Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    Regular Coder
    Join Date
    Aug 2011
    Posts
    120
    Thanks
    1
    Thanked 15 Times in 15 Posts

    Post Legal obligations of a web service?

    With all the fun goings on with websites like Twitter being subpoenaed for records at least six months cold, I have been wondering if there is a repository or listing of all the legal requirements of a commercial website?

    For instance, how long do transaction records have to be kept? Is it a requirement to log all IP addresses and which accounts they access? Does all user submitted data have to be logged, and, if so, to what detail?

    Personally, I only log data that I am actually going to use for system security, so something like a personal-message gets deleted after it has served its purpose, but I am beginning to question the legality of that attitude.

    Any direction would be helpful...well as helpful as regulatory law ever is for that that are regulated.

  • #2
    Senior Coder
    Join Date
    Apr 2010
    Posts
    1,469
    Thanks
    71
    Thanked 104 Times in 103 Posts
    Who says you have to keep a record of everyone and anyone for a certain amount of time?

    If it's government then yes, but a business or personal?
    Been a sign maker for 7 years. My business:
    American Made Signs

  • #3
    Mega-ultimate member
    Join Date
    Jun 2002
    Location
    Winona, MN - The land of 10,000 lakes
    Posts
    1,855
    Thanks
    1
    Thanked 45 Times in 42 Posts
    IANAL, but my general understanding is that data retention policies can be anything you want, so long as you consistently enforce them.

    So, for example, if you have a company policy that says "all emails over 2 years old must be deleted", then you get a subpoena for emails from 10 years ago, so long as you actively tried to enforce your policy (i.e. you reminded employes to delete old emails every few months), you have no obligation to produce or try to produce records outside of your standard policy.

    The key is to 1) have a policy and 2) make reasonable efforts to enforce it.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •