On 07:14 PM 2/23/01, Theodore M. Smith wrote:
>
>I think it's a mistake for anyone to promise ABSOLUTE confidentiality.
One way to provide some limited confidentiality is to not write or keep
logs, archives, or backups. If all you have is a list of subscribers, but
no logs, archives or backups, the *most* they can get from you *if* they
get a court order, is your list of subscribers. This is how the anonymous
remailers work.
Even still, your ISP will almost certainly have logs and backups, and
access to your membership list. It would have to be one hell of an
important case for the effort involved to parse out your user data from
their "everyone data" to be worth doing.
If you really don't want this data to ever be given out, get a colo'd
server and run the mail list yourself, and don't keep any data on the
server (or elsewhere) other than the subscriber list. No logs, no backups,
no archives. The ISP logs your server activity in MBs of bits sent and
received, but not the actual locations or content of the bits. So your ISP
can't violate the server confidentiality unless they get a court order to
put a sniffer on your line (ala carnivore).
BTW, Havenco would be a good location for such a server if you were really
worried about security, about being forced to give up the server or the
membership list.
jc
