[Fed-Talk] Privacy policies and logging records
[Fed-Talk] Privacy policies and logging records
- Subject: [Fed-Talk] Privacy policies and logging records
- From: Todd Heberlein via Fed-talk <email@hidden>
- Date: Tue, 5 Dec 2023 11:00:06 -0800
Hi all,
Does the federal government have any guidance on privacy policies on what can
be logged?
We are using Apple’s network system extension for macOS, and it collects a fair
amount of information. I was wondering if the government has any policies that
would say whether capturing this level of detail is permitted or not.
As an example in the screenshot below, box (1) shows information a typical
network monitor (e.g., Zeek or NetFlow) could collect on an encrypted
connection, and box (2) shows additional details Apple’s network system
extension can collect on the Mac for that connection (e.g., the URL passed over
the encrypted connection) even without MITM decryption.
Any pointers on policies would be appreciated. Thanks,
Todd
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden