LogBlog

« Lies, Damn Lies & Log Messages Per Second | Main | Telco Rings Up Log Management and Intelligence Platform »

Descending Into Log Policy Hell

Different countries have very different approaches to Log Management. Across Europe policies vary widely as some specify log destruction within short timeframes while others mandate long-term storage. These same pieces of country legislation often conflict with global industry mandates such as PCI and SOX.

Anton points to the latest out of Germany where "The highest appeal court in Germany has decided that T-Online, one of the largest German ISPs has to delete all IP logs to guarantee the privacy of their customers."

"The decision (German) does not mean that T-Online is now obliged to delete all their IP-logs, the customers first need to complain. "

Anton highlights how bizarre this is: "So, lemme understand, the logic is "surf to an illegal website -> complain to an ISP -> have the proof of that removed."

The decision ends with: "After the district court and the regional court, now the federal appeal court decided that T-Online has no right to store the IP-logs without a legal reason."

Enterprises are increasingly subject to multiple compliance mandates and industry regulations. Not all are in sync and as this highlights, not all are particularly logical. What is certain is that navigating log policy is going to increasingly become a nightmare for global enterprises without automated log management and intelligence.

Posted December 05, 2006 in LogMatters | Permalink

TrackBack

TrackBack URL for this entry:
http://www.loglogic.com/mt/mt-tb.cgi/112

Visit loglogic.com

I ♥ Logs

Subscribe to this blog’s feed RSS

November 2007
Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30  
Categories
Archives
Blogroll
Blogroll
Compliance
Good Reading
LogLogic
LogLogic Partners
Sites We Watch