Cybercrime Treaty — Hidden Costs For All

linuxtelephony writes in with an article at CIO Insight about a cybercrime treaty drafted in Europe with help from the US. It has implications for just about everyone with a network. From the article: "Civil libertarians are especially concerned about the sweeping authority given to participating countries to seize information from private parties as they investigate cybercrimes, even when the activity being investigated isn't a crime in the country where the data is located... Telecommunications companies object to provisions that require member countries to establish and enforce potent data-retention policies for network traffic, and require any operator of a computer network to respond to requests for information from any participating country without compensation of any kind... The provisions for data retention and production apply to any operator of a computer network, not just telecoms... Worldwide law-enforcement agencies, in other words, may now avail themselves of the opportunity to outsource their most expensive problems to you."

data-retention policies for network traffic ???

[l2718]

Someone must be a bit confused methinks. It is not now (and will never be) technologically feasible to keep a record of network traffic over any non-trivial amount of time.

Re:data-retention policies for network traffic ???

[Augmento]

this treaty is old news but as far as i can tell not enforced as such, i.e. we don't have terabytes of packet captures laying around my cubicle. bleh. just read the article and it doesn't even link the treaty http://conventions.coe.int/Treaty/EN/Treaties/Html /185.htm happy reading! oh and for the USA signing it, we did back in 2004! can you say old news? how do i get to tag stuff? OFN! http://www.securityfocus.com/news/8529