At 03:22 PM 2/23/01 +0000, you wrote:
I'm curious - how many ISPs hold to this kind of policy of being tight-lipped until subpoenaed?
Personally, I'm kind of glad to see this response from @home. I know I would want to see an ISP I used do the same thing if confronted by The Law. Maybe that's just the Bill of Rights lover in me.
Having said that, it sucks that they're forcing you to get the lawyers and the cops involved. I'd often prefer to see things handled on an informal basis of professional courtesy. Especially when real damage is done such as in your case.
We follow the same policy of not handing out client information without a legally binding document requiring us to do so. However, we do use our AUP to prevent further access if we have sufficient -evidence- of a violation. A severe violation may result in access being removed first while we conduct an internal investigation to determine the extent of the violation that took place. Providing client information is only useful for civil or criminal charges. What the individual under attack needs is access revoked and, for that need, we respond immediately.