Policies affecting the Internet as a whole - Hitting where it hurts

Fri Dec 27 20:23:41 UTC 1996

> Recently one of their customers decided the incoming directory on our FTP
> server would be a good place to start a warez site. We mailed help at uu.net
> and noc at uu.net. Our mail included the src IP address and the times that
> the uploading of the warez occurred. They were fairly quick to respond
> with UUNet's policy on these matters. Basically they will only take action
> when told to do so by a law-enforcement agency.

This is a bad idea.  Once they were informed, by anyone including a private
citizen, that they were an accomplice to theft, it became their responsibility
to report it AND take reasonable steps to avoid having it happen again.  The
all-holy "common carrier" mantra does not excuse outright illegality after
notice has been given.

> Ok, fine. I understand that they have to protect their interests and that
> there are legal implications to all of this. I tend to agree that this
> position is the safest one to take.

I don't agree, and it wasn't (isn't) safe.

> This raises important issues, though. What do we expect providers to do?
> Do we expect them to take action based on email received from
> unknown people? It seems from some of the other posts on this topic that 
> we do expect that.

They are expected (by law, and by me) to do the "best reasonable effort"
thing I was talking about before.  If someone says "you are helping person X
to break the law" then UUNET -- or any of us -- has to make at least a cursory
investigation, and if anything comes of it a report has to be made to the law
enforcement people and "reasonable steps" have to be taken to prevent a
reoccurance.  I wish I could quote the title and verse of this but I had it
quoted to me when I was involved in the events that were later written up in
Markoff's book and I remember it pretty clearly.  (The law applies to the
employee in this case, not to the corporation or its officers.)

> I think if you are getting attacked from a specific IP or block of IPs,
> you have every right to filter those packets. I question the prudence of a
> 'blacklist', though.

I have not yet been threatened for hosting the http://www.vix.com/spam/ page.
I fully expect to be threatened at some point, but since I'm not in the ISP
business it's rather hard to argue restraint of trade.