Apologies in advance for the non-technical nature of the query. I am a law student researching a law review article on censorship on the Internet. My partner and I are investigating the legal consequences of placing a ISP offshore, in a jurisdiction like Anguilla, Nevis, the Caymen Islands or some other place like that. Part of our problem is that we're ignorant of the business practice in the area. I figured I'd go to the horse's mouth, rather than playing footsie on the legal lists. Its probable that the ISP could be run in an offshore jursidiction with strong financial secrecy regulations and any U.S.-based managers/owners would be insulated from legal action because they could not be identified (at least, with American subponeas.) On the other hand, a U.S. judge could presumably order the offshore ISP's U.S.-based upstream ISP to cut off that ISP (or even the entire jurisdiction, depending on the situation) for DMCA violations, gambling, etc. Basically, its an issue of how the community would go about dealing with a blackhat ISP. An initial question is how closely do backbone providers/upstream ISPs look at offshore ISPs to begin with? What kind of identification/credentials does an ISP need to come up with to get a contract? Specifically, do backbone providers figure out who the beneficial owner of an ISP is before they hook up the ISP? If someone pays the bills regularly, do they need anything more than what's in whois.arin.net? The next set of questions deal with how long a blackhat ISP could stay connected. Under what circumstances would an upstream ISP/backbone provider cut off the offshore ISP before a court order? What are the choices in the market for backbone providers that are not U.S.-based (and therefore wouldn't be subject to U.S. legal process)? Free, encrypted, secure Web-based email at www.hushmail.com