Eat this RIAA (or, the war has begun?) - Why not all ISPs?

• Previous message (by thread): Eat this RIAA (or, the war has begun?) - Why not all ISPs?
• Next message (by thread): Eat this RIAA (or, the war has begun?) - Why not all ISPs?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 11:01 AM -0700 8/22/02, Nigel Clarke wrote:
>Jeff,
>
>In a nutshell you're saying do nothing.


Not necessarily ...

Each network operator will need to make their own decisions.

There are various associations that lobby on behalf of ISPs, 
telecommunications companies, educational institutions, and others 
and those groups might choose to work with Congress to see if we can 
get reasonable laws passed, keep unreasonable laws from being passed, 
or get existing unreasonable laws revised. In fact I assume that they 
are already doing that. They might also work with the courts (would 
need to join someone else's court case probably) to see if we can get 
reasonable interpretations of the laws. Some of us who don't belong 
to such organizations now might consider joining.

Individuals and individual organizations can work with Congress as well.

Some organizations may think this is a good time to update their 
policies and procedures so that they explicitly address new 
circumstances that we are now confronted with and provide a firm 
legal basis for taking actions, when appropriate, that don't conflict 
with obligations to end users or others. The DMCA pretty much 
requires this, although the DMCA doesn't say exactly what one is 
required to do other than have and implement "reasonable" policies. 
Having explicit policies can sometimes allow you to refuse to do 
something as well as require you to do something.

We can all talk to the press and others to raise awareness of these issues.

We might have a session at a NANOG meeting to talk more about these 
issues. We could invite the RIAA, folks from Congress, folks from 
China, and Janis Ian (Do we think the RIAA is as brave as the FBI and 
might actually stand up in front of a NANOG meeting? Would be fun to 
find out.). To the extent that the issues are international in scope 
we can talk to our international colleagues about them or encourage 
discussions by the NANOG-like groups in other parts of the world.

We might want to work through IETF or elsewhere to develop protocols 
to distribute lists of IP addresses, ranges of IP addresses, lists of 
ASs, that should be blocked in some fashion so if we are required to 
do these sort of things that they can be applied by everyone more or 
less equally and that the overhead of doing them and keeping track of 
them is shared among many providers and doesn't just land on the 
providers that happen to be targeted by someone.  We might consider 
establishing a clearing house that helps us all deal with these 
matters. Or we might not want to do any of these things since it 
might make it easier for someone to ask us to do it.

We might work at IETF or elsewhere to write a best practices RFC or 
similar document that talks about how ISPs should address these 
issues. We might write another best practices RFC that helps non-ISPs 
understand what actions they can and should take when they encounter 
these sorts of problems (on-going online theft of copyrighted 
materials or other intellectual property).

Most of all I think we need to avoid general vigilante or retaliatory 
action against the RIAA or others that might be illegal. I think we 
might be justified in taking specific actions to prevent attacks on 
or harm to our customers, ourselves, or our peers. I think it will be 
easier to defend those specific actions if they are based on 
thoughtfully developed policies. I think it will be much harder to 
justify taking those specific actions if the RIAA or others talk 
Congress into passing laws that explicitly allow them to attack 
others under some circumstances. I think the main action here is 
likely to be before Congress and in the courts for sometime to come. 
If we care about this, we need to engage in those arenas.

Sorry this got so long and sounds a bit like something you might 
expect to hear in a high school civics class.

    -Jeff Ogden
     Merit Network


>-----Original Message-----
>From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
>Jeff Ogden
>Sent: Thursday, August 22, 2002 7:42 AM
>To: nanog at merit.edu
>Subject: RE: Eat this RIAA (or, the war has begun?) - Why not all ISPs?
>
>At 10:32 PM -0700 8/21/02, Nigel Clarke wrote:
>>However, this type of action might not be necessary at all.
>>
>>Some of the users on this list think RIAA's recent actions are nothing more
>>than empty threats.
>>Why doesn't NANOG make a few of its own?
>>
>>A "polite" letter from a NANOG representative should do the trick.
>
>
>Just to state the obvious, no one is authorized to represent NANOG in
>this fashion, not even folks here at Merit. NANOG isn't a decision
>making organization. NANOG isn't something that can take actions
>(other than holding a few meetings each year and managing this e-mail
>list).
>
>Individuals and organizations that participate in NANOG can take
>actions, but not in NANOG's name.  I'm no lawyer, but I suspect that
>lawyers should be consulted before taking individual or coordinated
>action of the sort being suggested against another organization.
>
>Of course IPSs do take action against individuals or organizations
>all of the time, but they need to do that based on policies and
>procedures that take into account their obligations to their
>customers as well as their obligations under the law.
>
>As an end user I really don't want my ISP to make decisions about who
>is allowed to communicate with me or who I am allowed to communicate
>with except when those decisions are based on policies designed to
>protect me or others from serious problems (DDOS attacks and the
>like), even then I want those policies to be written and available so
>I can review them, and I want them to be applied fairly.
>
>As an ISP I really don't want my upstream ISPs to make decisions
>about who is allowed to communicate with my network or who my network
>is allowed to communicate with except under the conditions outlined
>in my agreements with those ISPs. This is important to me if I am in
>turn going to be able to meet my obligations to my own end users.
>
>So, I really don't want the RIAA to tell me or my upstreams who I
>can't communicate with, but neither do I want my upstreams to tell me
>that I can't communicate with the RIAA or the labels if I (or really
>my customers) want to do so.
>
>     -Jeff Ogden
>      Merit Network

• Previous message (by thread): Eat this RIAA (or, the war has begun?) - Why not all ISPs?
• Next message (by thread): Eat this RIAA (or, the war has begun?) - Why not all ISPs?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]