LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Security quotes of the week

Security quotes of the week

Posted Aug 4, 2012 18:53 UTC (Sat) by Kwi (subscriber, #59584)
In reply to: Security quotes of the week by dps
Parent article: Security quotes of the week

I'm surprised this isn't common knowledge in tech-circles yet.

Under the EU Data Retention Directive (2006/24/EC), all EU telecommunication providers must log the time, place, sender and receiver of every communication for every customer, for a period of at least six months.

The usual interpretation of "every communication" is "every text message, every phone call, every e-mail sent via SMTP, and every IP packet", though the IP logging is sometimes reduced to e.g. every TCP stream or every 500 IP packets, due to the massive amount of log data otherwise produced.

Information logged includes name and address of the subscriber, any internal user ID, phone number, IMEI (handset) and IMSI (SIM) numbers, cell tower ID and geographical location, IP address and email address, as applicable.

According to Wikipedia, only Sweden has not yet implemented the directive (apparently sticking to NSA-style secret network edge-surveillance for now), while the directive has been found unconstitutional in Romania, Germany and the Czech Republic. All other EU countries implement the directive.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds