lambda 8.04
June 7, 2002
logs in custody
The complete list of logs required to
be retained. Europol Document
Paris, 7 June 2002 (Lambda Bulletin, 8.04). -- Marco Cappato, Italian MEP from the Radical party (Lista Bonino) and former EP rapporteur on privacy in electronic communications, has tabled this week an oral question to the Council on the issue of data retention. His party published a confidential Europol document revealing that experts from law enforcement agencies have met in the Europol headquarters in closed session to talk about a common EU law enforcement viewpoint on data retention and on a questionnaire on data retention.
"In the meantime", Cappato wrote, "the Council appears to be drafting a framework decision to introduce common data retention measures. Did the Council participate to the above mentioned meeting? What is the outcome of this meeting, and notably on the questionnaire and on the common viewpoint on data retention? What are the aims of the "expert meeting on cybercrime"? Do they work in the framework of Europol or of the Council? Is the Council working on EU framework decision on common data retention measures? Is the Council working on other measures concerning citizens' privacy?"
10 keys for blanket telecom surveillance
>> Original release PDF format (Source: Italian Radical Party)
Expert meeting on cyber crime: Data retention
Date 11 April 2002 10h00 - 17:00
Europol Building, Raamweg 47, The Hague
Chair: Europol (to be decided)
DRAFT AGENDA
Closed session: discusion amongst experts from Law Enforcement
(...)
3. Data retention:
- presentation regarding outcome of the questionnaire (Nicole. D. Europol)
- proposal for common European Union law enforcement viewpoint (Experts to comment and agree to proposal when appropriate) 4. Creationg a common and standard template for asking information of ISP/telephone companies
(Experts to comment and agree to proposal when appropriate)
>>G8 document, (Mont-Tremblant, Canada, May
12-13, 2002)
>>blue: mentions taken from the
Europol document (Den Haag, April 11, 2002)
(1) Network Access Systems (NAS)
Minimum list:
-access logs specific to authentication and authorization servers such asTACAS+ or RADIUS (Remote Authentication Dial in User Service) used to control access to IP routers or network access servers
-date and time of connection of client to server
-userid
-assigned IP address
-NAS IP address
-number of bytes transmitted and received
-Caller Line Identification (CLI).
Optional list:
- Users's credit card number / bank account for subscription payment
(2) E-mail servers
Minimum list:
-SMTP (Simple Mail Transfer Protocol) log date and time of connection of client to server
-IP address of sending computer
-ID Message (msgid)
-sender (login@domain)
-receiver (login@domain)
-status indicator
-POP (Post Office Protocol) log or IMAP (Internet Message Access Protocol) log
-date and time of connection of client to server
-IP address of client connected to server
-userid
-In some cases identifying information of E-mail retrieved
(3) File upload and download servers
-FTP (File Transfer Protocol) log
-date and time of connection of client to server
-IP source address
-userid
-path and filename of data object uploaded or downloaded
(4) Web servers
-HTTP (HyperText Transfer Protocol) log date and time of connection of client to server
-IP source address operation (i.e., GET command)
-path of the operation (to retrieve html page or image file)
Optional list:
-"last visited page"
-response codes
(5) Usenet
-NNTP (Network News Transfer Protocol) log
-date and time of connection of client to server
-protocol process ID (nnrpd[NNNN])
-hostname (DNS name of assigned dynamic IP address)
-basic client activity (no content)
-posted message ID
(6) Internet Relay Chat
-IRC log
-date and time of connection of client to server
-duration of session
-nickname used during IRC connection
-hostname and/or IP address
Optional list:
-Copy of the contract
-Bank account / credit card for the payment
[>> Europol document only]
7. Data that must be retained by telephone companies for fixed numbers' users
A. Minimum list
-Called number even if the call was not successful
-Calling number even if the call was not successful
-Date and time of the star and the end of the communication
-Type of communication (incomoing, outgoing, link though, conference)
-In case of conference calls or call to link through services, all intermediiate numbers
-Information both on the subscriber and on the user (name, date of birth, adress)
-Adress where the bill is sent
-Both dates (starting and ending) from when the subscription has been signed and dismissed
-Type of connection the user has (normal, ISDN, ADSL etc., and whether it is for in-out calls or for incoming only)
-The forwarded called number
-The time span of the call
-Bank account number/other means of payment (bold in text)
B. Optionnal list
-Copy of the contract
-For a better investigatigve purpose Telcos should be able to know the nature of the telecommunication: voice/modem/fax etc. (bold in text)
8. Data that must be retained by telephone companies for mobile / satelite numbers' users
A. Minimum list
-Called number even if the call was not successful
-Calling number even if the call was not successful
-Date and time of the star and the end of the communication
-Type of communication (incomoing, outgoing, link though, conference)
-In case of conference calls or call to link through services, all intermediiate numbers
-IMSI and IMEI numbers
-Adress where the bil is sent
-Both dates (starting and ending) from when the subscription has been signed and dismissed
-The identification of the end user device
-The identification and geographical location of the cells that were used to link the end users (caller, called user) to the telecommunication network
-Geographical location (coordinates of the mobile satellte groiund stattion
-WAP services
-SMS services (date and time incoming / outgoing and telephone number)
-GPRS service
-For conference calls or call to link through services, all intermediiate numbers
-The forwarded called number
-The time span of the call
-Bank account number/other means of payment
-As GPRS and UMTS work on internet base, thus al the data above mentioned (as IP adress) should be preserved. (bold in text)
B. Optionnal list
-Copy of the contract
-For a better investigative purpose Telcos should be able to know the nature of the telecommunication: voice/modem/fax etc. (bold in text)
9. Number formats
All telephone numbers (for both ISPs and telephone companies) should be composed by:
-Country number
-Area number
-Subscribers number
-All information in ASCII code with tab separators and carriage return
-As some services allow users to connect to a foreigner ISP through the use of a national toll free number, thus the structure of this number is required. (bold in text)
10. Time synchronisation
Telecommunications operators, internet service providers and internet access providers have to synchronise their services with a time server of their countries with the specification of GMT. (bold in text)
RESSOURCES
+ Europol: Original PDF version: http://www.radicalparty.org/europol/europol.pdf
+ G8 / Public release after the May 13-14 meeting:
http://www.g8j-i.ca/english/chair.html
+ G8 / "Principles on the Availability of Data Essential to Protecting Public Safety"
http://www.g8j-i.ca/english/doc3.html
+ G8 / "Recommendations for Tracing Networked Communications "
http://www.g8j-i.ca/english/doc2.html
©left bulletin lambda
June 2002
Contact
I home I abonnement