On Tue, May 10, 2011 at 3:38 PM, Michael Holstein < michael.holstein@csuohio.edu> wrote:
http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddresses....
The dates in the timestamps are back in February. We deleted those logs "..in the regular course of business.." a LONG TIME AGO.
If you didn't do that, you really ought to ask yourself why.
Regards,
Michael Holstein Information Security Administrator Cleveland State University
In the EU you have Directive 2006/24/EC: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2006:105:0054:006... Article 6 - Periods of retention Member States shall ensure that the categories of data specified in Article 5 are retained for periods of not less than six months and not more than two years from the date of the communication. Article 5 - Categories of data to be retained 1. Member States shall ensure that the following categories of data are retained under this Directive: (a) data necessary to trace and identify the source of a communication: (...) the name and address of the subscriber or registered user to whom an Internet Protocol (IP) address, user ID or telephone number was allocated at the time of the communication; Each member state creates its own law, according to the directive. In Portugal, you have to retain the data for one year. Best Regards, Luís Marta.