It is this blending of voice and data that is going to require a whole new look at how the law is interpreted, and how we build, test and certify networks. I see many challenges to case record in light of this, as we have created loopholes that did not exist before. The case cited in your reply applies to child pornography, but my concern is in the area of voice/data on the network. What if we stumble onto something questionable while testing a circuit? Are we obligated to report it? Can it be used as evidence in a court of law? Have we committed a crime by executing an illegal wire tap? I think the current wiretap laws deal with the voice only environment, and have not taken into consideration the new possibilities that voice/data brings to the table. And I do not think current rules would apply. I think we would be OK because or work would be in the realm of circuit testing, but you never know... > -----Original Message----- > From: Larry Fitzpatrick [SMTP:lefat_private] > Sent: Tuesday, January 18, 2000 9:59 PM > To: Crumrine, Gary L; firewall-wizardsat_private > Subject: Re: Legal question > > A bit more information. I hope Mr. Chabinsky (many thanks, and sorry for > mis-spelling his name last time) doesn't mind my relaying > more of his commentary. He says: > > > Best always though to look straight to the source to capture all the > details, so here are the federal law citations (available > on-line, for free). For montoring content, see 18 U.S.C. 2511 () , and > with respect to reporting child pornography you might look > at ISP Child Abuse Reporting (). The trap and trace question is not > easily answered on the face of the statute, and would be > subject to judicial interpretation, because the statute when written did > not anticipate network traffic, see 18 U.S.C. 3127() . > > 18 U.S.C. 2511 > (http://law2.house.gov/uscode-cgi/fastweb.exe?getdoc+uscview+t17t20+1057+0 > ++()%20%20AND%20((18)%20ADJ%20USC):CITE%20AND%20(USC%20w/1 > 0%20(2511)):CITE) > > ISP Child Abuse Reporting (http://www.usdoj.gov/criminal/ceos/report.htm) > > 18 U.S.C. > 3127(http://law2.house.gov/uscode-cgi/fastweb.exe?getdoc+uscview+t17t20+11 > 64+0++()%20%20AND%20((18)%20ADJ%20USC):CITE%20AND%20(USC%2 > 0w/10%20(3127)):CITE) > > -----Original Message----- > From: Larry Fitzpatrick <lefat_private> > To: Crumrine, Gary L <CrumrineGLat_private>; firewall-wizardsat_private > <firewall-wizardsat_private> > Date: Monday, January 17, 2000 7:39 PM > Subject: Re: Legal question > > > >I asked this question this week of Steven Chabinski (the chief legal > advisor for the NIPC and assistant legal counsel for the FBI) > >at a DC-ISOC meeting on privacy. I don't have perfect recall, so any > errors are totally mine. Here's what I heard him say: > > > >There are three conditions that allow a person to peer into the content > of network traffic. 1) the people who generate the traffic > >have been notified that the traffic is being monitored, 2) a law > enforcement organization has a court order to do a wire tap, 3) a > >sysadmin is doing so to "protect his system". It doesn't matter whether > the traffic is intra-corporate or internet traffic. There > >is clearly gray-ness in point 3. Additionally, if the inspector sees > that the content contains child pornography and the inspector > >is an ISP, there is an obligation to report this to the FBI. > > > >From: Crumrine, Gary L <CrumrineGLat_private> > > > >>After wearing out my fingers during a heated conversation with another > >>colleague over legalities of certain actions, a question came up in my > mind > >>concerning sniffers and their usage. > >> > >>If a sniffer was placed on the outside of a given network, and was > >>configured to sniff packets coming from that network only, does this > >>constitute an illegal wire tap? And do the same rules apply to data as > they > >>do voice? In some cases it transits the same copper wire... ouch I am > >>getting a headache.. > >> > > > >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:58:35 PDT