On Thu, 10 Jun 2004, Crist Clark wrote:
Change the word "victim" to "negligent party" and you're correct.
It would be great if there always was a negligent party, but there is not always one. If Widgets Inc.'s otherwise ultra-secure web server gets 0wn3d by a 0-day, there is no negligence[0]. Who eats it, Widgets Inc. or the ISP?
That's between the customer and Widgets Inc. The ISP is certainly not legally obligated to eat the cost of the bandwidth. They may choose to do so in the interest of furthering the business relationship, but that only covers so many bits.
So how about this analogy: Someone breaks into my house and spends a few hours on the phone to Hong Kong. Who eats the bill, me or my LD carrier? Neither of us was negligent.
Keep in mind, this guy's ISP, like many (most?) ISPs would do, gave the guy a serious break on the first jaw-dropping bill. But if you're the phone company, and a customer mysteriously has somebody break into their house month after month to call Hong Kong for a few hours, do you really think they're going to keep voiding those charges? Clearly the customer is negligent, even if another party is directly responsible. Speaking for Xecunet, we offer both capped and metered billing packages, and we always make a point of offering customers a capped solution when something like this happens. If they decline, we make sure they understand that in the future they will be liable for 100% of the packets coming from their port, regardless of the circumstances. Maybe we should start putting this in writing, but it hasn't really been a problem. Andy --- Andy Dills Xecunet, Inc. www.xecu.net 301-682-9972 ---