On Fri, 10 Apr 2009, Roland Dobbins wrote:
IANAL, but I suggest you check again with your legal department - I doubt this is actually the case (your jurisdiction may vary, but in most Western nations, you can grab packets for diagnostic/ troubleshooting/forensics purposes).
Already did check... we can't grab packets except in response to judicial order or specific abuse case with a valid ID of the end-user, or of course for general technical diagnostics -- if for diagnostics, we cannot use such collected data in the context of only a suspicion of abuse at all as it would constitute an infringement on the individual's privacy. So in short, we can do it REACTIVELY in response to a complaint.. but if we do it PROACTIVELY, then it cannot be used and is of "educational" value only (with caveats surrounding confidentiality, non-disclosure, and destruction,, etc.)
So all we can do in the the absence of a specific complaint
But you said you *had* specific complaints, did you not?
yes.. *specific* and action was taken on those *specific* cases... (didn't actually have to grab traffic though...) L.