> In the US, I believe that CALEA requires you to have those records for 7 > years. >
No, it doesn't (records *of the requests* are required, but no obligation to create subscriber records exists). Even if it did .. academic institutions are exempt (to CALEA) as private networks.* There are various legislative attempts afoot to create one here in the US .. but none have passed. Regards, Michael Holstein Information Security Administrator Cleveland State Unviersity (*): US Court of Appeals, District of Columbia, 50-1504.
