References
Download as PDFInformation and Guidelines on Logfiles
LINX Best Current Practice – Traceability: https://www.linx.net/good/bcp/traceability-bcp-v1_0.html
Information Commissioner’s Employee Monitoring code: http://www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist_guides/employment_practices_code.pdf
NIST Guide to Computer Security Log Management: http://csrc.nist.gov/publications/nistpubs/800-92/SP800-92.pdf
Data Retention
LINX Best Current Practice – Traceability: https://www.linx.net/good/bcp/traceability-bcp-v1_0.html
Data Protection Act 1998: http://www.legislation.gov.uk/ukpga/1998/29/contents
Directive 2002/58/EC on Privacy and Electronic Communications: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32002L0058:EN:HTML
Data Retention (EC Directive) Regulations 2009 (covers public networks only): http://www.legislation.gov.uk/uksi/2009/859/contents/made
Access to Data
LINX Best Current Practice – User Privacy: https://www.linx.net/good/bcp/privacy-bcp-v1_0.html
Regulation of Investigatory Powers Act 2000 (RIPA) Text of the Act: http://www.legislation.gov.uk/ukpga/2000/23/contents
The Regulation of Investigatory Powers (Communications Data) Order 2003 (Statutory Instrument 2003 No. 3172): http://www.legislation.gov.uk/uksi/2003/3172/contents/made
Codes of Practice and forms for law enforcement use of RIPA communications data access powers: http://www.homeoffice.gov.uk/counter-terrorism/regulation-investigatory-powers/ripacodes-of-practice/
Police and Criminal Evidence Act 1984: http://www.legislation.gov.uk/ukpga/1984/60/contents
Norwich Pharmacal Orders: http://www.burges-salmon.com/Practices/commercial/Intellectual%20Property/Publications/Know_Your_Enemy_Norwich_Pharmacal_orders.pdf
Analysing and Processing Logfiles
SANS whitepapers on creating and interpreting logfiles: http://www.sans.org/reading_room/whitepapers/logging/
Comments
Link to RIPA codes doesn't work any more - suggest https://www.gov.uk/government/collections/ripa-codes as a replacement