Logs are sequential and chronological records of the operations carried out by a computer system. These operations may be carried out by a user, or they may be fully automated. Logging procedures are precisely those activities by means of which an operating system or an application records events and stores them for later reuse: these records are called log files. Log files are documents that contain messages about the system, services and applications in operation.
With the 'new privacy', the log recording or log retention by companies becomes the most necessary to ensure compliance with data protection regulations, as it enables the reconstruction** of the activity of a computer system and the identification of possible liability in the event of errors or violations of the law. The so-called principle of accountability introduces, for the first time, the obligation for data controllers to demonstrate compliance with the legislation by deciding independently on the methods, guarantees and limits of personal data processing, in view of the production reality in which they operate.
This obliges data controllers to have methods to 'prove' that data are processed in compliance with the regulations. On the one hand, therefore, data controllers must not only carry out all the necessary activities to safeguard the data subjects, but must also provide themselves with evidence of compliance in the event of inspections by the competent authorities. This evidence can only be log files: an indelible trace of the operations performed on the data.