Re: 23,000 IP addresses

["Kevin Oberman" <oberman () es net>]

> From: Owen DeLong <owen () delong com>
> Date: Tue, 10 May 2011 12:02:33 -0700
>
> On May 10, 2011, at 11:49 AM, Michael Holstein wrote:
>
> > > In the EU you have Directive 2006/24/EC:
> >
> > But I'm not, and neither are most of the ISPs in the linked document.
> >
> > Regards,
> >
> > Michael Holstein
> > Information Security Administrator
> > Cleveland State University
>
> In the US, I believe that CALEA requires you to have those records for
> 7 years.

Owen,

Afraid not. As of this time there are no data retention requirements in
CALEA. There is a proposal to add data retention to CALEA this year, but
I can't even find anything indicating the legislation has been
introduced.

According to an article in the NY Times last fall, the FBI will be asking
for several new tools in CALEA that include data retention requirements,
requiring P2P software to allow intercept and requiring that providers
dong encryption (e.g. Blackberry) to provide the ability for the
government to decrypt the data. I don't know that legislation has
actually been introduced, though.
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman () es net                       Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751