Law enforcement and data retention in the light of an anonymisation services

Warning

This publication doesn't include Institute of Computer Science. It includes Faculty of Informatics. Official publication website can be found on muni.cz.
Authors

KÖPSELL Stefan ŠVENDA Petr

Year of publication 2011
Type Article in Periodical
Magazine / Source Masaryk University Journal of Law and Technology
MU Faculty or unit

Faculty of Informatics

Citation
Web http://mujlt.law.muni.cz/storage/1327961485_sb_12-kopsell_svenda.pdf
Field Informatics
Keywords secure logging; anonymity service; data retention
Description The recently introduced legislation on data retention to aid prosecuting cyber-related crime in Europe also affects the achievable security of systems for anonymous communication on the Internet. We have analysed the newly arising risks associated with the process of accessing and storage of the retained data and propose a secure logging system, which utilizes cryptographic smart cards, trusted timestamping servers and distributed storage. A practical implementation of the proposed scheme was performed for the AN.ON anonymity service, but the scheme can be used for other services affected by data retention legislation. We also discuss the practical experience from process of response to legal authorities’ requests both before and after the data retention directive was implemented. Moreover we give a general description of the legal obligations and the information about usefulness of the retained data is also provided. Derived from these obligations we give arguments reflecting challenges and obstacles for a secure and privacy respecting implementation of data retention.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info