'Today' considers data retention and IMP

[Igor Mozolevsky]

2009/1/10 Florian Weimer:

>> I don't know the innards of Google's mail service, but I'd be
>> perfectly willing to believe that the TCP connection to gmail.com
>> from my house would go straight to the LINX and thence to the US.
>
> At least the TCP connection for the sign-in is likely terminated
> locally.

Why would you assume that?

>> Now Google UK may well wish to respond to requests from law
>> enforcement that ignore this distinction, because they're good
>> citizens.  But from an enforcement perspective, if the data isn't
>> within the UK police's jurisdiction, what can they do to _force_ its
>> production?
>
> They can seize Google potentially related equipment in the UK for
> investigative purposes.  Of course, if Google does not cooperate, it
> might pick the wrong equipment.
>
> Isn't this what you would expect the police to do if they faced an
> uncooperative domestic company?

Would this not land G(US) in hot water wrt ECPA, if they did only
store that info on their stateside servers? You are assuming that just
because the names are similar, the G(US) is offering their `global'
services solely through their G(UK) subsidiary, but that doesn't
necessarily have to be the case.

--
Igor