Policies affecting the Internet as a whole
jcurran at bbnplanet.com
Sat Dec 28 05:06:07 UTC 1996
My only request is that folks keeping lists of "cooperative"
and "uncooperative" ISP's keep in mind that it is not a world
of all black and white. In particular, there are many steps
that a provider can take to cooperate with an ongoing security
or spamming incident which are clearly valuable and legal (e.g.
confirming contact information, escalating visibility of the
situation at the customer/origin site, providing guidance on
how to filter/remedy the situation locally at the destination,
or opting to terminate service [all of the above actions are,
of course, subject to the agreement between the ISP and site]).
There are a set of actions which have been requested in the
past which violate contract, consumer protection, or federal
law in various contexts (e.g. termination w/o notice in the
absence of a threat to life/property/service, certain privacy
violations regarding email or wiretapping, etc.) Frankly,
an ISP which engages in such activities without diligence
is a hazard to us all. It will be interesting to see when
the first ISP goes out of business for terminating someone's
service without adaquate process (as the first customer
terminated without notice as a result of forged email is
going to win big in the court).
If folks can tolerate the delay associated with ISP/customer
resolution of complaints, then we may have an adaquate system.
For those who want policing of the net and instant justice,
I'd recommend investment in Internet-literate law enforcement
and judicial staff, for this is the only place where "orders"
should ever come.
More information about the NANOG