About 5yr. log retention

[John Young]

Here's the source for the data preservation requirement:


http://www.usdoj.gov/criminal/cybercrime/COEFAQs.htm

Preservation is not a new idea; it has been the law in 
the United States for nearly five years.  18 U.S.C. 2703(f) 
requires an electronic communications service provider to 
"take all necessary steps to preserve records and other 
evidence in its possession pending the issuance of a court 
order or other process" upon "the request of a governmental 
entity."  This applies in practice only to reasonably small 
amounts of specified data identified as relevant to a 
particular case where the service provider already has 
control over that data.  Similarly, as with traditional
subpoena powers, issuance of an order to an individual or 
corporation to produce specified data during the course of 
an investigation carries with it an obligation not to delete 
or destroy information falling within the scope of that 
order when that information is in the persons possession or 
control. 

-----

>From the US Code via GPO Access:


http://www.access.gpo.gov/su_docs/aces/aaces002.html

18 USC 2703(f)

(f) Requirement To Preserve Evidence.--
   (1) In general.--A provider of wire or electronic 
communication services or a remote computing service, upon 
the request of a governmental entity, shall take all necessary 
steps to preserve records and other evidence in its possession 
pending the issuance of a court order or other process.
    (2) Period of retention.--Records referred to in paragraph
(1) shall be retained for a period of 90 days, which shall be 
extended for an additional 90-day period upon a renewed request 
by the governmental entity.

-----