account compromised: legal inquiry

[John (EBo) David]

Long story but a friends computer account appears to have been
maliciously compromised in Amsterdam (Netherlands).

With all of the international users here, does anyone know where we can
get information on what log files are legally required, or likely to be
kept, by a service provider so the lawyer can sepoena(sp?) extracts.

The (multiple) intrusion occurred when a third party coerced the
password for the account over the phone from someone at the ISP help
desk.  It is my understanding that this was first discovered roughly a
year ago, when it was learned that the intruder was reading private
email.  The account passwords were subsequently changed, etc., but it
appears to have happened again -- by the same party.

So, I am assuming that the service provider keeps (and possibly required
to keep) logs of:

  1) help line calls, detailing why called and actions taken
  2) billings
  3) loggin times
  4) email downloads/uploads times and from what computer

any pointers to Dutch legal requirements, etc. and other suggestions
would be most appreciated.


  EBo --

ps: see you at the meeting tonight :-/