mailing list archives
Re: Fed Bill Would Restrict Web Server Logs
From: Bill Nash <billn () odyssey billn net>
Date: Tue, 14 Feb 2006 12:20:25 -0500 (EST)
On Tue, 14 Feb 2006, Hyunseog Ryu wrote:
I guess the question is how to read "legitimate" word. ^.^
I guess the bill was written in mind of privacy concern.
But also there is some requirement for security/law-enforcement viewpoint.
I received the request from some law-enforcement about actual user of IP
address 3 year ago or older.
Without all log info, how can I tell it?
In the context of the legislation in question, if the user is still a
current customer, you have a legitimate business use for the data. If the
user was no longer a customer, I would surmise that you should have purged
it, as you would no longer have a need for that user's personal data.
I'm really curious whether this was a kind of post-action to the
cell-phone use log business such as locatecell.com or something like that.
An exploration of the side effects would be interesting. I think it'll
provide a legal cudgel for mailing lists and opt-in tracking, as well as
ensuring that your information is purged when/if you opt-out. It may also
have dampening effects on the sale/trade of personal information, as it
would now be questionably criminal to possess the personally identifying
information of a person you have engaged in zero business with.
From the text of the bill, there are some pretty loose points that'll give
lawyers a lot of vine to swing from, including the definition of
'legitimate business practice'. Associating all of it to 'Internet
website', as defined, is another loophole waiting to happen.
I think the single best element of the bill is the declaration that
consumers have an ownership in interest in their personal information.
Owndership implies control, and by extension, some amount of control in
who gets to have it. I'd like to see what happens when the final bill is
mated with US Federal CAN-SPAM law.
Re: Fed Bill Would Restrict Web Server Logs David G. Andersen (Feb 14)
Re: Fed Bill Would Restrict Web Server Logs Hyunseog Ryu (Feb 14)
- Re: Fed Bill Would Restrict Web Server Logs, (continued)
Re: Fed Bill Would Restrict Web Server Logs Steven M. Bellovin (Feb 14)
Re: Fed Bill Would Restrict Web Server Logs Owen DeLong (Feb 15)
RE: Fed Bill Would Restrict Web Server Logs David Hubbard (Feb 14)
Re: Fed Bill Would Restrict Web Server Logs Gregory Hicks (Feb 14)
- Re: Fed Bill Would Restrict Web Server Logs Bill Nash (Feb 14)