, Interesting)
Someone always want to be able to ask if a particular person has read "Steal This Book", or "How to Build an Atom Bomb". Librarians get that kind of demand all the time, and have successfully fought it at the personal and also at the technical level.
I once worked on library software, and it was a prerequisite in the business that, as soon as a book was returned or the non-return fine was paid, the record that "user X borrowed book Y" was deleted, and a counter of completed transaction was incremented. The latter was necessary for funding and statistical purposes.
This was a norm because the library community actively went out and found a number of states, Germany among them, that protected library patrons from snooping without a warrant. They then made that know to their software suppliers. As the software had to be legal in all the countries where it was to be sold, it was written to meet the highest legal standards, which included the highest privacy standards.
If a legitimate investigation needed to track a library patron's reading, and the investigator could convince a judge, then the library could put a watch on a patron in exchange for a warrant. The watch could not start in the past, of course, but a daily sql query could find out the books a patron currently had out.
There is at least one DHCP program around, written by an ex-librarian, that behaves just this way...
--dave
Re: (Score:2)
ISPs are relatively new, and haven't had the problem for most of a century (:-))
When I was at York University, we were next door to the Science Library, and when we had a problem about people objecting to things on the 'net, we went next door and asked our colleagues. They pointed us to a big poster from the Canadian Library Association, that said (in much nicer terms) "You legitimately feel bad, but you can't just tell people to shut up".
Librarians are your friends!
--dave
Re: (Score:2)
A follow-on thought: there is really no reason why ISPs can't mimic the libraries and pick software that makes it easy to obey the law, and hard for people without search warrants to get information they shouldn't have.
As I said, this can be done with DHCP servers, and most of the statistical information an ISP needs can have the identifying material stripped out. It's only the information you need for debugging that you need to keep after a session is over. That's a lot like keeping "user X hasn't pai
I've Got Nothing to Hide (Score:5, Informative)
For those who argue that they have nothing to hide, I suggest they read Daniel J. Solove's "I've Got Nothing to Hide and Other Misunderstandings of Privacy" [ssrn.com] for a succinct explanation of the issues.
For those with more detail-oriented interests, I suggest picking up a couple of his books on the issue of Privacy. A partial list can be found at his website [gwu.edu].
Re: (Score:3)
Summary links to page two of the article (Score:3)
Summary links to page two of the article.
page one [forbes.com]
Re: (Score:2)
Re: (Score:2)
They need to keep logs so that when the FBI goes to them and says "we are investigating a bomb threat and it was sent by one of your customers" or whatever, they have enough logs to find the bad guy.
Re: (Score:2)
Rural ISP's (Score:4, Informative)
I'm a network analyst for a Rual ISP, and we keep DHCP logs for 1 month, pending no DMCA request. If we do receive a DMCA request we look up the customer's DHCP records, and record a separate log containing only that customers DHCP records; flushing the remaining logs.
Unlike larger ISP's, we don't turn over anything unless it's a court ordered.
Oh, and we don't forward on those drive-by copyright infringement notices from copyrightsettlements.com, but we do retain them for legal reasons, but nothing emailed to us is considered a valid request unless it is snail mailed via certified mail.
It's about the money, make no mistake (Score:4, Insightful)
This is about money, and not privacy. The major ISP's are starting to fight (and win) subpenas trying to identify their clients, not because they care about privacy, but because it is cheaper in the long run. The ISP in this case is also trying to lower their costs with their 2 week record retention policy. There are three ways this reduces their costs.
1. Their logs are gone in 2 weeks so those who would attempt legal action will have an impossible time window of 2 weeks to file a case and get the court to agree to their subpenas.. The ISP simply replies checks the time frames specified in the subpena and if ti is more than two weeks ago they reply with a form letter that says "Our records retention policy requires that we delete all logs over 2 weeks old" so we are unable to provide the information requested. Case closed with a form letter, lawyer paid almost nothing. Eventually the folks filing these cases will get the message and stop trying and then you can fire the lawyer...
2. The labor required to service subpenas will be reduced, both in the technical and legal departments so they can reduce labor costs and save some money.
3. There will be a slight reduction in disk space required (albeit pretty limited) to store logs. This is not a huge issue for a small ISP, but it might lower their hardware and maintenance costs.
This ISP is not trying to protect anybodies privacy, and they admit that fact. They will gladly take advantage of PR generated by folks who would see this as a privacy issue in order to get more customers, but this is not about privacy it's about saving money.
*sigh* The misplaced effort is staggerring (Score:4, Insightful)
ISPs should be like electrical companies, gas companies or water-works.
In other words, yes, keep track of how may kilowatts or liters of your service I used, but not whether I powered my toaster or made coffee, that's none of your business.
I support Sonic.net by keeping them... (Score:3)
Re: (Score:2, Insightful)
Two weeks is sufficient time for ISPs to be able to do things like tracking down abuse and perform troubleshooting/tech support but short enough that a government bureaucracy and/or a gaggle of RIAA/MPAA lawyers would likely not be able to prepare and serve out a search warrant or subpoena in time.