Re: Security Event / Customer Reporting

From: ethan preston (prestoneat_private)
Date: Fri Jul 13 2001 - 21:15:26 PDT

  • Next message: Aaron Silver: "Re: Security Event / Customer Reporting"

    To quibble:
     
    >>Current US law seems to view examining transit traffic like radio
    >>interception - a no-no, for the most part.  ...
    > 
    >In that case, the law (as a prominent English judge once remarked)>
    >would be an ass. 
    
    Of this, there can be little doubt.
    
    >Using (only) radio analogies in determining >legalities for "domain-
    style" networks means that the resulting laws 
    >and directives will be fundamentally broken.  Remember, an inherent 
    >difference between "broadcast spectrum" and "routable protocol" 
    >networks is that the latter can only work by *requiring* 
    >intermediary "inspection" of (part of) the information flow across 
    >what may be loosely conceived of as "ownership boundaries" (and, 
    >worse, "media translation" (and some other services required to make 
    >our modern networks work) requires "manipulating" more of the data 
    >stream than simply the headers or delivery envelopes).
    
    
    The original author is probably referring to the Electronic 
    Communications Privacy Act (the federal wiretap laws), 18 USC 2510  et 
    seq., an article of legislation of truly horrifying lack of clarity, 
    complexity and vagueness. 
    
    ECPA provides criminal and civil penalties for the illicit interception 
    of wire or radio communications (they receive essentially the same 
    treatment under ECPA.) 18 USC 2511 (1) (a), 
    http://www4.law.cornell.edu/uscode/18/2511.html. The tricky part, so 
    far as the ability of peer ISPs to monitor traffic is concerned is the 
    (2) (a) exception of the same act:
    
    "It shall not be unlawful under this chapter for an operator of a 
    switchboard, or an officer, employee, or agent of a provider of wire or 
    electronic communication service, whose facilities are used in the 
    transmission of a wire or electronic communication, to intercept, 
    disclose, or use that communication in the normal course of his 
    employment 
    <<while engaged in any activity which is a necessary incident to the 
    rendition of his service or to the protection of the rights or property 
    of the provider of that service,>>
    except that a provider of wire communication service to the public 
    shall not utilize service observing or random monitoring except for 
    mechanical or service quality control checks."
    
    I don't think the caselaw we have gives anybody a good idea WHAT 
    exactly are the "rights or property of the [Internet service] provider" 
    is, let alone what kind of monitoring is necessary to protect the same. 
    
    
    
    ----------------------------------------------------------------------------
    
    
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see:
    
    http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Mon Jul 16 2001 - 09:50:18 PDT