On 27/09/2011 19:31, John Levine wrote:
For case law confirming that similar language in the Stored Communication Act doesn't apply to data on your own equipment, see the recently dismissed cases of Holomaxx vs. Microsoft and Holomaxx vs. Yahoo.
In Europe, things are slightly different. Traffic snooping is considered to be a breach of consumer data protection directives and is treated accordingly. One of the more interesting cases was BT + Phorm:
http://en.wikipedia.org/wiki/Phorm#European_Commission_case_against_UK_over_...
While the case never went to court, all parties backed down and there hasn't been a similar case since then. There is another aspect to this: european IP service providers can claim "mere conduit" status (similar to US "common carrier") under the terms of the Electronic Commerce Directive 2000/31/EC (as transcribed into local legislation), provided during the process of transmission they do "not select or modify the information contained in the transmission". It would seem possible that changing DNS packets in transit could come under the scope of "select or modify", thereby leaving the IP service provider liable for the information transmitted. This can act as a deterrent to service providers who feel that modifying data in-flight is a good idea. Nick