

Swedish ISP deletes all retained customer data in wake of EU court ruling - nimbs
http://www.pcworld.com/article/2142240/swedish-isp-deletes-all-retained-customer-data-in-wake-of-eu-court-ruling.html

======
belorn
Its a strange world where governments in EU collectively decide to infringe
basic human rights, and then have to deal with being told that they did it. I
am thus happy that PTS recognize the absurdity, and allow ISPs to stop now
rather than later.

~~~
jlgaddis
Here in the U.S., we don't have rules that require ISPs to retain such data,
yet many ISPs (especially the largest ones) happily do so for months or years.

One of the first things I did shortly after going to work for an ISP was to
create a formal retention policy. We certainly don't "record" user traffic
(with the exception of a tcpdump if I'm troubleshooting, for example) anyways,
but nearly nothing is kept for more than seven days. I wish more ISPs operated
this way.

~~~
kbenson
I know of other ISPs that do the same. It's interesting because prior to the
DMCA it was all about getting more log space to help with diagnostics and
troubleshooting, or running interesting stats. Now that it's fairly common for
requests of dubious legal quality to be made for user information, it's really
the jobs of any reputable ISP to protect their customers by limiting retention
of this information.

------
reubenmorais
Cached version at
[http://webcache.googleusercontent.com/search?q=cache:https:/...](http://webcache.googleusercontent.com/search?q=cache:https://www.pcworld.com/article/2142240/swedish-
isp-deletes-all-retained-customer-data-in-wake-of-eu-court-
ruling.html&ie=utf-8&oe=utf-8&rls=org.mozilla:en-US:unofficial&client=firefox-
nightly&channel=sb&gws_rd=cr&ei=2hZHU-vhDcTj0QHM44CQDw)

This makes me think of Brazil's "Marco Civil da Internet", which is on its way
to the senate and if approved without changes will require ISPs to retain
customer data for up to 12 months. Hopefully this EU Supreme Court decision
will influence the removal of that requirement from the draft before it
passes.

~~~
Zirro
In case the reason you link to the cached version is because you can't access
the site, the issue might be the HTTPS-Everywhere addon. I had to disable the
"PC World"-entry a few days ago to access their articles.

------
kzrdude
It's election year in Sweden. We can hope that integrity issues get a tiny bit
of exposure.

~~~
marlin
I'm not seeing how these questions are relevant to very many swedes right now,
with regard to ongoing world-wide & european political development.

We seem to have the same confused politics in Sweden as usual. Womens rights &
equality is important and seeing some progress locally, while from a more
global perspective we can actually expect this trend to go backwards.

A substainable economy is left to the "industry", and the government are
selling out the last parts of the welfare.

We have a strong right-wing movement in Sweden now, which we didnt have since
the early 90's. A movement whose european cooperatives are open fascists.

One of our negihbour counties are being invaded by Russia.

Sweden is in bed with USA and the UK with regards to signal spying
([https://en.wikipedia.org/wiki/National_Defence_Radio_Establi...](https://en.wikipedia.org/wiki/National_Defence_Radio_Establishment_\(Sweden\))
which puts Sweden in quite a bad spot against Russia. Russian cables go
through Sweden and wiretapping of these cables is what the FRA are supplying
to NSA / GCHQ. This is not even discussed in the Swedish media.

And still, you believe the Pirate Party's ideas are relevant for this year's
election?

~~~
kzrdude
I'm only going to vote Pirate Party for the European Parliament, not the
Riksdag election.

I didn't say PP was relevant for the Riksdag election. But I do hope that
their issues get exposure. I didn't say I hope their issues are the only
issues discussed.

Don't tell me that you think the issues around FRA and DLD are irrelevant.

------
Zirro
The PTS Authority (mentioned in the article) has announced that it will not
take any action against ISPs who decide not to retain data at this time.

------
callesgg
Nice to hear that not everything is going "minority report".

However for ISP's that already has this implemented it will probably take more
job to remove it instead of just letting it be as is.

~~~
Zirro
Sweden was among the last EU nations to make the retention a national law, and
from what I have read most ISPs are still in the process of
developing/negotiating a long-term solution for storing the data. Since they
were to pay the entire cost themselves, this should save them quite a lot of
money. Especially if you were prepared to believe their estimated
implementations costs of one billion SEK.

------
eurleif
There are two types of data here: traffic data, and data used to identify a
customer given their IP address. The former seems obviously excessive to me.
However, identifying customers from their IPs is pretty much only useful when
there's a specific crime being investigated, which greatly reduces the
potential for abuse. I think it's worth discussing the privacy implications of
these two types of data separately.

I run a chat Web site. On multiple occasions, my moderation team has found
people raping children live on webcam and reported them. People have been
arrested, and children have been saved from abuse. That was only possible
because they could be tracked down via their IP address. This isn't a
hypothetical "think of the children" argument; it's something that has
actually happened, multiple times, in the course of running my site.

~~~
mschuster91
For this, one could introduce a "quick freeze" scheme: providers don't store
anything (or, if needed for billing etc., delete after 7 days).

Only if police knocks up and tells you "we might need the data from IP address
x.y.z.a in the foreseeable future", you store the requested data on secure
material.

Then, police goes to court and gets a formal warrant for the data, which the
provider then needs to provide the data to the police.

~~~
eurleif
The need is to identify a subscriber given an IP address they used _in the
past_ (to commit a crime). Knowing who is using a dynamic IP address now
doesn't necessarily tell you who was previously using it.

------
heyimwill
My dad is the CEO there. I know they got a lot of shit from the other ISPs in
Sweden behind the scenes for this.

~~~
geon
Care to expand on that? What kind of "shit" what does "this" refer to?

~~~
bigbugbag
"this" obviously means going public public about stopping the storage of data
and deleting existing logs.

"shit" probably means retribution of some kind for exposing them as being part
of the surveillance apparatus and not caring enough for privacy.

