Timothy C. May said:
However, there are certain things my phone company does *not* do. They don't keep _copies_ (recordings) of my phone conversations. This means a court order can't yield copies of past conversations. They also don't track incoming phone calls to me. (I don't believe such records of incoming phone calls are kept; maybe I'm wrong. Certainly with Caller ID, storing incoming phone numbers is possible....I just don't think local or regional phone companies care about such records, and hence don't bother to accumulate them.)
I had heard through the grapevine about a year ago that US West (the local Phone Monopoly) was required to turn over a list of all phones that called a certain local number. I don't recall what the details, but it implies that records of calls (from, to, possibly duration) are kept at least for a time.
Something ISPs could do--and may do if there is sufficient customer pressure--is to adopt a policy of "forward secrecy" (to slightly abuse this technical term). That is, to have an explicit policy--implemented in the software--of _really_ deleting the back messages once a customer downloads them to his site. This means that _backups_ must be done in a careful manner, such that even the backup tapes or disks are affected by a removal.
Interesting thought, but it fails when it gets to my scale. It would be trivial to exclude a file or set of files from normal backup, but it would be problematic to exclude files from filesystem dumps, etc. The scale I deal with (40,000 users, 12gb of /home directory files and about the same in the mail spool) would make it almost impossible to provide this service with accuracy to my users.
But if no logs and backup tapes of mail are kept, at least the job of gaining access to communications is made more difficult.
I've been concerned about system logging on remailers, and what kind of traffic details they could leave. If a remailer operator doesn't control the machine that the remailer runs on, there can be no guarantee that traffic information is unavailable to someone with a warrant or a gun. It wouldn't be to much of a stretch to imagine a coordinated raid of all remailers, to "capture a terrorist ring" or some other likely excuse. -- Kevin L. Prigge | Some mornings, it's just not worth Systems Software Programmer | chewing through the leather straps. Internet Enterprise - OIT | - Emo Phillips University of Minnesota |