[Juser] proposed changes to jabber.org service policy

[Peter Saint-Andre]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 8/21/12 3:05 AM, ubsy at riseup.net wrote:
> Hi everyone,
> 
>> I have not dealt with such a request so am speaking from a
>> position of some ignorance, but I suspect that the requesting
>> entities would, at least in some cases, require that those users
>> whose data are being requested not be told in advance.
> 
> Yeah Kevin, when you put it that way it sounds awfully reasonable.
> 
> Well: What about another proposition:
> 
> Even though we are legally obligated to disclose information about
> our users when specifically requested to do so under court order we
> may only disclose such information which we have in the first
> place. These are:
> 
> 1. IP addresses, dates, and times associated with authentication
> attempts 2. Roster contacts (that is ISP contacts?)

Not ISP contacts (I don't know what that would be), but JabberIDs in
the buddy list that you store on the server.

I agree that it would be good to make it clear what information we do
and do not share when we receive a court order.

> We do not save XMPP stanzas passing through the service, payment 
> information, or email addresses or attachments of our users.

Among other things, yes. Some of the court orders I have received for
jabber.org requested some strange things (which would be normal for an
ISP or email service but simply don't apply to an IM service).

Peter

- -- 
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlAzmz4ACgkQNL8k5A2w/vx26gCgsZXej5qob84uzYbTGfjN6AbE
3XEAoNewr89n3IRvTNj7Zi4GMlKwH9sK
=LYCD
-----END PGP SIGNATURE-----