Jump to content
 

PMs and the law

martin_wynne

Recommended Posts

'CHARD

'CHARD

Posted
Posted

<off topic> <mostly>

 

When WE alter our way of lives the terrorist win - let's get this in proportion guys and gals, this strikes me in the same league as those who imagine that the word "nuclear" on eLists means they will be closed down overnight and the owner shot at dawn.

 

<end of head shaking>

 

That word's fine, it's nukular that's the problem.

Link to post
Share on other sites
  • RMweb Gold
Alister_G

Alister_G

Posted
  • RMweb Gold
Posted

Hi Al,

 

Thanks for your reply but it really isn't that simple. An email once sent cannot be easily retrieved or deleted by the sender. PM messages are different, they can be posted, read, and deleted in the space of 30 seconds. Having examined my code and discussed the logs from the database engine with the hosting provider it is clear that the PM metadata details are not retained in any meaningful way.

 

 

Hi Martin,

 

Do you not record in the database when a member has posted, and then deleted a PM? If you do, then that is all the metadata you could ever be required to provide.

 

 

Since it was never my primary intention to provide a private messaging service, it seems daft to provide one in the current climate of uncertainty and I have decided not to continue doing so. I will write a new function for my members to send emails to each other without knowing email addresses, with no means to recall or delete, and keep a limited record of the metadata in a new table.

This is of course your decision, but please don't feel that you need to do that to avoid the consequences of proposed or future legislation. I'm not sure how you see the new functionality as being any different to the existing PM system?

 

Cheers,

Al.

Link to post
Share on other sites
ZiderHead

ZiderHead

Posted
Posted

I'm not sure I see the distinction between PMs and emails here either - both can be read and quickly deleted between nightly backups so won't be retrievable from those backups.

 

Details of both will be logged via the mysql general query log and the mail server logs, and these logs will be available from the nightly backups (assuming a standard logrotate config.)

Link to post
Share on other sites
  • RMweb Gold
martin_wynne

martin_wynne

Posted
  • Author
  • RMweb Gold
Posted

Hi Martin,

 

Do you not record in the database when a member has posted, and then deleted a PM? If you do, then that is all the metadata you could ever be required to provide.

 

Hi Al,

 

When a PM is zap-deleted it is removed from the database. There is no lasting record of the deletion date or that the PM ever existed, other than an empty ID number. Likewise if the content is edited, there is no record of the previous content or the date of the change.

 

If the PM was in existence at the time of making the daily or weekly backup it would be included in the backup but otherwise not. And those backups are not kept for 12 months.

 

The only record would be in the query log, which would need decoding and is also unlikely to be available 12 months later.

 

In the event of a real-life forensic request it may be possible working with the hosting provider to extract some metadata, but there is guarantee of that and the system certainly hasn't been designed to retain and return such data.

 

 

I'm not sure how you see the new functionality as being any different to the existing PM system?

 

Emails are delivered via the ISPs mail servers, and logged by them in accordance with the email legislation. They can't be subsequently deleted or modified by the sender. In writing a new function I can ensure that the metadata is retained in the database.

 

regards,

 

Martin.

Link to post
Share on other sites
  • RMweb Gold
Alister_G

Alister_G

Posted
  • RMweb Gold
Posted

Emails are delivered via the ISPs mail servers, and logged by them in accordance with the email legislation. They can't be subsequently deleted or modified by the sender. In writing a new function I can ensure that the metadata is retained in the database.

 

 

Hi mate, you shouldn't need to store anything in your own database, at all. The metadata for the transaction will be available in the web and SMTP logs.

 

 

EDIT:

 

Just to expand on that, what you are proposing to do sounds like a standard contact form, where the recipient email address is hidden from the end user.

 

If this contact form is opened by clicking on a "send message" link from a list of members, or from a listing of forum posts, then you will probably identify the member to whom the message is directed  by encoding the recipient in the URL, for instance:

 

http://myforumdomain.com/sendmessage.php?id=FredBlogs1

 

The backend code of sendmessage.php will parse the URL and fetch the correct email address for Fred Blogs and populate the recipient address in the mail object.

Once the web form has been completed, clicking on the "send" button populates the other fields of the mail object and then calls the mail object send method to contact the ISP's server and send the email.

 

If we look at the above process, we can see that the loading of the contact form, the pressing of the send button on the form, and the subsequent sending of the message will all be logged, either in web logs, or SMTP logs, and will quite clearly identify both the recipient and the IP from which the form was loaded.

 

None of that requires your software to store anything.

 

Cheers,

 

Al.

Link to post
Share on other sites
  • RMweb Gold
martin_wynne

martin_wynne

Posted
  • Author
  • RMweb Gold
Posted

Hi mate, you shouldn't need to store anything in your own database, at all. The metadata for the transaction will be available in the web and SMTP logs.

 

But it will show my forum as the sender. I can't predict future changes to the law, so I want to be sure that I can identify the sending user and the IP address he was using at the time. In the event the email contains unlawful content I don't want to be identified as the sender!

 

And on reflection, the whole thing is such a minefield that I'm not sure I do want to go ahead with it.

 

Martin.

Link to post
Share on other sites
  • RMweb Gold
martin_wynne

martin_wynne

Posted
  • Author
  • RMweb Gold
Posted

See my edit...

 

Yes, and much the same can be said about the existing PM system.

 

I remain unconvinced that the required metadata can be extracted 12 months later without access to the database.

 

Martin.

Link to post
Share on other sites
  • RMweb Gold
Alister_G

Alister_G

Posted
  • RMweb Gold
Posted

Yes, and much the same can be said about the existing PM system.

 

I remain unconvinced that the required metadata can be extracted 12 months later without access to the database.

 

Martin.

 

I'm sorry Martin, I don't understand what you mean by that at all.

 

The metadata (which for web transactions comprises the time and date, the type of request, the IP of the client, the URL requested, and the server response) is in the ISP's web logs, and will remain there until the ISP deletes them (which under the proposed legislation is after 12 months, same as now).

 

Similarly, the SMTP transaction metadata in the ISP's SMTP logs, records (in most cases) the complete conversation between two servers, including the time, date, recipient email address, sender email address and server response.

 

That is the only information required by law, and as things stand it must be kept for 12 months and no longer.

 

I don't want to get into a more technical discussion about this (maybe by PM? :) ) and I fully support your right to alter your website and forums as you see fit, of course, but I would hate to think you reduced functionality for your users based on a mistaken understanding of what your obligations are.

 

Cheers,

 

Al.

Link to post
Share on other sites
  • RMweb Gold
martin_wynne

martin_wynne

Posted
  • Author
  • RMweb Gold
Posted

I don't want to get into a more technical discussion about this (maybe by PM? :) ) and I fully support your right to alter your website and forums as you see fit, of course, but I would hate to think you reduced functionality for your users based on a mistaken understanding of what your obligations are.

 

Hi Al,

 

The requested URL contains the recipient user name only. To find the recipient email address and last recorded IP it is necessary to access the database. An outgoing email would contain this info but correlating it back to the server request may not be easy. The database engine is on shared hosting and often busy with many queued requests. Full metadata for a message obviously requires info for both sender and recipient.

 

I accept that I am probably compliant with the letter of the current and proposed legislation. But the legislation is clearly up for change, and I don't want to be going over all this again in 2 or 3 years time.

 

My board is a software user support forum. There is no significant need for a PM system and I don't believe that removing it would seriously disadvantage the members. In the final analysis any member can contact me by email and request to be put in contact with any other member.

 

regards,

 

Martin.

Link to post
Share on other sites
  • RMweb Gold
Revolution Mike

Revolution Mike

Posted
  • RMweb Gold
Posted

The requested URL contains the recipient user name only. To find the recipient email address and last recorded IP it is necessary to access the database. An outgoing email would contain this info but correlating it back to the server request may not be easy. The database engine is on shared hosting and often busy with many queued requests. Full metadata for a message obviously requires info for both sender and recipient.

 

I accept that I am probably compliant with the letter of the current and proposed legislation. But the legislation is clearly up for change, and I don't want to be going over all this again in 2 or 3 years time.

 

The starting point is that having read the (EU) legislation I don't see an argument which makes you responsible for data retention.  Your activities would be covered by the data retention requirements imposed on your ISP (if they are not based in the EU then let the Courts work out how to chase them - it does not transfer the responsibility from the ISP/CSP to you juts because they are not in the EU). 

 

You would not fall under the definition of communication service provider (CSP) in the Directive, but let's assume that the courts ruled that you did - that would seem the appropriate point to make the decision either to enhance the metadata gathering or remove the PM.

 

Even if the courts did rule that individual forum owners were responsible, the next step is the degree of proportionality that you could be reasonably expected to hold complete metadata.  Then on to potential prosecution ie are you *likely* to be chosen as a test case?

 

That is a lot of steps to get through before you start worrying IMHO, particularly given that it clearly hasn't been an issue for the last 8 years.

 

Of course it is your site and your call, personally I would be more worried about whether I comply with other more pressing issues eg am I compliant with DDA or cookie requirements etc (I am not saying you're not!).

 

Cheers, Mike

 

That is true of any walk of life and it is often the case that you can't predict the turns that legislation will take in the future.

 

Like others have said there is no change in the new law to what has existed for the past 8 years.

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...