• Law, Policy -- and IT?

    Tracy Mitrano explores the intersection where higher education, the Internet and the world meet (and sometimes collide).


Here Come the Logs…

A period of change.

January 17, 2014

At the passing of the USA Patriot Act in 2001, one of the most frequent questions asked was, "Does this law mean that we have to retain our network flow logs?"  The answer was no.

That answer did not prevent colleges and universities from reviewing network flow log retention operational or institutional policies.  This question internally often led to interesting discussions.  Law-enforcement minded people insisted that we keep the logs in the event that they would ever be needed for an investigation.  On the other side of the political fence, more libertarian minded or privacy observant people insisted that we only keep the logs for as long as we needed for back up precisely to be sure that they could not be used for investigation of individuals.

I know of one library where the director believed it so important not to leave logs lying around that the director requested all logs be destroyed immediately upon use.  Coincidentally, the very day that the policy was to go into affect, the system crashed.  Network administrators discovered that it took 36 days of logs to reboot the system. It was a really handy way to find out what the operational policy should be in order to maintain business continuity while also assuring that the ideological motivations for the policy would be met.

We are on the precipice of change.  When Pres. Obama delivers his speech at 11 o'clock today, Friday, he will punt on the question of log retention.  Clearly he does not want to be in the position of having the government hold onto these records. But he still wants them someplace! The most obvious consequence will be a law or regulation or executive order that will require Internet Service Providers to hold onto logs for some specified amount of time, if not indefinitely.  That way, in the case of investigation, it will be incumbent upon the ISP to turn over the information that it will have been required to collect and maintain.  For those people on the side of the political fence that do not believe that ISPs be in the business of supporting law enforcement, this rule will be a bitter pill to take.  But for Pres. Obama it is a very convenient way to push the Snowdon heat off of the government and to some other place.

In the waning years of the Bush administration, telecoms won proactive immunity for potential claims that they violated the Electronic Communications Privacy Act to comply with government orders for electronic surveillance.  Unquestionably they will want to backtrack to be sure that the immunity applies in this instance.  But there are two more issues that arise if this prognostication takes real shape.  The first is administrative burden. Although electronic storage costs less and less, it is not an insignificant expense.  Tracking the data, archiving the data, preserving the data, retrieving the data upon request, all of these practices require human attention and incur costs.  The question arises: should ISPs be required to assume the expense of the government's electronic surveillance strategies?

The second issue is political. Should ISPs, and higher education ISPs in particular, be in the business of holding onto information that in inappropriate hands could be used against individuals?  A far-fetched fear?  Only those ignorant of history and human nature would assume that.


Be the first to know.
Get our free daily newsletter.


Back to Top