ISPs can and often do keep records and logs of their customers’ use of their
systems. How detailed those logs might be, as well as how long they’re kept, is
anyone’s guess. The ISPs and other service providers that can keep logs don’t
make public what is logged or for how long.
In this video from an Ask Leo! webinar ,
I’ll discuss ISP and website logging and what you should assume about
both.
]]>
Transcript
‘How long do companies like Earthlink keep track of the websites you’ve been on? Or is there a certain amount of time before they get rid of that data to make way for new data? Or do they just keep it all?’
You know, there’s actually no way to answer this. There is, two things, one, there is certainly no standard; there’s no accepted common practice that says, we, the random ISP, we all keep data for this long and then we do ‘x’ with it.
In reality, the answer varies dramatically from ISP to ISP and from web service to web service. And by that I mean, sites like, let’s say Ask Leo!.
There’s a log that shows what pages were accessed and by what IP address. I keep that as long as it’s convenient, which will vary depending on how much hard disk space I have on my server and potentially just how I’m feeling that day. It’s also changed when I’ve moved servers because the base software that’s installed automatically cleans up the logs and purges things on a schedule that, to be honest, I couldn’t tell you what it is.
Some websites keep them for years; some don’t keep any at all others keep them for a day.
There is legislation afoot at the national level in the United States to require ISPs and service providers to keep data for a specific amount of time; I believe that amount of time is two years. But, as you might imagine, it’s fairly controversial legislation and it may not pass or it may not pass without some major modifications.
So the short answer is: ‘I don’t know; nobody does.’ Companies don’t make that information public, but if you are concerned about what’s being kept, then you might want to…these are actually some the answers that started this webinar like talking about things like anonymization and the like.
I used to work at a small dial up ISP. We didn’t keep any logs of our customer’s IP addresses, the hardware, a Lucent Max 6000 if you want to know, didn’t do it automatically and we truly didn’t care.
Our home page did, for a while, keep the IP addresses of people who made comments but after a comment got into court we disabled that because it was easier to just say that we didn’t keep a record than fight it out.
There is a rumor floating around the internet that AT&T has a shunt off one of their main hubs in the west that copies every IP address that goes anywhere in the US and that the FBI has access to it. I’d hate to be responsible for keeping up those logs.
Its not a rumor, the NSA has “shunts” off of all of the distribution lines on the East and West coast so they can review any internet traffic in the US at will. Came with the wonderful Patriot Act. Started with only international traffic but it includes traffic only within the US as well now.
I’m afraid it has happened in Canada already; the draconian legislation has been passed by our Conservative dominated legislature. ANY communications provider: be they ISP, phone company or whatever, MUST keep records of all usage and make that information available, without warrant, on the say-so of any “law enforcement agency”. And they aren’t even allowed to tell their customers that their privacy has been breached.
Futhermore, the CSPs (Communications Service Providers) have to install and maintain equipment and solutions that would allow warrantless “interception” of ANY communication and monitoring of anybody’s communications at any time. They claim that it’s all in the interest of battling child pornogaphy. Oh yes, and battling terrorism.
At least, that’s what they are claiming now, after some spin-doctor decided to make it sound like they are doing it for our benefit. That it would be acceptable that yet again, more of our freedom and privacy was being sacrificed on the alter of totalitarianism.
Have you noticed that some pretty outrageous things get stuffed down our throat “for the good of the children”? And, of course, the “you have nothing to fear if you do nothing wrong” crowd is lapping it up.
“… and there was no one left when they came for me.”
Noteworthy is the fact that RIM, operators of the highly private, secure Blackberry email service is headquartered in Canada. Is there a component of this to appease the Saudi Arabians who recently demanded that Blackberry open up their system so that they could snoop on people’s private commuinications?
@Spaceman
This has not been passed in Canada and has in fact been passed back to committe for review due to the negative public and privacy commissioner feedback. You should follow the news more closely instead of preaching falsehoods.
So, Leo has (apparently) been asked:
“What information about you do ISP’s keep, and how long do they keep it?”:
Well now, I’m afraid that the only truly safe answer to that question can only be:
"Everything, & Forever."
Have fun, folks. :(