In IDG today we can read (in Swedish, google translation to English here) that the police linked the wrong address with an IP-address when they where looking for child pornography. The police has now reported themselves to an internal investigation on what really happened, and I think it is important to really check this. Was the wrong IP address sent to the ISP (when the street address was asked for), was the time and date for the use of the IP address wrong, or did the ISP do the wrong thing?
When we have the shared responsibility we have today with the Internet, it is so extremely important we agree on how to pass data between us, what data we pass between us, so that the risk for mistakes made by humans end up being minimized. Because regardless of how simple the error is, the person that end up being challenged by the police of committing a crime (in this case hosting child pornography), just saying “sorry” is not good enough.
The police must get proper tools so that their work is cheaper and better, more effective while minimizing risk for errors like these, and minimizing the risk for intrusion of privacy. We have to fight crime, but not more. Right?
This is for me one of the main reasons I in the investigation for implementation of the data retention directive in Sweden pushed hard for text stating that the timestamps in the logs have to be related to official Swedish Time. And why I strongly support the Swedish Government continue finance NTP servers in Sweden so that NTP access to the Swedish Time is continuing being free of charge.