Sigh. Let's try this again. I don't have to accept your traffic. Amazon doesn't have to accept your traffic. No one has to accept your traffic. I can deny your traffic for any lawful reason even if that traffic might be otherwise constitutionally protected. I linked to the law, but I guess I'll have to paste it. Please take the time to read it. "Otherwise objectionable" means pretty much whatever AWS wants it to mean. I object to your traffic on my network, therefore I'm not carrying it. They have no case. Period end of story. Their lawsuit is a SLAPP suit, and their threat is barratry. In the past we used to bake cakes to make this point. https://www.theregister.com/2018/08/28/ipv6_peering_squabbles/ qu'ils mangent la brioche! https://www.law.cornell.edu/uscode/text/47/230 (c)Protection for “Good Samaritan” blocking and screening of offensive material (2)Civil liability No provider or user of an interactive computer service <https://www.law.cornell.edu/definitions/uscode.php?width=840&height=800&iframe=true&def_id=47-USC-1900800046-1237841278&term_occur=999&term_src=title:47:chapter:5:subchapter:II:part:I:section:230> shall be held liable on account of— (A) any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected; or (B) any action taken to enable or make available to information content providers <https://www.law.cornell.edu/definitions/uscode.php?width=840&height=800&iframe=true&def_id=47-USC-10252844-1237841279&term_occur=999&term_src=title:47:chapter:5:subchapter:II:part:I:section:230> or others the technical means to restrict access to material described in paragraph (1).[1] <https://www.law.cornell.edu/uscode/text/47/230#fn002009> Andrew On Thu, May 29, 2025 at 1:44 PM William Herrin <bill@herrin.us> wrote:
On Wed, May 28, 2025 at 7:07 PM Andrew Kirch via NANOG <nanog@lists.nanog.org> wrote:
Please have your lawyers review the Spamhaus lawsuit, and other state and federal lawsuits filed by spammers against DNSBL operators (like me!) before you file a SLAPP suit. We always win. We win so much it's getting boring.
Hi Andrew,
Maybe I misunderstood Eric, but I thought his "threat," if you want to call it that, was to sue WAF implementers like AWS for tortious interference rather than list publishers like IP Quality Score. The legal proposition is that an AWS customer has little or no control over what AWS does with the IP blocking information. If they want to do business with me and I want to do business with them but AWS steps in the middle, that's potentially tortious interference. And let's face it: AWS is a large enough organization you're not just playing whack-a-mole.
Worth noting that Spamhaus et. al. escaped their lawsuits because they publish information. They don't block anybody. The consumers of their information (like AWS) do the blocking.
Also worth noting that Eric's plan wasn't to sue pers se, it was to send demand letters. There's an implicit assumption that if he could just talk to a responsible person, they'd agree with him and fix the problem. Demand letters to the attorney of record are kind of a last ditch mechanism to cut through an organization's hierarchy and talk to the engineer who can actually solve your problem. Because whoever you are and however well insulated you are from the tech support front door, the company lawyers have access to you.
Regards, Bill Herrin
-- William Herrin bill@herrin.us https://bill.herrin.us/