Web Browsing Records

[Ian G Batten]

On Wed, 12 Mar 2003, Watkin Simon wrote:
> The data retention paper includes examples - not claims - of terrorist

It's very hard to prove the negative, which is that in the absence of
that evidence the inquiry (or is it enquiry --- I always get confused)
would have stalled.  I'm very suspicious of arguments that claim that
thing X is the sole route to outcome Y, for almost any X and Y.  It's a
very common claim in the world of business and it's almost always bogus.

> data will no longer exist - if, as I think we are seeing, retention periods
> for business purposes continue to tumble.

I must confess, my reaction as an IT Director to most of the legislation
you're proposing is to shorten my logging periods to the bare minimum
and ensure that my single logging host is explicitly not included on
backup tapes.  Historically I've kept email logs for a month, packet
filtering logs for a month and major security events --- remote login,
VPN access, successful and unsuccessful use of su, that sort of thing
--- for a year.  Our corporate security people want the inbound packet
filtering logs kept for longer, which I'm fairly relaxed about, but the
rest of it will get turned right down.  Given that I've already had a
S.28 notice which the policeman was completely unable to explain beyond
``the German police want this'', I think the best answer is ``we keep no
data for more than three days'' plus a decent lawyer to ensure they
don't then bankrupt us by seizing all our computers.

> I guess, with your cynical hat on, you think when we say 12 months we
> clearly don't mean 12 months ......  but that's how the balance works out.

I don't believe you mean 12 months.  I believe that's the stake in the
ground, and once the principle is lost the practice will rise rapidly.
I also believe you will attempt to get data retention on content, on the
same slippery slope basis.

ian