tags:

views:

101

answers:

5
+10  Q: 

Log files legal aspect?

I like data. That is why I add a standalone PHP script which logs all relevant HTTP variables like:

  • Date of visit
  • IP
  • User-agent
  • Request URI
  • Referer

Am I allowed to store all this in non-public text files?
Am I allowed to evaluate the data?

What am I allowed to do with the log files?
Do I have to delete them after some time?

Additional info:

I'm living in Austria :)

+3  A: 

In some jurisdictions you are obliged to delete it after some time. For example in Luxembourg you may only keep it for 6 months.

In some jurisdictions you are not allowed to disclose this data to other users since its is considered personal information.

In some jurisdictions like Germany you have to state precisely what kind of data you're gathering and what you intend to do with it. Then you have to stick to what you declared.

Developer Art  2010-06-01 13:41:35
Correct. What you can do depends on the local laws.
Gert G  2010-06-01 13:44:08
+1  A: 

In the US:

Are you doing this for your employer?
If yes, you need to consult them for their retention policy and etc.

If your are doing it for personal purposes, you are free to log away!

Keep in mind that for e-Discovery you actually may be obliged to keep the logs for longer if it ever comes up in court.

That is, the precedent has been set that if a user accuses you of something, and you don't have the logs to disprove it, you can be found guilty on the grounds that it probably happened.

John Gietzen  2010-06-01 13:42:42
*"If your are doing it for personal purposes, you are free to log away!"* This is unsound advice in some legal jurisdictions; e.g. Switzerland, according to Wikipedia.
Stephen C  2010-06-01 13:48:14
@Stephen He said "In the US:".
Jake Petroules  2010-06-01 13:49:58
@Jake - only after he edited it. Besides, the OP is not in the US.
Stephen C  2010-06-01 13:58:14
@Stephen: The OP only specified that he was NOT in the US with an edit...
John Gietzen  2010-06-03 13:04:24
+1  A: 

I'm not sure what the legalities are on this, however the data your storing is no different from what Google Analytics. So it might be easer searching for the legallities of using such a service.

Other things to take note of is not just your location, but the location of the server where the logs are stored.

Audioillity  2010-06-01 13:45:15
+1  A: 

In the time and age of Google, where data is not considered "yours" once it is collected by an external entity, it's nice to know someone still respects the end users' privacy, even of anonymous users.

I would definitely let your users know about the possible privacy issues they might encounter as a result of visiting the site. I like W3Schools' privacy policy. It sounds like they do exactly what you would be doing with the information.

amphetamachine  2010-06-01 13:47:24
A: 

Since you're in Austria, you might want to read about the upcoming implementation of EU's Data Retention Directive.

Gert G  2010-06-01 13:51:51

related questions

What are the legalities of repackaging other's RSS feeds into a new presentation?
Adding the GPL license to C# Projects
Could I get in legal trouble for copying a website's stylesheet?
Is it legal way to get use GPL code in close-source application through plugin?
Data Protection and Web 2.0 Web sites
What's the difference between the open source licences
GPL software in debug only closed source applications
Is it legal to reverse engineer binary file formats
Potential legal issues with storing Social Security/Insurance Numbers (SSNs/SINs)?
Freelance work with no contract - who owns the code?
Is using Dexter's character sprite okay, or do I have to...
How can newly registered trademarks affect previous non-trademarked software?
Non-Compete Clauses
Legality of Encryption in Standard Libraries
Self-owning web services, or services that can survive the death of the inventor
Place To get EULA and Other Legalese For Software?
Copyright and Fair Use in Distributable Software
Visual Web Developer Express and .NET, et al.
Copyright question - Dictionary Application
Am I allowed to run a javascript runtime (like v8) on the iPhone?
Using icons licensed under GPL or LGPL in a closed source commercial software?
When/if to seek a patent?
Corporate-Friendly Open Source Licenses
What can I do about my employer's intellectual property policy?
Found a critical bug, but the company doesn't care