Re: [dns-privacy] [Australia] Data retention and DNS

Terry Manderson <terry.manderson@icann.org> Wed, 02 September 2015 13:58 UTC

Return-Path: <terry.manderson@icann.org>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 986071B3A20 for <dns-privacy@ietfa.amsl.com>; Wed, 2 Sep 2015 06:58:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.031
X-Spam-Level:
X-Spam-Status: No, score=-2.031 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, RCVD_IN_DNSWL_MED=-2.3, SPF_NEUTRAL=0.779, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 06zYXviXskVK for <dns-privacy@ietfa.amsl.com>; Wed, 2 Sep 2015 06:58:05 -0700 (PDT)
Received: from out.west.pexch112.icann.org (pfe112-ca-1.pexch112.icann.org [64.78.40.7]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 228891B3838 for <dns-privacy@ietf.org>; Wed, 2 Sep 2015 06:58:05 -0700 (PDT)
Received: from PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) by PMBX112-W1-CA-2.pexch112.icann.org (64.78.40.23) with Microsoft SMTP Server (TLS) id 15.0.1044.25; Wed, 2 Sep 2015 06:58:03 -0700
Received: from PMBX112-W1-CA-1.pexch112.icann.org ([64.78.40.21]) by PMBX112-W1-CA-1.PEXCH112.ICANN.ORG ([64.78.40.21]) with mapi id 15.00.1044.021; Wed, 2 Sep 2015 06:58:02 -0700
From: Terry Manderson <terry.manderson@icann.org>
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Thread-Topic: [dns-privacy] [Australia] Data retention and DNS
Thread-Index: AQHQ5ItksywtZ/Snk0Swjf1GqSxaaZ4p0m6A
Date: Wed, 2 Sep 2015 13:58:02 +0000
Message-ID: <D20CB9FC.69AF0%terry.manderson@icann.org>
References: <20150901075314.GA26350@nic.fr>
In-Reply-To: <20150901075314.GA26350@nic.fr>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.5.4.150722
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.0.32.234]
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="B_3524052109_237609"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/dns-privacy/1dvd2MVQeixjja6OYQijmESEI0c>
Subject: Re: [dns-privacy] [Australia] Data retention and DNS
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Sep 2015 13:58:07 -0000

Chiming in here, as an operator of a DNS server or two and an Australian
resident. (no other hats)

I have been watching the Data Retention shenanigans for some time, and I
doubt I would be far wrong to say that there really aren't many Australian
networking companies nor professionals who like the idea.

Speaking with more self interest, I am happier with the DNS clarifications
in the FAQ. It at least allows me to continue to operate a DNS server or
two in Australia without having to heavily engage with a legal team and
stacking boxes of paperwork to a ceiling.

Also, it might be worth clarifying that (after having heard from the
Attorney General's Panel at AusNOG last week) that "data retention
obligations for the hosting of the server" essentially means "where is the
server, and when did it start/stop"

One then certainly has to ask oneself, since DNS query history is akin to
browsing history and thus a function of subject data vis-a-vis content
which is said to equal invasion of privacy. What is the point? The
observation has been made that it seems like a lot of work for very little
benefit to the Attorney General's department or anyone else.

Does this ease the concerns of one government's oversight of internet
infrastructure within the DPRIVE remit, probably - but doesn't remove the
underlying premise.

Cheers
Terry

On 1/09/2015 5:53 pm, "dns-privacy on behalf of Stephane Bortzmeyer"
<dns-privacy-bounces@ietf.org on behalf of bortzmeyer@nic.fr> wrote:

>Interesting:
>
>Australian government's "DATA RETENTION Frequently Asked Questions for
>Industry"
><https://www.ag.gov.au/NationalSecurity/DataRetention/Documents/DataRetent
>ionIndustryFAQS.pdf>
>
>Note a new section on the DNS:
>
>8.3. Where I operate a Domain Name System (DNS) server, what data
>retention
>obligations do I have for this service? (NEW)
>*   The operation of the DNS is not a "relevant service", as it does not
>carry communications or
>    enable communications to be carried. While a DNS server is convenient
>to the carriage of
>    communications, it is not so central to the carriage of
>communications that it enables them.
>*   Therefore, the operation of a DNS server does not have data retention
>obligations.
>*   However, where the provider hosts the DNS server, it will have data
>retention obligations for the
>    hosting of the server.
>8.4. Where I offer an internet access service, do I have to retain DNS
>requests from my
>customers? (NEW)
>*   Where a provider offers an internet access service, the internet
>access service provider does not
>    have to keep any DNS information.
>*   The DNS server is a "destination on the internet" and retaining that
>information would reveal
>    browsing history.
>
>_______________________________________________
>dns-privacy mailing list
>dns-privacy@ietf.org
>https://www.ietf.org/mailman/listinfo/dns-privacy