undefined | Better HN

0 pointse12e12y ago0 comments

This sounds strange, as far as I understand it:

http://www.lovdata.no/ltavd1/filer/sf-20130514-0484.html#1-2 http://www.lovdata.no/ltavd1/filer/sf-20130514-0484.html#2-6

together states that if you provide email services, you are required to store metadata (which is what the Data Retention Directive is all about).

On a side note, if the secret services cooperate to do massive ingress/egress storage of data on the network level (say for 6 months) -- having easily passable meta-data would help turn that massive data dump into useful information (assuming index and organization around ip/date or something similar).

As for being safe from NSA outside of the US (even with an ally) -- that makes no sense. While it is against Norwegian law to hack into Norwegian businesses - the NSA isn't subject to Norwegian laws, their subject to US law. The secret services are explicitly set up to preform illegal actions in foreign territories (which is why the NSA story is about spying on Americans, rather than on spying in general).

0 comments

Kimmono12y ago

If you are a layman, it does. But this quote is very restrictive in the interpretation by Post og Teletilsynet: "Tilbyder av elektronisk kommunikasjonsnett som anvendes til offentlig elektronisk kommunikasjonstjeneste og tilbyder av offentlig elektronisk kommunikasjonstjeneste er lagringspliktig."

What we dont do is offer "Tilbyder av elektronisk kommunikasjonsnett". That means we are outside. Then the rest is not relevant.

We have been in the courts about this and both Kripos (they wanted information) and the judge found that we are outside the scope of this.

e12eOP12y ago

Ok, it wasn't entirely clear to me that you'd been in court over this after the law was enacted. That certainly is good news.

Does indeed sound like the directive is tailor made to make ingress/egress snooping on data useful. The kind of snooping we saw with NSA's "secret rooms". Such illegal wire tapping would fit very well with meta data stored at the ISP level -- and could also explain why anyone not at that level are not required to store meta data (it would be redundant).

j / k navigate · click thread line to collapse