[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Legal aspects of greylisting in Europe

On Sat, 4 Dec 2004 21:20:12 +0100, Christian wrote in message 
<[🔎] 20041204212012.7fbef05a@app109.intern>:

> Hello David
> 
> On 2004-12-04 David Schmitt wrote:
> > Has anyone considered how greylisting should be viewed in the light
> > of european data-protection laws? Especially in Austria it would
> > probably conflict with the requirement to keep connectiondata no
> > longer than required for billing.
> 
> "I am not a lawer", but according to German law, which should be very 
> simillar, I see no problem. "Teledienstedatenschutzgesetz" says rougly
> translated in §6 (Usage Date):
> 1) the provider may collect/use/compute personal data without explicit
>    agreement only in so far as it is neccessary to make the tele
>    services available and billable...
> 6) the provider may store usage data ... at most until the end of the
>    sixth month after sending the bill...
> 
> So I would assume storing the greylist-triple it's neccessary (->1) 
> for greylistd which is part of "the mail server". You need to collect
> the greylist tripels only until the mail has been received for the
> second and final time. 
> Until then it's the same problem as with all those "relay denied" or 
> "xyz@customer-domain.com user unknown" log messages that are all over 
> the log file, which gets rotated away much sooner anyway.
> 
> More problematic could be the fact that you delay the mail, maybe you
> have postal requirements that demands from you to deliver the mail as
> fast as you get it... at least you should tell your customers that
> their mails can be delayed for the price of (currently) much less
> spam.

..in Norway, we have legislation in place to ban spam in good oldfashion
papaer snail mail, so holding mail for greylist, billing, customs (or
law enforcement when so ordered by a court) processing is not only
legal, it is a requirement, and a trivial case law extension anytime a
court rules so on email, as case law here has estabished the close
relationship between paper mail and email.

..in a similar fashion, telephone, fax, cellular etc billing and traffic
logs are required to be available for law enforcement for exactly 
6 months, AFAIR, however, this may be irrelevant as we decided to 
stay Asian, Souvereign and Independent in 1814, 1905, 1940-1945 
and in the EU referendum in 1994, where we said "Ah, thanks, but 
no thanks."  ;-)

-- 
..med vennlig hilsen = with Kind Regards from Arnt... ;-)
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.
Reply to: