Slashdot Mirror

← Back to Stories (view on slashdot.org)

German ISP Forced To Delete IP Logs

Posted by ryuzaki0 on from the next-the-request-will-be-used-as-evidence dept.

An anonymous reader writes "A German federal court decided today that T-Online, one of the largest ISPs in Germany, was obligated to delete all IP logs of a customer upon request to guarantee their privacy. From the article: 'The decision (German) does not mean that T-Online is now obliged to delete all their IP-logs, the customers first need to complain. But, if they ask T-Online to delete their IP-logs, the ISP has no other choice than to comply. A lawyer from Frankfurt already sketched a sample letter (German) to make this process easier.'"

7 of 202 comments (clear)

  1. A question for network admins by gaijin99 · · Score: 4, Interesting

    I'm not an admin, and never have been so I'm working on ignorance here. But my question is, why bother with long term logs anyway? I understand a need to keep logs of activity for a week or so to deal with various attacks, zombie machines, etc, but why not set the logs to automatically wipe anything past that point? I can see maybe going nasty and selling it to advertisers, but other than stuff like that is there a use?

    --
    "Mission Accomplished" -- George W. Bush May 1, 2003
  2. Australia.. by swordfishBob · · Score: 5, Interesting

    It should work in Australia. Privacy laws here state that:
    - If I ask a company operating in Australia what information they have about me, they are obliged to tell me
    - If I ask where they got this information, again they must answer
    - If I ask the same company to remove such records, AFAIK they must, though there are reasonable exceptions to this one. (e.g. if i've done business with them, they have to keep financial records. if it's my bank, they might have to cancel the mortgage to comply..)
    - Companies operating here are not supposed to pass on private information without consent, which is why so many competitions and things have clauses in tiny writing to get your consent.

    --
    -- All your bass are below two Hz
  3. Re:Motherfucking bureaucratic world... by aeschenkarnos · · Score: 2, Interesting
    Because: (a) some people commit actual crimes (like, the kind with victims) on the internet, and the ISP's logs are equivalent to the film from the CCTV camera across the street from a robbed bank; (b) there are good technical reasons, ie statistical data used for load-balancing purposes, network expansion, upgrade scheduling etc, for keeping logs (although obviously, stripping out identifying data ought to be done wherever this doesn't interfere with that purpose); (c) to some extent, keeping "logs" as such is an unavoidable consequence of doing what an ISP does. Functions like billing depend on logs. If they didn't keep logs, what recourse do you have if they bill you for 100GB over-quota usage during the month?

    As with any other business you deal with, the difference between "monitoring customers" and "keeping business records" gets a bit blurry. A plumber keeps a "log" of whose house he visits, what he does in each house, what materials he uses, and how much he charges each householder. He probably calls this log a "receipt book". Obviously this book is unlikely to contain evidence of a crime, but that's due to the different nature of the plumber's business, not the fact that he keeps logs.

  4. Re:The way it should be. by JPriest · · Score: 2, Interesting
    AFAIK US ISP's are required to keep the logs for some 180 days in case of a criminal investigation. It is fairly common to get investigations for things that happened more than, say 60 days prior. I believe there is legislation in the works to force ISP's to keep logs for longer periods of time (1 year?).


    Disclaimer: By "logs" I don't mean record of what web sites were surfed and what files downloaded, I mean record of what customer had X IP address at Y time.

    --
    Saying Java is nice because it works on all OS's is like saying that anal sex is nice because it works on all genders.
  5. Re:The way it should be. by Loconut1389 · · Score: 2, Interesting

    Have you ever seen a linux logfile? Especially if you have iptables turned on and fairly restrictive on a public-facing ip...... Each line a couple hundred characters and the files get very huge very fast. You're also assuming the customer is only being logged for something like a ppp connect/disconnect... Many protocols (IMAP forinstance) have 5-10 lines for each connection, and then mmore during transfers and idles, depending on your log level. It's conceivable to have several gb a day for even an extremely small IP. If they were hosting a handful of ginormous sites, replete with services (IMAP, SMTP, NNTP, RADIUS (for 802.11 or other), HTTP and others), the logs would be well beyond the simple calculation you're discussing.

  6. Sarcastic comment explained by Teun · · Score: 2, Interesting
    Voss was sued for making a sarcastic comment in an Internet forum back in 2002.

    Sorry for reading TFA...

    --
    "The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
    1. Re:Sarcastic comment explained by sholden · · Score: 2, Interesting

      From wikipedia: "during the course of the trial, it was also revealed that his disclaimer of the posting as sarcasm had been left out from the legal documents provided to the prosecutor by law enforcement agencies."

      You would hope that would be a crime in itself.