> Vulture South also notes that legally-mandated logging, such as to comply with local telecommunications data retention laws, isn't covered by the draft.
Wonder how this is going to play not with just data retention laws but legally mandated compliance/records keeping requirements.
For example, I'm pretty sure that patent offices around the world would need to keep logs for at least currently valid patents. They'd need to be able to answer questions like "What was the date, time, and IP address from which patent application XYZ was lodged 15 years ago?" in case of disputes or fraud.
Or "Successful visa applicant XYZ from 9 years ago was incorrectly granted a visa because we have now discovered they were in fact a wanted criminal who managed to hide their identity. We suspect that there is an identity-fraud organisation out there that specialises in hiding criminals true identities and obtains identity documents and visas for these people. So, what IP address(es) did the application for XYZ come from (so they might be able to identify information about this crime ring), and what other applications have we ever received from that same IP address (in case they submitted visas for multiple undetected criminals from the same source), and what other communications of any type have we had from that IP address?"
These requests, while made up using random requirements and organisations, are not too far off the type of requests I have had to fulfill in various positions.
Biting the hand that feeds IT
