Good morning,
Im IT manager of some companies and i'm handling the problem of obeing the italian laws regarding privacy protection.
To be brief: the law says that no reference to the users can be done in the log files (if not requester by police forces or in few other cases) that allow to know what web sites a certain user have browsed, on the other hand it's possible to log any web browsing information that do not refer to a specific user.
Today I'm forced to reduce the information that wingate writes in the www proxy log files to avoid to violate such laws, specifically I had to deselect 'Session traffic' and 'Request details" from the session event section.
My question is: is it possible to reduce the informations logged by the session traffic and request details option? I mean, is there a way to avoid the user name to be logged? so that who reads the log cant know who visited the web sites but have access to all other informations (date and time, durantion, traffic in bytes...).
Thank you,
Matteo
Activity log and privacy protection laws
Moderator: Qbik Staff
3 posts
• Page 1 of 1
Activity log and privacy protection laws
by mborroni » Dec 24 09 12:42 am
- mborroni
- Posts: 10
- Joined: Dec 24 09 12:07 am
Re: Activity log and privacy protection laws
by adrien » Dec 30 09 6:33 pm
It's hard to believe that any country would pass a law that makes it impossible for a company to protect itself from employee abuse of internet resources.
Are you sure the privacy law is being correctly interpreted?
The reason I ask is that we haven't had any such requests from any other customer in Italy (I think it was you asked about this a while ago?), or from our Italian distributors.
WinGate 6 doesn't have any log customization features apart from which events are logged. WinGate 7 can do custom logging by way of event processing defined by the user, which could be used to log to a file, or DB whatever information the customer wishes.
What features in WinGate are you currently using?
Are you sure the privacy law is being correctly interpreted?
The reason I ask is that we haven't had any such requests from any other customer in Italy (I think it was you asked about this a while ago?), or from our Italian distributors.
WinGate 6 doesn't have any log customization features apart from which events are logged. WinGate 7 can do custom logging by way of event processing defined by the user, which could be used to log to a file, or DB whatever information the customer wishes.
What features in WinGate are you currently using?
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: Activity log and privacy protection laws
by mborroni » Jan 13 10 3:32 am
Dear Adrien,
thank you for your reply and sorry for being late on to reply to you.
I mainly use www proxy and ftp proxy services of wingate.
Unfortunately I didn't misinterpreted the law (I asked a privacy/security consultant).
Actually in Italy privacy rules are widely disobeyed or mainly unknokwn by most of companies and their IT managers.
Practically noone could log web access activity recording anything that can lead to "who browsed what" without violate the employee privacy (and laws about workers safeguard).
This law says that employer should take every effort to "prevent" any abuse of internet access by his employees so that the employer himself has no need to violate the employed privacy monitoring his activicy. An example is: the employer imposes a whitelist of web sites that his employees can access, as a result the employer has no need to perform further check on.
Thank you,
Matteo
thank you for your reply and sorry for being late on to reply to you.
I mainly use www proxy and ftp proxy services of wingate.
Unfortunately I didn't misinterpreted the law (I asked a privacy/security consultant).
Actually in Italy privacy rules are widely disobeyed or mainly unknokwn by most of companies and their IT managers.
Practically noone could log web access activity recording anything that can lead to "who browsed what" without violate the employee privacy (and laws about workers safeguard).
This law says that employer should take every effort to "prevent" any abuse of internet access by his employees so that the employer himself has no need to violate the employed privacy monitoring his activicy. An example is: the employer imposes a whitelist of web sites that his employees can access, as a result the employer has no need to perform further check on.
Thank you,
Matteo
- mborroni
- Posts: 10
- Joined: Dec 24 09 12:07 am
3 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 4 guests