Steven M. Bellovin wrote:
Mark Kent writes:
I recently claimed that, in the USA, there is a law that prohibits an ISP from inspecting packets in a telecommunications network for anything other than traffic statistics or debugging.
Was I correct?
No. Or at least you weren't; the Patriot Act may have changed it. (I assume you're talking about U.S. law.)
There was a quirk in the wording of the law -- what you say is correct for *telephone* companies, but not ISPs.
You're referring to "common carrier" status, I think. This isn't exclusively restricted to phone companies, but that's the way it is right now. I think it may also apply to non-voice carriers that sell circuits. I'm pretty certain that it does not apply to ISPs. A common carrier is not allowed to monitor/filter traffic on customer circuits. They also can't be held responsible for the traffic on those circuits. -- David