Re: Monitoring, Flow Stats (Re: spam whore, norcal-systems)
At 06:16 PM 2/1/1999 -0500, Jared Mauch wrote:
Interesting coroloary,
Is it illegal for me to do flow-stats, as that examines packets (in the same way one would filter), causing this data to be stored on my flow stats server?
If you read the statute, it permits monitoring for quality control purposes, which your flowstats are. There is no exception in 2511 for what Ravi did. Does Verio often reveal confidential information about their customers' customers traffic? I wonder how Verio's ISP customers/peers feel about that. I know I wouldn't be happy if UUnet or BBN thought they could capture and publish my customers packets. My customers include insurance and health care (privacy intensive) companies. They would be very unhappy if we used someone who had this attitude. The anti-spammers usually claim the abuse exception as justification for instituting a block. Its their best (though still flimsy) argument. Its flimsy since the congress has the authority to regulate or ban spam, and the congress did pass laws banning junk faxes, and limiting calls to cell phones, yet they have not yet banned spam. Nor has any court found spam by itself to be an abuse. The one spam related law that was before the congress would have placed some requirements on spammers, but would have made it specifically not an abuse for 2511. In other words, the congress doesn't agree with the anti-spammers. --Dean ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
See what happens when we level the rain-forests - we destroy a cure for this... On Tue, 2 Feb 1999, Dean Anderson wrote:
If you read the statute, it permits monitoring for quality control purposes, which your flowstats are.
There is no exception in 2511 for what Ravi did. Does Verio often reveal confidential information about their customers' customers traffic? I wonder how Verio's ISP customers/peers feel about that. I know I wouldn't be happy if UUnet or BBN thought they could capture and publish my customers packets. My customers include insurance and health care (privacy intensive) companies. They would be very unhappy if we used someone who had this attitude.
The anti-spammers usually claim the abuse exception as justification for instituting a block. Its their best (though still flimsy) argument. Its flimsy since the congress has the authority to regulate or ban spam, and the congress did pass laws banning junk faxes, and limiting calls to cell phones, yet they have not yet banned spam. Nor has any court found spam by itself to be an abuse. The one spam related law that was before the congress would have placed some requirements on spammers, but would have made it specifically not an abuse for 2511. In other words, the congress doesn't agree with the anti-spammers.
--Dean ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- I am nothing if not net-Q! - ras@poppa.thick.net
On Tue, Feb 02, 1999 at 09:43:37PM -0500, Dean Anderson wrote:
The anti-spammers usually claim the abuse exception as justification for instituting a block. Its their best (though still flimsy) argument. Its flimsy since the congress has the authority to regulate or ban spam, and the congress did pass laws banning junk faxes, and limiting calls to cell phones, yet they have not yet banned spam. Nor has any court found spam by itself to be an abuse. The one spam related law that was before the congress would have placed some requirements on spammers, but would have made it specifically not an abuse for 2511. In other words, the congress doesn't agree with the anti-spammers.
I really would beg to differ--congress has the right to legistlate, certainly, and until they do legislate one way or the other on the matter its pretty much in the ISPs hands; let's look at it this way, shall we: it may be your "${deity} given right" to try to send out spam, but until you own your mail server, the recipients mail server and all the transit in between, it is the operator of said equipment's right to abitrarily block and/or inspect data passing through that point in the course of operating their network. Let me also point out a couple of things you seem to have missed: * in the early 90s, NSF started backing out of the Internet, so instead of being a grant project of NSF/DOD the Internet came to be under private ownership. * our government tries to limit regulation on business in the interested of commerce, some exceptions we can all think of off the top of our heads come to mind like "public utilities" and trusts. * being that the Internet is not a "public utility" it is not regulated the way our LEC/IXC carriers are regulated. * in fact, by and large the Internet is not regulated at all, and regulations fail on the principal that (a) no one has singular control over the Internet and (b) it is an international entity. It is important to harp on the last fact, that the Internet is an international entity. Any attempt by the US legislation to regulate it would generally be met with either dissapproval or be wholly ignored. We have some regulations in place about the export of encryption technology in place that is probably unconstitutional and definitely unenforceable--why would be want to encourage the government to pass more unenforceable, unreasonable laws with respect to how ISPs operate? This is why the Decency Act failed so miserably. Any attempt to tell ISPs that they can't choose which kind of traffic to pass on their network takes away exactly the right that the industry ralleyed for with the CDA and I assure you, we *will* not allow our industry to be regulated like that. I have the "${deity} given right" to allow or deny traffic on my network as I see fit as an agent of Verio, period. If I choose to limit my liability by not allowing spammers to pass traffic which I have arbitrarily deemed to be dubious it is my perogative. We have a set of rules and an arbitration process to sanitize our decision making process, but the point is if I wanted to block all IP addresses with two or more "4"s on Tuesdays and Thursdays, I can. I would hope no one would be stupid enough to be my customer if that was the case; likewise, I hope that no one who sends out spam would be interested in doing business with Verio--we dont want it on our network. </rant> Chris
On Tue, 2 Feb 1999, Dean Anderson wrote:
There is no exception in 2511 for what Ravi did.
Since when does the law prohibit the monitoring of NOC email which is what Ravi did? Or are you complaining about Ravi's equipment being configured to monitor the IP address field on packets in order to route them to null0? Both of these sound like the normal course of business to me.
The anti-spammers usually claim the abuse exception as justification for instituting a block. Its their best (though still flimsy) argument.
There may be a better justification. I don't know enough details yet but I do know that cellular providers have banded together to share information on whether a subscriber is a "bandit" or not. When you roam into a new area not covered by your cellular provider, they can query a database to see if you have paid your bills with your home provider. GTE is one of three companies that operates a database service that is used by telcos all over North America. It would also be interesting to see if there are some parallels in the capabilities of CCS7 to trace phone calls. -- Michael Dillon - E-mail: michael@memra.com Check the website for my Internet World articles - http://www.memra.com
participants (4)
-
Christopher Neill -
Dean Anderson -
Michael Dillon -
Rich Sena