Slashdot Mirror
Dutch Gov't Has No Idea How To Delete Tapped Calls
McDutchie writes "The law in the Netherlands says that intercepted phone calls between attorneys and their clients must be destroyed. But the Dutch government has been keeping under wraps for years that no one has the foggiest clue how to delete them (Google translation). Now, an email (PDF) from the National Police Services Agency (KLPD) has surfaced, revealing that the working of the technology in question is a NetApp trade secret. The Dutch police are now trying to get their Israeli supplier Verint to tell them how to delete tapped calls and comply with the law. Meanwhile, attorneys in the Netherlands remain afraid to use their phones."
Absolutely superb.
If I had an Ass, I'd call it Fanny Bottom, then I could slap my Ass; Fanny Bottom, on the Arse.
rm filename
Every knows that you have a very high risk of getting tapped here. At least i'm glad to have a DSL connection as phoneline now, as it no longer introduces those annoying clicks traditional phonelines suffer, indicating recording started, whenever you say numbers, raise your voice or trigger a keyword, as it all is digital. I find it in particular funny to get 'observed' as i got nothing to hide, but just may have a couple 'interesting' friends between my connections. Also, by living in this town for a little, i know about at least 1 person for 100% sure he works for secret intelligence (y, i learned deduce at skool). Call me paranoia or not. I'm knowing for sure me and some friends getting traced, and i don't fucking care except to think of bullshit stories to confuse them. I'l make them easy this time by just publishing my IP: 127.153.231.2. You'r welcome.
Lawyers aren't afraid at all to use the phone: If a tapped conversation between them and their client turns up later in court, their client usually walks.
Wait for the claims against the state!
Is this already on failblog?
drop database;
Take media with recorded conversations, place in a pile, load it up with a half-tonne of aluminium filings and iron oxide, and apply a high temperature heat source.
You might want to wear safety goggles.
Finally had enough. Come see us over at https://soylentnews.org/
So then the only way to comply with the law is to not tape them in the first place.
... and tell them that there's no way they could ever delete anything. Trust me, they'll find a way.
Use Israeli telco supply firms for outsourced backend billing and interception.
Fox new did a report on it
http://www.youtube.com/watch?v=kle7ZgmFcpQ (pt 1)
http://www.youtube.com/watch?v=ZeaXlrldqwo (pt 2)
Why or how so many national telcos let interception drift away from core in house responsibilities is just strange.
If your an attorney and your client is literate, buy a note pad, write out your work, read and then destroy (with a few pages under the written page too).
With fusion centres in the US and any suspect now a "terrorist" most of the attorney client privilege protection is getting blurred.
Domestic spying is now "Benign Information Gathering"
And I am not sure if they are interested in having tapped calls deleted
I mean really deleted!
....the system is probably a piece of shit built by incompetents. What are the odds they can even find them after 3 years?
On the other hand perhaps they can delete them but they're claiming not to be able to so they can hang onto them.
Either way police that don't comply with the law, or incompetent fools - not good.
These posts express my own personal views, not those of my employer
rm -rf /
http://michaelsmith.id.au
Deleting data is really really hard. If one is storing large amounts of data it is difficult to put a system in place which can prove that every copy in your posession has been deleted. Think about the work of sifting through thousands of write-once offline backups, be it tapes or CDs or whatever, locating the data, copying the original minus the data and destroying the originals. If that's not hard enough, what about data that's not in discrete files. Say there's a PostgreSQL database that's zipped and spans a thousand peices of physical media. The only way to delete a record is to load the whole database then redump it. And don't forget about regenerating all the index files. And dealing with obsolete file formats.
This sounds like a stupid problem, but in reality it is really tough to delete something and be certain that you've got it all.
But im not, really. Having worked for the Dutch police twice now, I can safely say that the majority of their IT staff are completely clueless. A few years ago they "outsourced" their IT to a seperate entity to handle all their IT, but this entity was staffed mostly with the people they already had, so there wasn't any actual increase of knowledge (as far as I could tell). They got a nice fat bag of money and an unclear manifest, all paid for by us - the Dutch taxpayer - and this is what we get.
The Netherlands: No privacy, no competence and instead of capable beatcops we get highway robbery in the form of a cop with a lasergun having his daylong break sitting behind a bush next to our highways. And they wonder why the populace is starting to hate law enforcement.
Do yourself a favor and do a search on Google for "C2000", another one of the Dutch police success stories.
I could weep. Or well....puke really.
"Sarcasm is for *winners*, Alan." - Charlie Harper (Two and a Half Men)
You can delete anything with a sufficiently large hammer or a can of kerosene.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
That is the question.
Call Tom Dickson.
rm -fR /
msft products, they consistently delete data automatically for you with no interaction required
since they went with an open source solution, they can easily... oh, wait.
The Cloud - because you don't care if your apps and data are up in the air.
I don't know if the law is different in the Netherlands, but in the UK if the client tells the lawyer that he did do it, he has to either find a new lawyer or agree to plead guilty and present mitigating circumstances. A lawyer is not allowed to tell actual lies in court.I doubt it is different elsewhere in the EU.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
After all, in 1688 we acquired our Government from the Netherlands and it was a big success story. Now it's time to return the favor. Gordon Brown is not quite as glamorous as William of Orange, but I'm sure we'd let you have him and his Cabinet for free.
We also have some bankers you might like. The famous Dutch bankers were the Fuggers. We call ours by a very similar name, sometimes prefixed with "mother".
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
If the Dutch government can not figure out how to delete the files, how can they expect TPB to delete the torrents!
The purpose of writing is to inflate weak ideas, obscure poor reasoning, and inhibit clarity....Calvin
For those who are offering commands to get rid of the data, you need to understand the why they will not work.
This issue is that the storage system used is designed is such a way that you CAN NOT modify any data once it is written to the disk.
Once the data is written, it can not be modified or deleted. Now, the reasoning behind this is so the police can not digitally manipulate the timestamps or data in any way. This is to protect the integrity of the data so it can withstand legal challenges.
They are faced with a 'catch 22' situation. If they can figure out a way to delete a 'prohibited conversation' they could theoretically modify the data too. Opening up the possibility of having a criminal conversation being invalidated.
The issue is the difference between destroying (in practical terms: erasing), as they are legally obliged to do, and deleting it. This pdf documentlinked from the article explains in laymen's language how the "pointer (or route) in the system to the data concerned" is removed, making 1) the data inaccessible to investigators, and 2) freeing up the space of a hard disk array for new data, and then goes on explaining that the data may theoretically still be retrieved from the disks if not yet overwritten. They don't know whether the commercial black box system they use erases the data, and suspect it doesn't.
There is this company called "Danger".......
It seems to me that, now that this is certain knowledge, the police cannot legally continue to outsource their tapping to this supplier. Surely there are required to find another, compliant, way of doing their intercepts with emergency status. Otherwise, they themselves are committing a crime. They could reasonably plead ignorance up to a certain point, but they cannot do so now.
Consciousness is an illusion caused by an excess of self consciousness.
Over the past few years quite a few criminal cases were lost exactly because of this problem. In Amsterdam a huge case against Hell's Angels went south in 2007 (everyone was set free) because they didn't destroy tapped recordings with attorneys. Last year it happened again (dutch links, sorry).
I hope someone got canned because of this, but given our incompetent justice department I really can't see that happening. Phone tapping has reached epidemic proportions over here (highest number of taps per person in the western world), as it's much easier than actually investigating a case based on given evidence.
Funny that this is the second article on our incapable justice system within a day on /., go us \o/
This sig is intentionally left blank
Seriously, when you buy a tamper-proof data retention system - don't be surprised if it does exactly that! :)
It's a well-known conspiracy theory: that Mossad has created Telco front companies throughout the world to spy on other nations. See The Israeli Spy Ring, which talks about the Fox News articles, and another typical story. Of course, a conspiracy theory doesn't make it true...
So can the western world stop mocking privacy in China now?
Once the data is written, it can not be modified or deleted. Now, the reasoning behind this is so the police can not digitally manipulate the timestamps or data in any way. This is to protect the integrity of the data so it can withstand legal challenges.
The way (the only way) to remove protected data from this class of enterprise storage system is to copy off all data except the data you need to delete/destroy, bring the vendor in to do what is essentially a low-level reformat of the entire enterprise storage system and then copy back the subset of data that was saved. Is it expensive? yes. Is it time-consuming? Double yes. Is it a major PITA? Triple yes, because of all the paperwork and manual effort you have to do to retain the chain of custody for the evidence data that you're taking through this process. DOES IT ACHIEVE THE LEGALLY-REQUIRED RESULT? YES.
Deleting and modifying are two distinctly separate things. It shouldn't be a problem for a system to allow deletions but not modifications.
Combined with proper backups and auditing, that should be sufficient to retain the legal value of any digital data.
Tell that to O.J.'s lawyers and anybody else who wants to claim, or actually believes, that the police might want to tamper with evidence to frame them. Or tell that to all the commentators on fark who are certain that the police would delete evidence to help protect one of their own. You should understand that these kind of enterprise storage systems that protect data from any kind of tampering (and "losing" data is a kind of tampering) even by system administrators are intended to be used in lieu of mountains of WORM media. When you've properly designed for their use they offer a worthwhile benefit.
It's hard to be sure because I don't read dutch, but it may be that the designers of this Dutch system botched it. The system should have had the Verint recording software tag recordings with a limited duration retention flag at the time the recording is made and then required human intervention to mark for longer retention any specific recordings that can and should be held on to. That partially re-opens the window for "losing" data, but that is necessary to allow legally-required data to be deleted.
Now if you want to tie the whole discussion back to rights in the U.S. ... how many police departments do you think actually have the technological ability to "purge" juvenile records? (hint: not that many) Of those which do, how many do you think actually know how to use that ability?
However, your post is utterly uninformed. Solicitors advise clients on law in lower courts. In higher courts barristers will more usually do the work. Commercial clients who don't like solicitor's advice will frequently try to get advice from a QC - a senior barrister - in the hope it will persuade their boss to go on with the case, hence my father's oft-repeated comment to clients "You can have counsel's opinion and it'll cost you £30000, or you can slip me £15000 and I'll tell you that it's 50-50 for half as much."
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
Illegal tapping of newspapers in the NL:
http://blogs.journalism.co.uk/editors/2009/07/09/nisnews-nl-dutch-newspaper-suing-state-for-phone-tapping-journalists/
http://badnewsfromthenetherlands.blogspot.com/2009/10/court-intelligence-service-illegally.html
The Amsterdam court has determined that the General Intelligence Service AIVD broke the law of freedom of press by tapping the phones of journalists of the Telegraaf daily
Wow, the Netherlands have their phone service going through a Mossad front company, Verint. How very fucked up.
That's all: it's a black box situation, the police have no control over the data, maintenance is done purely by the manufacturer and tampering will be punished. Somehow somewhen in the past (at least for a decade) the decision was made to purchase (probably read "lease") this Israelian device. And de peaple pay dearly.
All those moments will be lost in time, like tears in rain. Time to die.
1) Move tapes to Soviet Russia
2) Tapes delete you
3) ????
4) Profit!
The actual problem is that they don't know how to delete calls that they shouldn't have recorded in the first place: conversations between lawyers and their clients. Why am I not surprised? Someone told me a couple of years ago that Dutch police staff is not allowed to be present when staff of the Israeli vendor of the equipment is performing maintenance. I'm sure Moss^H^H^H^H Verint has put in components that send the calls to more recipients than it should.
no, I don't have a sig
Isn't there a law which would prevent an entity from blocking another entity from complying with the law? For instance, if I sign a contract with you that requires me to break the law to fulfill it, the contract is invalid and you can't hold me to it. How does this work in the case of one entity withholding information which compels others to break the law? I'd not heard of this Dutch wiretapping of lawyers stuff, but its ironic that a society which many naive American liberals (of which I am one) view as more-enlightened than the use would so quickly slide down the slope of injustice. Privilege is one of the pillars of society.
Just have them store their data on Seagate 1TB drives! Everything will be gone in 3-6 months.
When I worked at fortune 500 company we had these Write Once Ream Many dive systems to record images of contracts. http://en.wikipedia.org/wiki/Write_Once_Read_Many
The drive platters looked like CD recordable media in a plastic case about the size of a large pizza. Two machines would write out the data and when full the platters went into one of the jukeboxes (readers). Not a bad system, a bit slow. 90's tech.
But then we got high.
*.wav or *.aiff usually...
references available upon request. hourly, not salary offer please.
Good people go to bed earlier.
I am not sure if someone already pointed this out, but the irony here is that most companies, governments, etc, have a hard time holding onto data. Normally, one does not read/hear about a company/government that cannot "delete" data... Good times! --StakOvahflow
Holy happy hippy crap!
The Netherlands are famous for the highest level worldwide of tapped calls: basically everyone is tapped. Privacy of human beings is constantly and relentlessly violated by saving all people's data, child growth records, police records, medical records, all highways you ever drove through, all metro or bus you ever took, any website you ever visited through your mobile, sms you sent, call you made and so forth, all goes into huge databases often officially in the hands (or easily accessible from) government agencies, and quite often very badly managed(read: badly protected) through external outsourcing contracts. That's the impression you get.
Let alone having a clue about their own IT system. Everyone is tapped, we said. Unsurprisingly: nobody cares, because despite overly unnecessary tapping, the country stays as yet infested by criminals and criminality, also due to the fight between judiciary and political worlds.
It's a cultural aspect I think: so much logged, nobody knows how to use that in first instance to successfully defeat criminality in courts, so that bad guys manage to walk free. But I guess a lot of people has fun in their gray office in rainy days at listening the recording of your call with your girlfriend..
That said, if you are lucky your living standard may be pretty good in the land. You can sue your neighbor for damage by his cat and win his money.
Only: if there is a bad example of paranoid violation of privacy combined with apparently inadequate enforcement of the criminal law, there you have it.
Any world you say may be used against you, if we find the record.. wait a minute.. just a sec.. almost there...... ... oh but we didn't have the right to keep records of you so we deleted it...... ..... actually, we have no idea how to delete a record and all its snapshots normally, but in this exceptional case we managed to.. a system crash.. I'm not sure.. ....... .........there seems to be a problem with the support contract of this thing... they manage it from India... .. otherwise send a letter to............
Ahem, sorry It's friday 17:30 can you come back on Tuesday?
get a very large MAGNET !
By reading this solution, you obligate the Netherlands to pay the sum of Euro 100,000,000 into Acct #3443321
Nigeria National Savings Bank, Lagos, Nigeria.
Yours In Crime,
K Trout
Having worked with Verint many many times I can tell you that they will nothing but stonewall you and then charge out the ass (7+ figures) for the simplest of procedures. Verint and Nice are the worst recording companies there are.
Colour, check.
Structure, uhm, what?
Density?
I prefer:
/dev/urandom > /dev/hda
:)
cat
Makes data recovery much more difficult
"When information is power, privacy is freedom" - Jah-Wren Ryel
the little trash can thingie in the corner of the screen. See, that was easy.
Doesn't that violate EU "data privacy" laws?
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
a cryptophone. Sure, the call will be logged, but it'll be encrypted, care for some speech to text on noise?