To quibble: >>Current US law seems to view examining transit traffic like radio >>interception - a no-no, for the most part. ... > >In that case, the law (as a prominent English judge once remarked)> >would be an ass. Of this, there can be little doubt. >Using (only) radio analogies in determining >legalities for "domain- style" networks means that the resulting laws >and directives will be fundamentally broken. Remember, an inherent >difference between "broadcast spectrum" and "routable protocol" >networks is that the latter can only work by *requiring* >intermediary "inspection" of (part of) the information flow across >what may be loosely conceived of as "ownership boundaries" (and, >worse, "media translation" (and some other services required to make >our modern networks work) requires "manipulating" more of the data >stream than simply the headers or delivery envelopes). The original author is probably referring to the Electronic Communications Privacy Act (the federal wiretap laws), 18 USC 2510 et seq., an article of legislation of truly horrifying lack of clarity, complexity and vagueness. ECPA provides criminal and civil penalties for the illicit interception of wire or radio communications (they receive essentially the same treatment under ECPA.) 18 USC 2511 (1) (a), http://www4.law.cornell.edu/uscode/18/2511.html. The tricky part, so far as the ability of peer ISPs to monitor traffic is concerned is the (2) (a) exception of the same act: "It shall not be unlawful under this chapter for an operator of a switchboard, or an officer, employee, or agent of a provider of wire or electronic communication service, whose facilities are used in the transmission of a wire or electronic communication, to intercept, disclose, or use that communication in the normal course of his employment <<while engaged in any activity which is a necessary incident to the rendition of his service or to the protection of the rights or property of the provider of that service,>> except that a provider of wire communication service to the public shall not utilize service observing or random monitoring except for mechanical or service quality control checks." I don't think the caselaw we have gives anybody a good idea WHAT exactly are the "rights or property of the [Internet service] provider" is, let alone what kind of monitoring is necessary to protect the same. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Jul 16 2001 - 09:50:18 PDT