:I think anyone in their right mind would agree that if a provider see :criminal activity, they should take action, no? What a provider "should" do and what makes sense under the law of the land are two different things. :If that also holds true, then why doesn't it happen? The laws pertaining to what's required of people when witnessing a crime vary by locality within the U.S. I dunno how they work for the rest of the NANOG audience. What is required of people versus what's required of corporate entities varies, too. "Good Samaritan" laws are hardly universal, and don't always play well with the other laws of the land. Things can get ugly when some murky behavior gets retroactively deemed a crime (perhaps by some tech-challenged judge or jury) and a provider becomes an accessory after the fact. "You mean, the DMCA makes THAT illegal?!?" Or, perhaps a provider tries to take some small action in the face of a crime, then is deemed to have a "special relationship" making them liable for not being quite helpful enough. "You mean, I have to rebuild my entire network because my customer support rep has reported bad behavior to the authorities?" Ultimately, acting on crime is a rat's nest. Some providers have enough trouble dealing with attacks from Pax0rland, extracting sane prices for last-mile service, evaluating/deploying new technology, keeping up with all the off-topic emails on NANOG, etc. Raise the bar so the least-paid front-line rep requires a "customer support within the law" class. Create a legal climate where the only way it makes sense to provide bits involves a big army of attorneys and lobbyists to define the regulatory climate. Let's make total provider consolidation a reality... then we won't need those pesky 32-bit ASNs. :) Back to work... -- Michael J. O'Connor mjo@dojo.mi.org =--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--= "Not baked goods, professor... baked BADS!" -The Tick