From: Stephen Sprunk [mailto:stephen@sprunk.org] [..] Common carrier status exists for this very reason. Unfortunately, it probably means we'll have to stop filtering things like spam and DoS, since filtering on content inherently violates common carrier protection -- see the smut suit against AOL a few years ago.
Come on, don't go lumping DoS and smut into the same basket. You can't be possibly serious about considering the two to be equals. In other words, you reasoning is quite flawed the way I see it, and blocking DoS is indeed legitimate and legally supportable. Excesses are rarely protected by any legal statutes. Thanks, Christian ***** "The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers."
Thus spake "Kuhtz, Christian" <christian.kuhtz@bellsouth.com>
From: Stephen Sprunk [mailto:stephen@sprunk.org] [..] Common carrier status exists for this very reason. Unfortunately, it probably means we'll have to stop filtering things like spam and DoS, since filtering on content inherently violates common carrier protection -- see the smut suit against AOL a few years ago.
Come on, don't go lumping DoS and smut into the same basket. You can't be possibly serious about considering the two to be equals.
Okay, I'll admit filtering DoS will probably survive given it's a problem for the carrier, not just the customer. But my original point is that as long as ISPs do not examine the contents of a customer's packets, they cannot be held liable for what's in them. Content filtering, whether for smut, spam, or piracy, is a serious argument against ISPs claiming common carrier status.
In other words, you reasoning is quite flawed the way I see it, and blocking DoS is indeed legitimate and legally supportable. Excesses are rarely protected by any legal statutes.
To the extent a customer attacks or defrauds the carrier itself, protection measures are allowed. But you cannot "protect" the public at large without a court order to do so. S Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking
Stephen Sprunk wrote:
Okay, I'll admit filtering DoS will probably survive given it's a problem for the carrier, not just the customer. But my original point is that as long as ISPs do not examine the contents of a customer's packets, they cannot be held liable for what's in them. Content filtering, whether for smut, spam, or piracy, is a serious argument against ISPs claiming common carrier status.
Content filtering can get you in trouble. It will be interesting to see what happens if a virus makes it through one of these ISP's virus protectors and infects someone; especially since they give it as a selling point. On the other hand, and ISP that does an action such as executable stripping or virus scanning not as a selling point, but as a protection measure of the carrier itself has no responsibility to the customer. In the same reguards, filtering has a limited scope. While an ISP can filter for spam and viruses, to actually filter for illegal activity is more difficult. Given the war on spam and the fact that it's not going to end soon, I'd say trying to say an ISP is liable for scams or other illegal activity is a little far fetched. On the other hand, an ISP that *is* aware of illegal activity would be negligent not to look into it. In piracy cases, however, a simple 'give me the supoena and I'll give you the name and address' should suffice. After all, if you are being harrassed, you don't call the phone company to take care of the customer. You call the legal authorities. -Jack
On Mon, 31 Mar 2003, Jack Bates wrote:
On the other hand, an ISP that *is* aware of illegal activity would be negligent not to look into it.
How about the tier1's who route abuse@ to /dev/null? IMHO they are negligent and should be held liable... -Dan -- [-] Omae no subete no kichi wa ore no mono da. [-]
Dan Hollis wrote:
On Mon, 31 Mar 2003, Jack Bates wrote:
On the other hand, an ISP that *is* aware of illegal activity would be negligent not to look into it.
How about the tier1's who route abuse@ to /dev/null? IMHO they are negligent and should be held liable...
I completely agree. Of course, they may be relying on the fact that they don't do anything outside of the scope of being a common carrier, so they shouldn't be held liable, despite the fact that they go against the agreed upon common good (i.e. abuse@ being manned). -Jack
Thus spake "Dan Hollis" <goemon@anime.net>
On Mon, 31 Mar 2003, Jack Bates wrote:
On the other hand, an ISP that *is* aware of illegal activity would be negligent not to look into it.
How about the tier1's who route abuse@ to /dev/null? IMHO they are negligent and should be held liable...
Any actionable notice about illegal activities will come via conventional channels from law enforcement officials -- not via email from customers or other operators. Since a common carrier can't filter on content -- only fraudulent and malicious activity against the carrier itself -- there's not much (legal) purpose in maintaining an abuse@ alias. Abuse reporting exists in its current form today because (a) there's no laws against most "abuse", and (b) the cops refuse to act unless you claim at least $250k in damages per event. As the lawyers sink their teeth into the net, you're going to find less and less "good will" out there simply because it opens you to liabilty in court. S Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking
On Mon, 31 Mar 2003, Stephen Sprunk wrote:
Since a common carrier can't filter on content -- only fraudulent and malicious activity against the carrier itself -- there's not much (legal) purpose in maintaining an abuse@ alias.
Of course these are the same tier1s who whinge when people nullroute them... -Dan -- [-] Omae no subete no kichi wa ore no mono da. [-]
On Mon, 31 Mar 2003, Jack Bates wrote:
On the other hand, an ISP that *is* aware of illegal activity would be negligent not to look into it.
How about the tier1's who route abuse@ to /dev/null? IMHO
Actually from an end-user perspective actionable notice of anything will originate with the customers more often than not. If the police come to you as an ISP and they inform you of something illegal happening inside your ISP you have blown it. ISP's need to be able to at least tell themselves that they know what is happening. By the way - the big one these days is the claim from the Tier-2/3 player that they are really subject to the same rules that the Tier-1 players are and that simply isn't true - nor should it be. Todd -----Original Message----- From: Stephen Sprunk [mailto:stephen@sprunk.org] Sent: Monday, March 31, 2003 4:29 PM To: Dan Hollis; Jack Bates Cc: Kuhtz, Christian; todd glassey; Michael Loftis; Robert A. Hayden; North American Noise and Off-topic Gripes Subject: Re: State Super-DMCA Too True Thus spake "Dan Hollis" <goemon@anime.net> they are
negligent and should be held liable...
Any actionable notice about illegal activities will come via conventional channels from law enforcement officials -- not via email from customers or other operators. Since a common carrier can't filter on content -- only fraudulent and malicious activity against the carrier itself -- there's not much (legal) purpose in maintaining an abuse@ alias. Abuse reporting exists in its current form today because (a) there's no laws against most "abuse", and (b) the cops refuse to act unless you claim at least $250k in damages per event. As the lawyers sink their teeth into the net, you're going to find less and less "good will" out there simply because it opens you to liabilty in court. S Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking
Thus spake "todd glassey" <todd.glassey@worldnet.att.net>
By the way - the big one these days is the claim from the Tier-2/3 player that they are really subject to the same rules that the Tier-1 players are and that simply isn't true - nor should it be.
There is no technical or legal difference between tier-1 and tier-2/3 service providers. Heck, NANOG has been collectively working on it for years and we haven't even come up with definitions for the various "tiers" yet. The distiction is between those who provide network transport and those who provide application services across that network. The former can seek refuge as common carriers, but the latter clearly cannot. I pity the ABA if you really are their liaison to our industry. Worse, I pity our industry for what kinds of ridiculous laws we'll soon be subjected to. S Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking
Thanks Stephen - -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Stephen Sprunk Sent: Monday, March 31, 2003 7:57 PM To: todd glassey; Dan Hollis; Jack Bates Cc: Kuhtz, Christian; Michael Loftis; Robert A. Hayden; North American Noise and Off-topic Gripes Subject: Re: State Super-DMCA Too True Thus spake "todd glassey" <todd.glassey@worldnet.att.net>
By the way - the big one these days is the claim from the Tier-2/3 player that they are really subject to the same rules that the Tier-1 players are and that simply isn't true - nor should it be.
There is no technical or legal difference between tier-1 and tier-2/3 service providers. Heck, NANOG has been collectively working on it for years and we haven't even come up with definitions for the various "tiers" yet. The distiction is between those who provide network transport and those who provide application services across that network. The former can seek refuge as common carriers, but the latter clearly cannot. I pity the ABA if you really are their liaison to our industry. Worse, I pity our industry for what kinds of ridiculous laws we'll soon be subjected to. S Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking
participants (5)
-
Dan Hollis
-
Jack Bates
-
Kuhtz, Christian
-
Stephen Sprunk
-
todd glassey