[Brmlab] Vyzva pre ISP - kolko ste mali requestov na data retention?

Ondrej Mikle ondrej.mikle at gmail.com
Sat Jun 2 15:10:28 CEST 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Zdar,

zhanam nejakych ISP (viem ze na tomto ML su aspon dvaja), co by boli ochotni
vyplnit anketu o tom, kolko dostali requestov na data retention zaznamy od
policie.

*TL;DR: IMPORTANT PART*

Dotaznik je kratky, otazky su typu pocet requestov na data retention data bolo
a kolko z nich bolo "proper" requestov, tj. predpisanou cestou cez Utvar
zvlastnich cinnosti. "Proper" cestou ich ide vraj len 20%, inak sa to obchadza
stylom (bez sudneho povolenia samozrejme):
 a) cajt dojde a vyskusa ci mu to nedaju
 b) cajt otvori svoj law-bypass-cheatsheep a spravi "Zakon o policii" bypass,
kde bude tvrdit ze sa trebars jedna o pohresovaneho a ze mu to musis vydat.

Skuste sa plz popytat aj kamosov, velki operatori by sa tiez hodili, ale tych by
bolo treba najskor asi zosocialengineerovat (trebars O2 a iny velki ISP na to
budu najskor srat, na nich plati mozno tak "kolonizacna metoda" oblubena
Francuzmi - kombinacia "sweet talk and gunpoint").

Kontakt na seba/ISP poslite plz na voboril zavinac iure.org (a pripadne aj mna
do kopie).

*END OF TL;DR*

<captain_obvious_hat_on>
Je jasne, ze ziadnu vacsiu objasnenost to neprinese - na Vinara Ratha nic take
nebolo treba, stejne ako data retention data nepomohli chytit toho vysinuteho
strelca v Toulouse, FR. Paradoxne s data retention vypnutou v CR bola vyssia
objasnenost. Ak chcu niekoho sledovat, nech si zozenu sudny prikaz.
</captain_obvious_hat_off>

Bohuzial pred par dnami presla data retention v Rumunsku:
http://edri.org/edrigram/number10.10/romanian-parliament-adopts-data-retention-law-again

Nemci a Rakusaci sa brania.

Paradoxom na tom celom je, ze European Court of Justice chce data retention
zrusit, ale je to este trocha zamotane. Tuto odpoved som dostal od jednej
nemeckej NGO co sa tym zaobera:

> As to your first question, this is how we argue that there is no obligation
> to transpose the data retention directive:
> 
> a) Article 8 ECHR prohibits Germany to transpose that directive. As the 
> Constitutional Rourt of Romania has found, blanket communications data 
> retention violates Article 8 ECHR. The ECHR is just as binding on Member 
> States as EU law. As the EU respects the ECHR there can be no obligation to
> transpose secondary EU law that violates the ECHR.
> 
> b) The data retention directive will soon be annulled by the ECJ. The Irish
> High Court is to refer to the ECJ the question of whether the data 
> retention directive is in line with the EU Charta on Fundamental Rights. It
> is entirely disproportionate to require blanket communications data 
> throughout the EU merely on the basis of preventing market distortion 
> (Article 114 TFEU).
> 
> c) In the meantime Member States can request under Article 114 (4) TFEU to
> be exempted from having to implement the directive, in order to maintaining
> a higher level of protection of fundamental rights than the EU does. If the
> Commission refuses, the Member State should take the matter to the ECJ.
> 
> As to the situation in Germany, the liberal coalition partner is so far 
> resisting pressure to implement the directive. It is proposing though to 
> retain Internet connection data (dynamic IP addresses) for a period of 7 
> days.

Na to rozhodnutie ECJ sa caka, ale tazko povedat kedy bude.

Srandovne je, ze data retention sa neprebera na MVCR, ale na MPO, neziskovky
schvalne vylucili (ani apely ISP ze ich tam chcu mat nepomohli). Podivna
paralela s tajnostou ACTA a jej schvalovanie vyborom pre zemedelstvi a rybolov
je urcite nahodna.

V prvom z obnovenych navrhov vyhlasky co sa bude skladovat po novom (neni to
verejne, asi aby im poddani neprotestovali):
- - z netovych dat malo zmensit uchovavanie na tuple (srcMAC, srcIP, srcPort,
start_time, end_time, mozno length) - MAC je z vnutornej strany NATu, aby
mohli najst ludi za NATom
- - aj "zmiernena varianta" znamena, ze cajti si musia akurat naklusat pre
access logy a dat dokopy podla toho zaznamy - sparovat podla casu a velkosti
srcIP a dstIP (co neni moc tazke).

Ale vraj to orezanie dstIP a dstPort sa naposledy uz cajtom nepaci a chcu to
naspat.

BTW ked si myslia, ze uchovavanie data retention dat je tak bezproblemove a
netreba vobec hladiet na to, kto k nim pristupuje (prax doteraz), tak nech
daju volny pristup mne a dalsim neziskovkam. Nezneuzijem! Cestne pionerske!
Mozno najdeme dalsich vinarov :-)

OM
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iQEcBAEBAgAGBQJPyhDDAAoJEAy6xNgMZCEgxu8H/04Z0860CZvUPiCzs029jHa4
9t4lrqPwy6GReDegvJrN0AoRRNFHudWiDNqPyM+38O85w8L5PX8pxLSwYnxYt+1e
i+Hq8p4wi0NCDXGEgv5vmcJh+fG9as7ZcsGMXEUZiPxUI0brWIeuJITBZ6/FUk3B
0ieIYCRaPkXNAbkjPUdLpow7GIBisMqta6XZdXyurtL+yYimhfLHPi2DStVcTmvB
5PkcXar7VO2tBCtZEQXJo6DzXdo6+w07fNFvze1Ng8cOfw3+6R0f47scWB2fBIK/
ATpcswJHGnjnzYL6l5Vac9c0tDUy9JJGNeT4Ej6q+jivhiT54tJNhtHrV9Lehm4=
=sFPO
-----END PGP SIGNATURE-----



More information about the Brmlab mailing list