True necessity of Records? [was: CryptoSeal]
grarpamp
grarpamp@gmail.com
Tue Oct 22 22:21:23 PDT 2013
On Mon, Oct 21, 2013 at 10:49 PM, Jim Bell <jamesdbell8@yahoo.com> wrote:
> My (Bell's) comments follow:
> A phone company which announces that it WILL NOT record phone metadata
Would get my business.
Of course many such policies are full of holes and drift anyway.
> Why not x-out the last 3-4-7 digits...
There's no reason to hold CDR's more than the last fully paid billing
cycle, and, yes, further limited by the type of calling plan you have.
And if you believe ''exigency' is some last remaining reason to hold
them, try calling in a gunfight to 911 and see how long it takes for
them to come scrape up your already dead bits. Same for 'threats',
unless you're prepared to hire people to keep watch.
No more than a week would be necessary, 30 days if you're slow
to make the call.
> and that phone
> company was beholden to the government rather than any individual customer,
> now phone companies have a legitimate motivation to compete on the issue of
> metadata privacy.
Of course instead of fighting back and just dropping their records which
they could do tomorrow (to the extent there is no affirmative law that
requires keeping), all we see are these big co's 'begging' the gov if they
can publish subpoena statistics. Bunch of sheep and fishy practices.
Also try to match up recent whitepapers listing retention/LEA periods
of major telecoms with the decade or more worth of CDR's these
co's/gov seem to have. Someone's lying, or has been feeding to
the secret bigdata pools all along, or both.
What's the big payoff for keeping (against the cost of keeping)?
Favorable regulations? Some order of magnitude more business or
debugging insight beyond rollover to aggregating in RRDB?
And Instead of what negatives for not keeping in absence of
such laws?
Any independent audits yet of some of these VPN's, services, etc
that say they don't keep records that indeed do confirm no records
practice as of the audit?
[Substitute herein any type of record about you as appropriate.]
More information about the cypherpunks
mailing list