Previous Politech message: http://www.politechbot.com/2005/12/20/replies-to-eu/ -------- Original Message -------- Subject: Re: [Politech] Replies to E.U. Parliament voting to force "data retention" on telecom, Net firms [priv] Date: Fri, 23 Dec 2005 19:07:14 +0100 (CET) From: Paul Wouters <paul@private> To: Declan McCullagh <declan@private> CC: z at oii dot ox.ac.uk References: <43A8D0F3.4030500@private> On Tue, 20 Dec 2005, Declan McCullagh wrote: > -------- Original Message -------- > Subject: Re: [Politech] E.U. Parliament votes to force "data retention" on > telecom, Net firms [priv] > Date: Wed, 14 Dec 2005 11:19:36 -0500 > From: Jonathan Zittrain <z at oii dot ox.ac.uk> > To: Declan McCullagh <declan@private> > > [pls obfuscate email address to avoid spam bots] > > -- > > Declan, > > I'm curious whether a US or other foreign market might arise for > turnkey startup-to-shutdown VPN services on European PCs, allowing > those inside Europe to render data retention moot in exchange for a > slight slowdown in network performance This has long ago started on the protocol level. FreeS/WAN's "opportunistic encryption" is a protocol extension that allows the setup of VPN connections between arbitrary hosts, using the DNS (and soon DNSSEC) as an out of bound third party location for the public keys. There is also an IETF effort going with somewhat similar goals, called BTNS. Openswan (successor to FreeS/WAN) supports Opportunistic Encryption. You can find more info in the BlackHat archives, I gave a few talks on this topic. > an overseas server) and the possibility of surveillance or retention > in that third location. One wonders if any of the member state > implementations of the directive will seek to penalize the provision > or use of such services under an "induce" or other standard. ...JZ ISP's cannot offer such services, since they are required to remove all encryption they themselves add before relaying such data to the LEA's OE works between endusers and servers, and is not done by the ISP itself, but by the clients/servers. Paul -------- Original Message -------- Subject: Re: [Politech] Replies to E.U. Parliament voting to force "data retention" on telecom, Net firms [priv] Date: Wed, 21 Dec 2005 14:40:19 +0100 From: Ralf Bendrath <bendrath@private-berlin.de> Reply-To: bendrath@private-berlin.de To: Declan McCullagh <declan@private> References: <43A8D0F3.4030500@private> Declan, as there was a question to me in your collection of replies, I attach the answer I had already sent to Richard privately. Best, Ralf > -------- Original Message -------- Subject: RE: [Politech] E.U. > Parliament votes to force "data retention" on telecom, Net firms [priv] > Date: Wed, 14 Dec 2005 11:58:31 -0500 From: Richard M. Smith > <rms@private> To: <bendrath@private-berlin.de> CC: > 'Declan McCullagh' <declan@private>, 'Richard M. Smith' > <rms@private> > > Hi Ralf, > > Do you have sense how long wireless carriers are typically keeping > around call data today without there being any kind of government > mandate? Currently, they are only allowed to store it as long as needed for billing purposes (that is the legislation in force now under the EU privacy directives), which is normally not more than two to three months. > Also, with cellphones, location data is available even when a call is > not being made. Will this location data also have to kept around > under the proposed law? The text adopted in the EP says no - only when you make (or attept to make) a call. But there will for sure be a mission creep and an extension of the data to be retained, and a lot can be done on the national levels. _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2.1.3 : Sat Dec 24 2005 - 11:07:16 PST