TOR and ISP

Michael Holstein michael.holstein at csuohio.edu
Tue Dec 29 15:06:28 UTC 2009


> Toward a U.S. Data-Retention Standard for ISPs
> http://www.educause.edu/EDUCAUSE+Review/EDUCAUSEReviewMagazineVolume41/TowardaUSDataRetentionStandard/158105
> "Current law, as contained in Title 18 U.S.C. Section 2703(f), outlines
> the process by which law enforcement can contact ISPs to request the
> preservation of identified records or communications related to a
> particular person. The information cannot be deleted for 90 days,
> during which time law enforcement obtains the proper legal process.7"
>   

This is called a "request to preserve records" and is quite common.

Basically it's a FAX from $agency to your legal department (and then
forwarded to the IT folks) that says "hey, IF (and only IF) you have
data relating to $x $y and $z, don't delete it until you get the subpoena"

This is meant to counteract the routine log rotation in place almost
everywhere. The first request gets them 90 days to follow up with the
appropriate paperwork (subpoena or warrant, depending on what and how
old it is).

Those "preservation requests" do not create any duty to BEGIN collecting
anything .. you just can't destroy what you've already got. Also,
there's no duty to retain other records that may relate tangentially to
the request but aren't specifically requested(*).

(*) : IANAL, check with your company lawyers in all cases when answering
legal process, etc.

A forward-going request is known as a "Title III Order" AKA "wiretap".
These are quite rare by comparison.

Regards,

Michael Holstein
Cleveland State University
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/



More information about the tor-talk mailing list