[CTRL] No Logs Network

Tue, 27 May 2003 19:49:39 -0700

-Caveat Lector-
http://www.mondumo.com/nologs/
 
http://www.mondumo.com/nologs/faq.php
 
FREQUENTLY ASKED QUESTIONS

The NO LOGS NETWORK is composed of web sites, web hosting providers and systems administrators who have pledged to a particular web site log retention policy. We recognize that each individual administrator may have their own reasons for doing so. Our own reasons for organizing this program are outlined below:

General Information

Why is log retention an issue?

"The usage logs generated by web servers contain much data that is useful for site owners, but the current default configurations can pose a threat to the privacy of individuals, and may also present a legal risk to corporations. Specifically, the IP addresses collected by web servers are becoming increasingly easy to associate with the identity of particular individuals."
-- from the announcement of the Usage Log Data Management Working Group at CFP2003

Our own stand on minimizing log retention (and starting this network) rests on two particular ideas:

  1. That no true freedom of speech exists without the freedom of speaking anonymously. In particular, speech that is politically volatile, ideas that are politically unpopular, and information that is upsetting to some leads aggrieved parties to identify and attack the speaker. The right to anonymous speech has a long and colorful history in democratic societies, in particular the United States of America. There is no reason why this right should not extend to users of the Internet.

  2. That no true freedom of information exists without anonymous access to information. We do not recognize or accept the idea of thought crime - what you read, and what you think, are your business.

Nevertheless, we understand that individual network members (see directory for current list) can have many reasons for implementing their own log retention policy. Their membership in this network should in no way imply their acceptance of or agreement with our own reasoning. Please consult with each member web site individually for their policies and goals regarding their membership here.

Quite a few resources are emerging for those interested in this subject. Some are listed below - for others, we recommend that you consult the Resources category of the no://log.

The default practice of long-term log retention gives those who would tread on those rights an easy tool for identifying and harrassing individuals. Even with respect to non-political speech and the dissemination of information, however harmless, there are those who consistently tread on individual privacy. Tyrannical governments and overzealous marketers are the first that come to mind. We're sure there are others. We seek to educate systems administrators and the public alike, about the dangers this practice poses to individual freedom and privacy.

A must-read: EPIC's Data Retention information page.

What about web site operators' property rights, malicious users, or the need to identify users for the purpose of defense?

We fully recognize web site operators' right to defend their property, ISP's right to defend their hardware and networks, and so on. But identifying and dealing with one particular IP address or group of IP addresses is in no way related to long-term retention of those addresses. In most cases during an attack, even a few minutes later, the logging of an IP address is no longer useful. Scripting and the http protocol itself gives an operator easy access to a visitor's IP address as it is - certainly defensive measures can be put in place that identify a particular visitor without long-term storage of all visitors' data.

What about my statistics reports? I need those!

Great! Run your statistics programs more often, make sure your reports don't contain identifying information of particular users, and then once you've obtained the report, discard the logs!

I'm just a web site visitor. What does this mean for me?

If you've reached this page via a NO LOGS button link, then you know that the administrator of that web site has at least thought about these issues. Ultimately, we cannot guarantee that a web site operator follows the practices they've pledged to follow. We cannot verify their compliance with their pledge. We think their linking to our web site at least signifies that they are aware of these issues.

How do I get involved?

If you're a web site operator or hosting provider, we encourage you to figure out how to stop logging IP addresses, at least, then sign the pledge and get your button!

If you're an end-user or aren't in a position to change logging practices yourself, we recommend you look at our Tools page for a method to e-mail your friends about us. Financial help is also sorely needed, to help defray the costs of maintaining this program - find a Paypal payment box at the bottom of each page.

www.ctrl.org DECLARATION & DISCLAIMER ========== CTRL is a discussion & informational exchange list. Proselytizing propagandic screeds are unwelcomed. Substance—not soap-boxing—please! These are sordid matters and 'conspiracy theory'—with its many half-truths, mis- directions and outright frauds—is used politically by different groups with major and minor effects spread throughout the spectrum of time and thought. That being said, CTRLgives no endorsement to the validity of posts, and always suggests to readers; be wary of what you read. CTRL gives no credence to Holocaust denial and nazi's need not apply.

Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at:

http://www.mail-archive.com/[EMAIL PROTECTED]/ <A HREF="">ctrl</A> ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED]

To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED]

Om

Reply via email to