Re: [anti-spam-wg] Question about German laws

  • To: Rodney Tillotson <R.Tillotson@localhost
  • From: "Markus Stumpf" maex-antispam@localhost
  • Date: Mon, 13 Nov 2006 14:22:54 +0100
  • Cc: RIPE anti-spam WG anti-spam-wg@localhost
  • Organization: LEO - Link Everything Online, Munich, Germany

On Thu, Nov 09, 2006 at 03:42:15PM +0000, Rodney Tillotson wrote:
> To be quite clear: it is only things to do with money that are the
> special case (accounting, billing)?

IANAL, but IMHO only accounting is allowed. This is explicitely mentioned
in the law.

This data may be saved, but it has to be deleted immediately after the
connection is terminated.
	http://www.datenschutz-bayern.de/recht/tkg.htm#sect96
is IMHO the relevant part.

Part 1 lists which kind of "traffic data" (this is probably not the
totally correct term in English) the provider is allowed to store:
  1. number or identification of the end points including customer
     identification or customer cards.
  2. date and time of start and end of the connection and - if it is
     relevant for accounting - the amount of data transmitted
  3. the kind of service the customer used
  4. the end points of dedicated connections, date and time of start and
     end of the connection and - if it is relevant for accounting - the
     amount of data transmitted
  5. other data that is needed to initialise and keep the connection or
     "traffic data" needed for accounting
Part 2 says:
   Those "traffic data" may only be used if it is needed for the setup
   of other connections or for the purposes of §97-99 (Accounting,
   Itemised Billing, Location Data). Otherwise they have to be edeleted
   immediately after the termination of the connection.

> I would like to think that data kept for purposes such as maintaining
> the performance and integrity of the network, or resolving issues with
> peer networks, could also be considered "necessary". I believe that is
> the present position in the UK.

IMHO using totally anonymized data for that purpose could be ok.
The argument could be:
   you don't need to store src (i.e. customer) IP address and
   identification to analyze number of connections and amount of data
   travelling through mailserver/router/xyz to e.g. border router abc

However this could also be achieved with "real time monitoring" and as
long as the connection is established (and for a short time after)
holding this information is allowed anyway.

> Michael Horn said "no unnecessary personal data" and I do not know
> whether that is the same thing.

IMHO this holds mostly for providers of services and is a minimalistic 
principle. If someone offers a public service he must reduce the data
necessary for using this service to a minimum. Service Provider
XY is not allowed to ask you for the birth dates and names of your
parents and grand parents and to not give you access otherwise, unless
this is absolutely needed to perform the offered services. A fan site
for film star John Doe may not refuse to send you their newsletter if
you don't give them e.g. your name, date of birth and postal address as
the only datum needed to send the newsletter is your email address.

	\Maex