Monday, December 04, 2006

ISP Have to Preserve and Destroy Logs, Both at the Same Time

Here is a bizarre story, related to log management. "The highest appeal court in Germany has decided that T-Online, one of the largest German ISPs has to delete all IP logs to guarantee the privacy of their customers."

Obviously, all I know is the press story, but it sounds weird enough to mention. Moreover, here is how it works, reportedly.

"The decision (German) does not mean that T-Online is now obliged to delete all their IP-logs, the customers first need to complain. "

So, lemme understand, the logic is "surf to an illegal website -> complain to an ISP -> have the proof of that removed." Neato! The only thing that mitigates it is the fact that many ISPs would not have retained the logs anyway ...

And it ends with: "After the district court and the regional court, now the federal appeal court decided that T-Online has no right to store the IP-logs without a legal reason." [whatever such reason might be]

It also seems directly related to this piece of mine on "Access vs Access + Audit." I also wonder what happens if some regulations call for log retentions while others for log destruction and you are subject to both. Aaaah, compliance is so much fun!

Dr Anton Chuvakin