I would love to ask the EFF just what you do when you don't log stuff, and then need to troubleshoot someone causing a DDoS or something from your network in a hurry. Not that I'd get any sort of a useful answer from them, beyond random propaganda that spam filtering is evil, DPI is demoniacal etc etc. On Fri, Jan 6, 2012 at 3:54 AM, John Adams <jna@retina.net> wrote:
OSPs cannot be forced to provide data that does not exist. EFF suggests that OSPs draft an internal policy that states that they collect only limited information and do not retain any logs of user activity on their networks for more than a few weeks. If a court order requests data that is more than a few weeks old, the OSP can simply point to the policy and explain that it cannot furnish the requested data. Likewise, if unnecessary PII is regularly deleted, the OSP cannot supply what it does not retain. This saves the OSP time and money, while also providing the OSP with sufficient data for its own administrative and business purposes.
-- Suresh Ramasubramanian (ops.lists@gmail.com)