23,000 IP addresses

Steven Bellovin smb at cs.columbia.edu
Tue May 10 19:44:31 UTC 2011

On May 10, 2011, at 3:02 33PM, Owen DeLong wrote:

> On May 10, 2011, at 11:49 AM, Michael Holstein wrote:
>>> In the EU you have Directive 2006/24/EC:
>> But I'm not, and neither are most of the ISPs in the linked document.
>> Regards,
>> Michael Holstein
>> Information Security Administrator
>> Cleveland State University
> In the US, I believe that CALEA requires you to have those records for 7 years.
Source, please -- I've never heard of this, nor can I find anything like it
at askcalea.com.  All I've found is that you have to keep records of 
*interceptions*.  I've also seen numerous news stories about how the FBI
wants that to be added to the law, thus implying that it isn't there now.
See, for example, http://news.cnet.com/8301-13578_3-10448060-38.html

		--Steve Bellovin, https://www.cs.columbia.edu/~smb

More information about the NANOG mailing list