Data retention directive "invalid"
lists at internetpolicyagency.com
Sat Apr 12 12:12:23 BST 2014
In article <48CD028A501A45BEB16D41DCEAF60BF2 at MaryPC>, Mary Hawking
<maryhawking at tigers.demon.co.uk> writes
>I'm getting a bit confused.
>I have a Home Office contract with Demon:
Oh, very good.
>as far as I know there is no volume restriction.
>Why does Demon need to keep any traffic data on my use of this service -
Traffic data is where to/from, generally, rather than the quantity.
Although the ISP I migrated away from this week was definitely
monitoring my usage of email in case I was a spammer. The volume of data
was unlimited, but I could only send something like 500 emails a day.
>apart from requirements from the Home Office?
It's possible Demon might also be monitoring email traffic data (not the
contents) as part of a wider anti-abuse policy, and also to be able to
answer questions like "why wasn't that email I sent yesterday
delivered". But I have no recent information about that sort of thing.
Then there's the difference between "Unlimited", "truly Unlimited" and
"completely Unlimited - apart from a fair use policy". Sorry, I made
that last one up.
>Retired from NHS on 31.3.13 because of the Health and Social Care Act 2012
>"thinking - independent thinking - is to humans as swimming is to cats: we
>can do it if we really have to." Mark Earles on Radio 4
>blog http://maryhawking.wordpress.com/ And Fred!
>From: Roland Perry [mailto:lists at internetpolicyagency.com]
>Sent: 11 April 2014 13:12
>To: ukcrypto at chiark.greenend.org.uk
>Subject: Re: Data retention directive "invalid"
>In article <5347AC78.8080206 at zen.co.uk>, Peter Fairbrother
><zenadsl6186 at zen.co.uk> writes
>>On 11/04/14 07:52, Roland Perry wrote:
>>> In article <534705C6.6040306 at zen.co.uk>, Peter Fairbrother
>>> <zenadsl6186 at zen.co.uk> writes
>>>> If an ISP has agreements with the Home Office regarding distributing
>>>> data to Police forces etc, I don't think these can be enforced.
>>> Data disclosure is disjoint from retention, and is covered by RIPA. It's
>>> not an agreement, but an obligation (on receipt of the necessary
>>Ah, I wasn't clear - what I meant was if an ISP deletes its data then
>>any contracts made under the CoP regarding data distribution (eg re
>>SPOCs, payments etc) would be unenforcable, as the ends of the contract
>>necessarily involve unlawfulness (ie retaining the data).
>Describing as either "distribution" or a "contract" is wrong.
>>>> Certainly they cannot be enforced if the CoP is invalid, and probably
>>>> not otherwise if it is only partly disproportionate, which it almost
>>>> certainly is.
>>> I don't think disclosure is conditional on how you happened to have the
>>> data. If the data exists, it can be required to be disclosed.
>>There is no penalty under RIPA for failing to distribute the data if
>>they don't have it.
>It's not distribution, it's access-on-demand.
>>And, I don't think they have to distribute the data under RIPA anyway -
>>it would be disproportionate.
>You've made up this "distribution" thing.
More information about the ukcrypto