Slashdot Mirror
Europol Describes Data Retention Desires
freakyboff writes "Found this on cryptome.org - It's a confidential document from Europol, basically a wish list of all data that they would like people to keep. Many things that violate peoples privacy are in the minimum requirements, such as caller line identification and assigned IP for dial-up Internet access; e-mail and ftp server logs; and companies running web servers should keep information on what information users put on their servers." Statewatch is a good source for more information. I find it odd that Europe is moving from a position of protecting a great deal of data with fairly strong laws to requiring that telecommunications companies store data on their customers for as long as seven years so that law enforcement can go data-mining - skipping the intermediate step of making it optional.
it's a wish list? who cares! i had a nuke on my christmas list, doesn't mean i'm going to blow up the world.
-- OMFG = Oh My Floatse Goatse
Use a mirror:
o rg /
Thanks to A for mirror:
http://www.lessgov.org/cryptome
Thanks to SC for crypto software:
http://mrstef.dns2go.com/crypto
Thanks to AJ for mirrors:
http://cryptome.sabotage.org
ftp://ftp.zedz.net/pub/varia/Cryptome/cryptome.
the whole shebang is available at:
ftp://ftp.zedz.net/pub/varia/Cryptome/
Thanks to mb for mirror:
http://while1.org/~xm/cryptome.tgz
Thanks to VP for mirror:
http://munitions.vipul.net/documents/cryptome/
It's not like the european governments care that much about their citizens privacy. In britain, for example, there are buses equiped with as many as 7(!) videocameras, just to protect the bus from grafiti.
At london subways, there are already systems for identifying people using it in real time! Pretty horrid, I'd say.
Anyway, it's not like the governments here really care that much about our privacy...
Awesome first post there!
Repectus Maximius.
Hello - I am a CLIT member ... however I have been banned due to extremely low karma. I currently posses -17 Karma on an account I opened two days ago. Does anyone have some words of wisdom for me? Will I be back after 72 hours? Or does the extra low karma keep me out longer?
That is all now - long live CLIT.
For some dumbass German guy to reply to your post to say how much more America sucks than Europe in this respect.
At a certain point, the gov't must take cost into consideration. So, I stole 15 blank licenses from the DMV The gov't spent 50 for my court paperwork and an additional 200 in probation costs. hmm.......should they have just fined me instead? or not bothered? they lost money, given that each blank is 89 cents to produce. In Britain, repairing graffeti has got to be cheaper then maintaining 7 camperas on a public bus. You get my point. THe ISPs will eventually rebel due to cost. Either that, or they will try and turn over monitoring and data storage to the government.
Sig (appended to the end of comments you post, 120 chars)
please nuke palestine. they deserve it. bad.
to lower your Karma to -17 in 2 days....well you must be an utter DUMBASS. posting the most STUPID comments. ever considered that? why don't you just get the fuck out of Taco's Eden before CowboyNeal shoves a poll option up your sorry ass.
Perhaps the data should be open as well?
This is like, so 1984.
Why will they stop trampling on our rights with such disregard. I understand that we all have to make certain sacrifices, but when they make requests like those then the terrorists have already won.
Mabey well all should host our own reality tv show
Looks like Europe never quite got past their neo-facist control fetish. I seem to remember europeans talking about how much more free they are on every new "U.S. passes justified security law, infringes on some privacy" article to come along.
Well HA!
I'm glad I live in America. Still the MOST FREE, MOST DEMOCRATIC COUNTRY ON THE PLANET!
Down with the Eurotrash fascists!
I dare you!
HA! I knew you couldn't do it. Sucka!
It seems to me that it's more likely to be a side effect of the US War On Terror that is driving them to keep better log info.
Sadly, most people are unwisely giving up their privacy under the rubrik of "cracking down on terror", while failing to realize that it isn't that useful in actually doing something about it.
--- Will in Seattle - What are you doing to fight the War?
George Bush, President of the USA, sent this demand -- among many others -- to the EU on October 16, 2001:
Open Source still has well under 5% of all computer use.
Well, I'm a syadmin at a University research lab, and when I want to do something the University may not like on the net (visit websites that may violate AUP or something) and I don't want those nosy upstream admins to notice, I pipe it through an IPSec tunnel I set up between my lab and my home network, since my DSL provider doesn't care what I do. So, I'll login remotely and run mozilla or something on my home comp and pipe the display back through the tunnel, so all anybody between my computer at the lab and my computer at home would see is a bunch of encrypted ESP packets flowing back and forth.
I wonder if a company in a place where laws like this don't exist (is Sealand still around?) could set up a proxy service provider, so all your traffic (or at least any traffic you don't want somebody spying on, like email, some web traffic) would be routed securely through them, so your local ISP wouldn't have anything but encrypted packets to monitor. Then they wouldn't have anything of consequence to share when the cops come knocking. I'd pay for such a service, would you?
We don't have a state-run media we have a media-run state.
... I'm adding ... and subtracting ...
What computer use do you refer to? VIC-20? Timex? Abacus?
The strong-willed Open Source community of developers does not hold even 0.05% of the software used on computers.
Only we learn where to place the decimal will the legions of Open Source developers reach the attainable goal of replacing DOS 6.2.
I didn't know RMS posted here on a regular basis. Doesn't that fit in with his new idea on an "open-source spy satellite?"
There probably is another, more secret, document floating around Europol. In this document, they ask for
- Every EU citizen submitting a full report each month about all Internet activity they had that month;
- Each of those reports to be compared against the actual internet usage, by a bunch of underpaid exploited 3rd world country workers
- Any activity unaccounted-for punished by a slap in the face with a largeish wet fish.
When this highly secret document makes it into a proposal for EU legislation, then I'll start to petition against the proposal. Gah... If i had to worry about every little paper that fell off some clerk's desk...
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
Data that must be retained by Internet Service Providers:
1. Network Access Systems - Date and time of connection of client to server - User-id and password - Assigned IP address NAS Network attached storage IP address - Number of bytes transmitted and received - Call Line Identification (CLI) - User's credit card number / bank account for the subscription payment
2. Email servers - Date and time of connection of client to server - IP address of sending computer
- Message ID (msgid) - Sender (login@domain)
- Receiver (login@domain) - In some cases identifying information of email retrieved
3. File upload and download servers - Date and time of connection of client to server - P source address - User-id and password - Path and filename of data object uploaded or downloaded
4. Web servers - Date and time of connection of client to server - IP source address - Operation (i.e. GET command) - Path of operation (to retrieve html page or image file) - Those companies which are offering their servers to accommodate web pages should retain details of the users who inserts these web pages (date, time, IP, User ID, etc.) - "Last visited page" - Response codes
5. Usenet - Date and time of connection of client to server - Protocol process ID (nnrpd[NNN...N]) - Hostname (DNS name of assigned dynamic IP address)
- Basic client activity (no content) - Posted message ID
6. Internet Relay Chat - Date and time of connection of client to server - Duration of session - Nickname used during IRC connection - Hostname and/or IP address
7. Data that must be retained by telephone companies for fixed numbers' users: - Called number even if the call was not successful - Calling number even if the call was not successful
- Date and time of the start and the end of the communication - Type of communication (incoming, outgoing, link through, conference) - In case of conference calls or call to link through services, all intermediate numbers - Information both on the subscriber and on the user (name, date of birth, address) - Address where the bill is sent - Both dates (starting and ending) from when the subscription has been signed and dismissed - Type of connection the user has (normal, ISDN, ADSL, etc., and whether it is for in-out calls or for incoming only) - The forwarded called number - The time span of the call - Bank account number/other means of payment - For a better investigative purpose Telcos should be able to know the nature of the telecommunication: voice/modem/fax etc.
8. Data that must be retained by telephone companies for mobile / satellite numbers' users:- Called number even if the call was not successful- Calling number even if the call was not successful - Date and time of the start and the end of the communication - Type of communication (incoming, outgoing, link through, conference) - For conference calls or call to link through services, all intermediate numbers - Information both on the subscriber and on the user (name, date of birth, address) - IMSI and IMEI numbers - Address where the bill is sent - Both dates (starting and ending) from when the subscription has been signed and dismissed - The identification of the end user device - The identification and geographical location of the cells that were used to link the end users (caller, called user) to the telecommunication network - Geographical llocation (coordinates) of the mobile satellite ground station - Type of communication (incoming, outgoing, link through, conference) [duplicate item] - GPRS service - For conference calls or call to link through services, all intermediate numbers [duplicate item] - The forwarded called number - The time span of the call - Bank account number/other means of payment - As GPRS and UMTS work on Internet base, thus all the data above mentioned (as IP address) should be preserved - For a better investigative purpose Telcos should be able to know the nature of the tgelecommunication: voice/modem/fax etc.
I'll be on yours if you'll be on mine.
"Lake Gaza"
Does anyone remember what happened to Interpol after Germany overran France? Well it became part of the Gestapo. Many Many people lost their lives because of information in Interpol files.
Why is this a violation of privacy? While the information may be handled casually in many cases, it is not published publicly. Do users really think they have an expectation of privacy in this way? Do they really think they have a right to be untracable and unaccountable for their actions online?
I know slashdotters seem to be always fighting a losing battle for privacy, but these logs seem to be common sense.
Seriously, what the hell are these governments up to? Seems to me you'd have to be pretty afraid of something to mandate surveilence on the scale of what's going on in Europe these days, and last time I checked the climate wasn't right for a revolution (not enough poverty!).
So, what's going on in Europe?
Hexayurt - open source refugee shelter,
Also, since everybody knows that trolls=terrorists,
The Palestinians figure out that there is no world sympathy for their cause while these stupid suicide bombings continue...
For crying out loud, if I have to hear about one more Palestinian mother exclaim how happy she is her son/daughter did such an idiotic act, makes me think they are not capable of being good world citizens...
I'm sure to get flamed for this, but they aren't really asking for that much. Let's face it, most of this information is available with verbose logs on systems. A lost of it is stuff that ISPs in the US have to keep anyway, for legal reasons and just to help with tech support.
These are actually very reasonable requests. I work for a large company that is sometimes asked to produce some of this kind of information. Most of this is kept in our basic logs. Again, this is partly for legal reasons, but also so taht we can effectively troubleshoot problems that customers may have.
"All the things I really like to do are either immoral, illegal, or fattening."
- Alexandar Woolcot
Insert comment about history repeating itself, but seriously this is not only not new but can be detected by anyone who does not let emotional bias and denial get in the way of pattern detection, or perhaps is just ignorant which could be solved easily.
These types of records will be gold mines for all kinds of people... political opponents, blackmailers putting the squeeze on unfaithful spouses, spies following government employee activities, stalkers, etc.
something tells me that when some bigshot gets tagged and embarrassed by what is divulged, there will be some additional restrictions placed on what/how data can be stored and accessed.
Let's fight this disgusting business the best way Slashdot can! Click here to Slashdot Mediaforce!
Europol != Europe. Seriously, does Chicago PD equal the US government? It's a draft of a law enforcement agency's wish list - a starting point for one side of a debate, not anything that's passed in to law. Just because the MPAA have probably had a debate along the lines of "OK, what'd it be cool if we could force on users?" doesn't mean they get it - or even ask for it.
Okay, there are huge privacy concerns at stake. I know that. I'm just curious what good could come from it. If that's the type of thing that can stop another 9/11 from happening, then it's possible I'd reluctantly approve of something like that.
Unfortunately, I don't see the immediate connection between logging ftp logs and stopping terrorism. If anything, I think the MPAA or the RIAA would have more to gain than the War on Terrorism.
So my question is, can anybody think of benfitis to this type of surveillance? I'm not looking for justification, just silver linings here and there.
Heck, I'd love to hunt down that guy who modded me down earlier. Heh.
"Derp de derp."
I can see a problem with monitoring content, but why is keeping IP logs a very big deal? There aren't any laws that protect the secrecy of my IP address. The ISP 'owns' the IPs (sort of...well, they pay for them). Also, why make it easier for people to get away with kiddie porn, etc. - related offenses. As long as they don't sell this information to, say, make a profit (e.g. somehow for marketing purposes, or whatever), I don't see that becoming a very big deal, at least not something that violates my privacy.
Hey. We're all in this together!
-b
Who would want to retain data? I always feel bloated when that happens.
You just keep telling yourself that.
This is a wish list compiled by an investigative police agency. What did you think would be on their wish list? A Barbie Dream House?
- A.P.
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
I would have loved a static IP back when I had dial-up, sounds great to me. The other stuff is another story.
Moderation Totals: Flamebait=2, Troll=1, Redundant=1, Insightful=6, Overrated=1, Underrated=1, Total=12. (not mine)
I am not surprised. Europol is more communist than KGB!
I must have read that as 'Europol Describes Anal Retention Desires' at least twenty times.
but turnabout is fair game I've taken so much shiz from canadians and europeans on how my government (USA) is so evil and corrupt and the antichrist and how does it feel euroslut or canadaslut now :P
when will you think it's a good idea to get along and not bitch and make fun of the people you relied on 50 years ago for your very existance :P
Actually, it fits in nicely with my 'Echelon at home' vision. They watch us, we listen to their wire/cellphone traffic and decrypt it in a nice grid computing style algorithm. #1 target should be GSM SMS messages; the GSM algorithms are known, the text should be interesting, especially if we can set up listening stations in london, paris, rome, berlin etc;
After all, Europe is the birthplace of the modern police state.
Don't use the network, don't use a cell phone etc. Go John Galt and become a non-productive member of society and see how long it holds together.
The really scary part is that afaik Europol is under no parliamentary control at all, they can do whatever they want and eavesdrop on each and everybuddy. Knowing that you somehow don't feel like being on the western side of the iron curtain.
You just recapitulated the original document. Nice formatting :-)
Actually, most neo-fascist European UberISPs already log all the data requested in items 1-5 as most of them use (transparent) proxies for http and ftp. I wonder why the "last page visited" is so important to them, maybe they're trying to piece sessions together where a user disconnects and then logs on to another ISP. I'm not so sure about 6. IRC whether they already monitor it, but it's good OPSEC to assume that they do. Incidentally, the UberISP I'm subscribing to, actively assisted a German Pay-TV company by redirecting http-requests for a website containing hacking information to the homepage of the national police.
I know that my telephone Ubercompany is logging all the data they ask for and in addition to that "legitimate interests" can connect at any time without having to present a warrant to their switches to listen in to all my calls. Same thing goes for my mobile phone, and say did you know that the austrian police requested and received all cell phone subscriber information of people who were either participating or just for being in the vicinity of a demonstration?
The best kind of OPSEC in telecommunication is and always has been keeping your mouth shut.
Don't believe everything you read kids!
I am the NUL and the DEL, the beginning and the end.
Well just go for the project looking to do an open-source implementation, This project want to build and open and free implementation of the specifications that have leaked from dutch tapping plans. They argue that not every hosting provider wich only has a single server somewhere in a rack will be able to meet the tapping requirements if only comercial solutions where available. The documentation served at opentap.org includes things like leaked specifications of the tunnel used to transmit trafic to law enforcement servers, specifications of a working implementation of the tapping systems including openbsd/mysql/openssl based servers and a pcb design for a optical listening and filtering device by inovative systems delft and specifications and examples of xml based "electronic warrants" (yes they still need warrants in this case).
Why is the dutch situation so interesting? it seams like many european countries could learn a lot of the hassle that the dutch geverment has has gone trough enforcing its tapping ideas. and it also looks like the dutch laws which every isp has to folow will become similar if not the same.
And what better place for them to do it then the EU, where democratic control is at a minimum.
send an email to you favorite .co.uk email address with a appropriately large attached file for their achieving pleasures. and they tell two friends, and they tell two friends...
seriously, in seven years, how big can these archives be?
Europe is one of those political unions that goes from fairly liberal democracy to fascist police state without an intervening period of civilization.
668: Neighbour of the Beast
I prefer my neo-fascist control fetish to your neo-liberal corporate masochism, thankyouverymuch, Mr. trailer-trash hillbilly. Glad to live in Europe, still the place where people actually care for each other and have a sense of community beyond "Those fucking cops better beat up that dirty bum or I'll shoot him myself!"
The illegal we do immediately. The unconstitutional takes a little longer.
--Henry Kissinger
Well what about my freedom to walk down the street safely? Doesn't that count for anything?
g y as it *could* all be concevably abused by some future evil government(tm). Or how about putting everyone in prison. Because thats just one tiny little step down the road from putting cameras in public places isn't it.
I just can't see any logical arguments here except conspiracy stories. It's a millions miles difference the government putting cameras in public places where there is already no privacy to them putting cameras in our houses.
Why the hell do you all think because we let cameras in public we would then roll straight over and let them into our homes?
By these paranoid arguments we should get rid of all weapons/army/police/cars/planes/tv/radio/technolo
I find the manipulative behavior in this even more disturbing than the tagging itself.
That's one way of making people submit to drastic tactics. Offer a new way of control alongside an even less desirable scenerio and then let them "decide".
Neat way to introduce draconian concepts into society. Make it seem like the people are deciding for themselves. Playing mind tricks on you, and it's working.