North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Fed Bill Would Restrict Web Server Logs

  • From: Suresh Ramasubramanian
  • Date: Tue Feb 14 10:00:55 2006
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=XC06TlKfFPZ+Eyx/V1eOEDD48R/KJxKkDpFvNj9mEWYjvbEAy29RgAoySo8iA40PdyhgtaAEuLOKIv9nEFrdQyDV3dz01GZvP0cDYRIb1exMmUGJaIVGrSJ2Vd+auNgDuQarh3LGrLLsnSDa4R7ekVG5XyMGLD5PxvTDSp3moVk=
On 2/14/06, Jon R. Kibler <[email protected]> wrote:

> > "A bill just announced in Congress would require every Web site operator
> > to delete information about visitors, including e-mail addresses, if the
> > data is no longer required for a "legitimate" business purpose.

> Original posting from Declan McCullagh's PoliTech mailing list. Thought

"When no longer required for business purposes"

Your syslog's logrotate function does that for you already, for all
reasonable purposes .. blows away logs that are say a week old.

Email addresses etc - I guess that's cookie data etc.  Or any other
data that you gather but dont state a purpose for .. if you gather
data saying you want to market to them, fine.  If you gather data like
that as part of a profile on a blog, fine.  No hassles that I can see
there.

This kind of checks privacy violations / abuse that goes on when data
is collected without your knowledge, or used for purposes you didnt
intend it to be used for but didnt read fine print, or the people
collecting your data dont care about reselling it to others.

--
Suresh Ramasubramanian ([email protected])