Re: Standing Up Against German Laws - Project HayNeedle

[Vincent Archer <varcher () denyall com>]

On Sat, 2007-11-10 at 22:45 +0100, LT wrote:
> According to [1], Internet Service Providers must record the
> following information:
> 1) the IP address assigned to the customer
> 2) a precise identification of the (dial-in) port that is used for
> internet access (i.e. your phone number, customer number etc)
> 3) connect and disconnect timestamps
>
> This does however not include logging IP connection attemps to your
> favorite blog or website or anything like this.
> They only have to log the IP address and connection times of your
> dial-in session.

It sounds familiar. In France, this is is also a legal obligation, and
at the same degree, and it has been for some time. It's an extension
of the existing legal obligations in phone telecommunications, which
have existed (including the 6 months time which is the same here) for
ages.

In an old hacking attempt early 2000, that's exactly how we got proof:

Originating IP -> ISP for the phone number -> France Telecom for the
name and address.

You do realise that every phone call you make already leaves the
exact same trace? And in fact more, as the phone call has a
destination phone number, which is also recorded.

> Besides that, there is an explicit statement [2] that forbids
> recording contents or data related to the visited web pages.

Yes, because that is considered wiretapping, which requires a judge
to determine if you have enough cause to warrant the breach of
privacy involved.

-- 
Vincent ARCHER
varcher () denyall com

Tel : +33 (0)1 40 07 47 14
Fax : +33 (0)1 40 07 47 27
Deny All - 23, rue Notre Dame des Victoires - 75002 Paris - France


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/