[ILUG] Completely loo-lah law requiring retention of e-mail
headers for 3 years
Brian Scanlan
brian.scanlan at gmail.com
Thu Jan 24 14:26:23 GMT 2008
Hi,
> "In particular, as regards the retention of data
> relating to Internet e-mail and Internet telephony, the obli-
> gation to retain data may apply only in respect of data
> from the providers' or the network providers' own services."
>
> I.e. no logging of traffic is needed, it applies only at layer-7 (as
> another poster put it).
I agree, the EU directive does not require traffic snooping, as has
been implied previously (nor will non-compliance result in the
Government shutting down an ISP). I have no idea how the Irish
Government will transpose the directive into Irish law as they have
not published or indicated much. Denmark added on a requirement for
netflow sampling when they adopted the directive, I don't think it's
feasible to go much further than that. The Irish Times report on
Saturday suggested some measures that go beyond the requirements of
the directive (''web usage'?) but that might just have been badly put.
> Further, and I might be wrong, but isn't this discussion a couple of
> years too late? I thought Ireland had already implemented
> data-retention laws long before any directive (ISTR a discussion here
> about it) - Ireland already complies with it.
The relevant directive is not yet part of Irish law. We do have
existing data retention and access laws, but I don't believe they
cover email and IP allocation records (the likes of PPP and DHCP
logs).
Brian.
More information about the ILUG
mailing list