[liberationtech] Time to ask again: why are you logging?

Fri Jun 7 11:51:45 PDT 2013

The default syslog in Debian, rsyslog just announced that they've added
log anonymization capabilities[0]!

Almost 12 years now after riseup wrote the initial patches to
syslog-ng[1] (a few years ago syslog-ng added this capability, so we no
longer needed to carry that patch around) it is nice to see that this
has been added to rsyslog!

In the US, there is no requirement that you log anything on your
servers. Riseup, and Indymedia have been telling people this since
sometime around 2000-2001, but amazingly few people seem to believe it,
nor implement that as the default site policy - but it is true! Ask your
friendly neighborhood EFF, they are the ones who made this clear to
Indymedia after a confrontation threatened to force a hand-over of
information to greedy, overreaching, hungry agents[2].

If you make it clear that is your policy before the IP hungry log police
come to feed on your precious stockpile of delicious, delicious data
that you have been keeping just for them, your occasional analytics, or
just because it is the default... then there is nothing they can make
you turn over.

Certainly people can speculate on just how the NSA is doing what they
are doing and suggest that this may not help in that case, and you may
be right, but that is not the point. 

Why are you acting as a deputized agent of the state, collecting,
storing and backing up those delicious digital trails? It makes
debugging a little harder, dealing with abuse more of a challenge, but
it does let you finally stop obsessing over those web analytics[3].

No data retention,
Micah

0. http://blog.gerhards.net/2013/04/log-anonymization-with-rsyslog.html

1. https://we.riseup.net/debian/privacy

2. we fought this, and won. we are still thanking the EFF (we also can
thank the Black Panthers and amusingly, the NRA, for setting precendent
for these victories). but, while we were fighting this, we had to put
the logs they they wanted into the lawyer's hands, to convince them that
we were not destroying the data and they shouldn't come and steal our
machines. This is how we learned that if we didn't have it in the first
place...

3. oh, you are using googleanalytics? yeah I know you are, I see it on
practically 95% of the websites I visit. You can thank Google for
storing your logs for you, your visitor's IPs and what they were doing
are dutifully cataloged on their servers, after being refracted off of
Prism into the Dark Side of the Moon.