Qwest responded to 27B's questions and to a reader's phone call. The answers to the reader were way more detailed than the PR office's answers so I'll post the reader's answers first. According to the answers given to the reader, Qwest does not routinely collect email, url or IM usage data, does not sell it even in anonymized form and requires legal process to turn over any subscriber data. Additionally, the representative said that logs of assigned IP addresses are kept only for 48 hours.
Remember that former Qwest CEO Joseph Nacchio, currently on trial for fraud, rejected the NSA's request for telephone records, telling the government to come back with a warrant.
Full answers after the jump. Spreadsheet has been updated with the official answers until the unofficial ones can be confirmed.
__Reader Spark's Answers as Gotten from Customer Service __
Rather than write the questions I will give the answers, in order they appear on your site, that Quest told me.
- The only information they collect on customers is when (Time, Date) the customer modem logs on to the Qwest system.
- They do not collect any user data -- clickstream, IM, email.
- See 2.
- IP's are refreshed, replaced when modem boots; Logs of assigned user IP address assignments are kept for 48 HRS.
- Forgot to ask.
- No data to sell.
- Forgot to ask if any portion of privacy policy prohibits...
- To his knowledge, no one from Justice Dept has contacted Qwest about data retention policies.
- The man I spoke to was personally opposed to legally mandated data retention policies, said they (Qwest) would have to obey the law if a policy such as that was passed, but couldn't speak as to the "official Qwest position" on the data retention for/against question.
- As above, the supervisor stated that no customer information is released "without a court order" to ANY law enforcement, government agency. I was as clear as a bell on the question, asking "Can any law enforcement, gov. agency just ask, make a request for any information about me and get it? Or would they have to produce a subpoena, NSL, court order? It took 2 min. of consultation on their end for the cheery reply that they would have to present a "court order" to get any information about me from Qwest.
Official Answers to 27B
What kind of information does Qwest collect on its customers' Internet use?
Please see Qwest's Online Privacy Policy at http://www.qwest.com/privacy/index.html, specifically the section on "What information does Qwest collect about me online? ".
How long does Qwest store data on its subscribers' internet usage?
As described in our Online Privacy Policy, we don't routinely collect and store that type of information. "... Qwest does not use this information in a personally identifiable form except under the following circumstances: if we have reason to believe that an account is being used in a manner that violates the Qwest Subscription Agreement, the Qwest Acceptable Use Policy, or any applicable law or regulation; to protect the integrity of our services or network; to assert or defend our legal rights or those of a third party; pursuant to a lawful request from a government or legal authority, or where we have a good faith belief that it is needed to prevent harm or provide assistance to a third party ." .
What are the policies for storing clickstream data? What about e-mail and instant message usage? FTP or bittorrent usage?
Please see Qwest's Online Privacy Policy at http://www.qwest.com/privacy/index.html, specifically the section on "What information does Qwest collect about me online? ".
What data security precautions protect the information Qwest collects?
Qwest supports a broad-based information security program, in line with industry best practices and international standards such as ISO 17799. As a matter of policy, Qwest does not publicly share details about its security practices.
Does Qwest sell internet usage data? What kind of data? If so, how is it anonymized and to whom do you sell it? What language in your privacy policy discloses this?
Information and content regarding Qwest's Privacy Policy is available at http://www.qwest.com/privacy/index.html .
If not, what portions, if any, of your privacy policy specifically prohibit this?
Information and content regarding Qwest's Privacy Policy is available at http://www.qwest.com/privacy/index.html .
Has Qwest been contacted or in communication with the Justice Department about data retention?
Qwest does not publicly discuss communications between itself and the DOJ. However, Qwest responds to valid legal process from a variety of law enforcement agencies.
__Congress may contemplate mandatory data retention rules for ISPs and other large internet companies. What is Qwest's position on such legislation and is the company lobbying Congress on this issue? __
Qwest voluntarily retains IP address assignments, obviating the need for federal or state requirements. We strongly believe the best way to address this issue is to have the market drive data retention policies. Companies should voluntarily retain records for IP address assignments to protect customer privacy while also safeguarding citizens from online predators.
Does Qwest require federal, state and local agencies to provide subpoenas, court orders, or national security letters to get data from Qwest, or does company policy allow law enforcement and other government agencies to get data based only on a request?
Qwest complies with federal and state laws regarding providing information to governments. As a general rule, those laws involve some element of governmental "process" (such as an administrative subpoena, warrant, court order). However, they also provide for limited circumstances where a service provider might provide information without such formal process (for example, where child pornography is involved or where a provider is attempting to protect its rights or property or those of others).
