Re: Monitoring, Flow Stats (Re: spam whore, norcal-systems)
At 11:28 AM 2/2/1999 -0500, John Fraizer wrote:
(i) It shall not be unlawful under this chapter for an operator of a switchboard, or an officer, employee, or agent of a provider of wire or electronic communication service, whose facilities are used in the transmission of a wire or electronic communication, to intercept, disclose, or use that communication in the normal course of his employment while engaged in any activity which is a necessary incident to the rendition of his service or to the protection of the rights or property of the provider of that service, except that a provider of wire communication service to the public shall not utilize service observing or random monitoring except for mechanical or service quality control checks.
It would seem to me that blocking UCE to clients who have signed off on our policy of doing so would fall under the auspices of "normal course of his employment while engaged in any activity which is a necessary incident to the rendition of his service or to the protection of the rights or property of the provider of that service".
It has to be a "necessary incident". Routing is an example of something thats necessary incident to rendition of service. Or it could be for the protection of rights or property (the oft-used abuse clause). In this case, it says at the the end that service providers "shall not utilize service observing or random monitoring except for mechanical or service quality control checks" Of course, this is all moot with mutual consent. But then you have to show where Norcal signed off on Verio's policy. Since they aren't Verio's customer, it doesn't seem likely they agreed to Verio's policy. And of course, if Norcal claims they didn't agree to allow Verio to monitor and publish their traffic, and Verio has no paper that Norcal did agree, it seems difficult for Verio to prove that Norcal did agree. Which adds up to something called "exposure". --Dean [Though, I suppose we have progressed from two years ago when people were certain that 2511 "only applied to telcos".] ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Dean Anderson wrote:
In this case, it says at the the end that service providers "shall not utilize service observing or random monitoring except for mechanical or service quality control checks"
Dropping spam on the floor is a "service quality control check". If it can be made mechanical (as opposed to hiring a staff of hundreds to read each incoming message to determine if it is spam or not) then it would fit under this description. -- -- *-----------------------------* Phil Howard KA9WGN * -- -- | Inturnet, Inc. | Director of Internet Services | -- -- | Business Internet Solutions | eng at intur.net | -- -- *-----------------------------* phil at intur.net * --
On Tue, Feb 02, 1999 at 09:43:41PM -0500, Dean Anderson wrote:
Of course, this is all moot with mutual consent. But then you have to show where Norcal signed off on Verio's policy. Since they aren't Verio's customer, it doesn't seem likely they agreed to Verio's policy. And of course, if Norcal claims they didn't agree to allow Verio to monitor and publish their traffic, and Verio has no paper that Norcal did agree, it seems difficult for Verio to prove that Norcal did agree. Which adds up to something called "exposure".
Read our policy: http://www.qual.net/support/aup.html Our customer, let's call them "X", agrees to our policy. Our policy clearly states that their connection is at will, and can be terminated or restricted at any time by us. So there you have it, CYA.
At 21:43 2/2/99 -0500, you wrote:
It would seem to me that blocking UCE to clients who have signed off on our policy of doing so would fall under the auspices of "normal course of his employment while engaged in any activity which is a necessary incident to the rendition of his service or to the protection of the rights or property of the provider of that service".
It has to be a "necessary incident". Routing is an example of something thats necessary incident to rendition of service. Or it could be for the protection of rights or property (the oft-used abuse clause).
In this case, it says at the the end that service providers "shall not utilize service observing or random monitoring except for mechanical or service quality control checks"
This has been ssoooooooo hashed out here, with the general consensus being that 18 USC 2511 was inapplicable to blocking email. Furtherance of this argument can be found at http://www.jya.com/usam9007.htm#1042 which is the US Attorney's Manual published by the Dept. of Justice. A couple of relevant points: "Scope of 18 U.S.C 2511 Prohibitions Section 2511 of Title 18 prohibits the unauthorized interception, disclosure, and use of wire, oral, or electronic communications. The prohibitions are absolute, subject only to the specific exemptions in Title III. Consequently, unless an interception is specifically authorized, it is impermissible and, assuming existence of the requisite criminal intent, in violation of 18 U.S.C. 2511." "1053 Exceptions to the Prohibitions -- Interceptions by Providers of Wire or Electronic Communications Services Section 2511(2)(a)(i) of Title 18 permits employees of providers of wire or electronic communication services to intercept, disclose or use wire or electronic communications in the normal course of employment while engaged in any activity which is necessarily incident to the rendition of service or to the protection of the rights or property of the carrier of the communication. (The 1994 Act made a "technical correction" that expanded this exception, which applies to wire or electronic service providers in the normal course of their business of rendering services or protecting rights or property to include not only wire communications but also electronic communications. House Rep. No. 103-827, 103d Cong., 2d Sess. 31 (1994), reprinted in 1994 U.S.Code Cong. & Ad.News 3489, 3511.) Interception, divulgence, or use for other purposes is not permitted. " Also listed is the definition of "intercept", which is to acquire the contents of a communication (blocking/filtering clearly fails here). We can also see that monitering to improve service or "...protection of the rights or property of the carrier..." is specifically permitted. So, if you're blocking email because you didn't give the spammer permission to use your systems, you're legal. If your tracking packets you didn't authorize to pass through your system, you're legal. Microsoft Windows(tm): How much hair did you want to tear out today? Dean Robb PC-EASY computer services (757) 495-EASY [3279]
participants (4)
-
Christopher Neill -
Dean Anderson -
Dean Robb -
Phil Howard