On Mon, Jan 14, 2008 at 07:51:58AM -0800, TS Glassey wrote: > What are the retention requirements here Ray and what are the availability > requirements per the Stored Communications Act is the US and has this > transition ever been scoped out against these constraints? or is it the > IETF's intent to ignore US Law again? Todd, If there is something you think that needs to be done to be in compliance for some particular US Law, it would be helpful if you stated exactly what it is you think needs to be done and reference the specific US Code, Section, and Subsection in question. The Stored Communication Act (Title 18, Part 1, Chapter 121, Section 2701) seems to only apply to ISP's providing IMAP/POP e-mail service to the public (i.e., any paying user who is a customer), and so it's not at all clear it even applies to the IETF, since the IETF isn't in that business. Furthermore, the only record retention requirements that I can find only seems to apply if a government entity makes a request of the ISP for up to 90 days pending the issuance of a court order, so even if it *did* apply, there doesn't seem to be anything the secretariat needs to do. Presumably the IETF Secretariat will contact its legal resources whenever there is some situation (possible lawsuit, request by a government entity) where data retention may be required. In any case, I and (as far as I know) Todd are not lawyers, so none of this constitutes legal advice. - Ted _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf