On Mon, Jan 14, 2008 at 07:51:58AM -0800, TS Glassey wrote:
What are the retention requirements here Ray and what are the availability
requirements per the Stored Communications Act is the US and has this
transition ever been scoped out against these constraints? or is it the
IETF's intent to ignore US Law again?
Todd,
If there is something you think that needs to be done to be in
compliance for some particular US Law, it would be helpful if you
stated exactly what it is you think needs to be done and reference the
specific US Code, Section, and Subsection in question.
The Stored Communication Act (Title 18, Part 1, Chapter 121, Section
2701) seems to only apply to ISP's providing IMAP/POP e-mail service
to the public (i.e., any paying user who is a customer), and so it's
not at all clear it even applies to the IETF, since the IETF isn't in
that business. Furthermore, the only record retention requirements
that I can find only seems to apply if a government entity makes a
request of the ISP for up to 90 days pending the issuance of a court
order, so even if it *did* apply, there doesn't seem to be anything
the secretariat needs to do.
Presumably the IETF Secretariat will contact its legal resources
whenever there is some situation (possible lawsuit, request by a
government entity) where data retention may be required. In any case,
I and (as far as I know) Todd are not lawyers, so none of this
constitutes legal advice.
- Ted
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf