Barry Shein wrote:
I was at an IP (as in intellectual property), um, "constituency" I think, IPC, meeting at ICANN which basically consisted of 99 lawyers and me in the room.
By the Montevideo ICANN meeting '01 the "Internet Service Providers Constituency" (ISPC) had dwindled down to the corporate trademarks portfolio managers for the few remaining ISPs. At the Paris ICANN meeting a year ago we corrolated the votes of the Intellectual Property, Business, and ISP Constituencies and found that there was no discernable independence amongst them, another way of sayins the IPC had captured the BC and ISPC. Of course, now we have GNSO reform, and "Stakeholder Groups" replacing the Constituencies. Bottom line. ISPs are f**ked by their own sonombulism. In a slightly different and partially overlapping policy and operational scope, the Address Supporting Organization originates no policy development of note, and has been somnolent for most of the ICANN trajectory, so BCP 38 and sBGP and so on have no real presence in the ICANN toolkit. So IP lawyers are doing pretty good in the oughts, and more time and bandwidth goes to retail cops and robbers than goes to any "critical infrastructure vulnerability", outside of ICANN's DNS mafia, post-Kaminsky. Any ISP that want's to spend some resources on operational issues, having some relevance to resource identifiers, feel free to drop me a line. I could just as well give process clue to Ops folk as ops clue to IP lawyers.
There was a fair amount of grousing about how ISPs give them the run-around when they inform them of a violation looking for a takedown, and don't take down the site or whatever demanding (sneer sneer) paper from a court of competent jurisdiction as a dodge.
I explained that they should try it from the other side, we get a fair amount of spurious stuff. I gave the example of a spouse in an ugly divorce demanding we do something or other with the web site they developed together in happier days IMMEDIATELY OR ELSE!!! (typically change the password to one only they know).
How can we as ISPs possibly sort that out? Court orders are your friend, they're not that hard to get if you're legitimate.
The way this reg is written it has that feel, it seems to promote the fantasy that if J. Random Voice calls me and says "a site you host, creepsrus.com, violates HR3817, YOU HAVE BEEN INFORMED!" then we have been informed and therefore culpable/liable.
Well, perhaps there's enough precedent that it doesn't have to be spelled out in that text what's meant by "knowingly" and a call like that wouldn't be sufficient.
At the very least I'd require a clear transfer of liability.
That is, if the claim (and hence, takedown) turns out to be unsupportable then any damages etc are indemnified by the complaining ("informing") party.