Eat this RIAA (or, the war has begun?) - Why not all ISPs?
Jeff Ogden
jogden at merit.edu
Thu Aug 22 16:29:10 UTC 2002
At 11:01 AM -0700 8/22/02, Nigel Clarke wrote:
>Jeff,
>
>In a nutshell you're saying do nothing.
Not necessarily ...
Each network operator will need to make their own decisions.
There are various associations that lobby on behalf of ISPs,
telecommunications companies, educational institutions, and others
and those groups might choose to work with Congress to see if we can
get reasonable laws passed, keep unreasonable laws from being passed,
or get existing unreasonable laws revised. In fact I assume that they
are already doing that. They might also work with the courts (would
need to join someone else's court case probably) to see if we can get
reasonable interpretations of the laws. Some of us who don't belong
to such organizations now might consider joining.
Individuals and individual organizations can work with Congress as well.
Some organizations may think this is a good time to update their
policies and procedures so that they explicitly address new
circumstances that we are now confronted with and provide a firm
legal basis for taking actions, when appropriate, that don't conflict
with obligations to end users or others. The DMCA pretty much
requires this, although the DMCA doesn't say exactly what one is
required to do other than have and implement "reasonable" policies.
Having explicit policies can sometimes allow you to refuse to do
something as well as require you to do something.
We can all talk to the press and others to raise awareness of these issues.
We might have a session at a NANOG meeting to talk more about these
issues. We could invite the RIAA, folks from Congress, folks from
China, and Janis Ian (Do we think the RIAA is as brave as the FBI and
might actually stand up in front of a NANOG meeting? Would be fun to
find out.). To the extent that the issues are international in scope
we can talk to our international colleagues about them or encourage
discussions by the NANOG-like groups in other parts of the world.
We might want to work through IETF or elsewhere to develop protocols
to distribute lists of IP addresses, ranges of IP addresses, lists of
ASs, that should be blocked in some fashion so if we are required to
do these sort of things that they can be applied by everyone more or
less equally and that the overhead of doing them and keeping track of
them is shared among many providers and doesn't just land on the
providers that happen to be targeted by someone. We might consider
establishing a clearing house that helps us all deal with these
matters. Or we might not want to do any of these things since it
might make it easier for someone to ask us to do it.
We might work at IETF or elsewhere to write a best practices RFC or
similar document that talks about how ISPs should address these
issues. We might write another best practices RFC that helps non-ISPs
understand what actions they can and should take when they encounter
these sorts of problems (on-going online theft of copyrighted
materials or other intellectual property).
Most of all I think we need to avoid general vigilante or retaliatory
action against the RIAA or others that might be illegal. I think we
might be justified in taking specific actions to prevent attacks on
or harm to our customers, ourselves, or our peers. I think it will be
easier to defend those specific actions if they are based on
thoughtfully developed policies. I think it will be much harder to
justify taking those specific actions if the RIAA or others talk
Congress into passing laws that explicitly allow them to attack
others under some circumstances. I think the main action here is
likely to be before Congress and in the courts for sometime to come.
If we care about this, we need to engage in those arenas.
Sorry this got so long and sounds a bit like something you might
expect to hear in a high school civics class.
-Jeff Ogden
Merit Network
>-----Original Message-----
>From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
>Jeff Ogden
>Sent: Thursday, August 22, 2002 7:42 AM
>To: nanog at merit.edu
>Subject: RE: Eat this RIAA (or, the war has begun?) - Why not all ISPs?
>
>At 10:32 PM -0700 8/21/02, Nigel Clarke wrote:
>>However, this type of action might not be necessary at all.
>>
>>Some of the users on this list think RIAA's recent actions are nothing more
>>than empty threats.
>>Why doesn't NANOG make a few of its own?
>>
>>A "polite" letter from a NANOG representative should do the trick.
>
>
>Just to state the obvious, no one is authorized to represent NANOG in
>this fashion, not even folks here at Merit. NANOG isn't a decision
>making organization. NANOG isn't something that can take actions
>(other than holding a few meetings each year and managing this e-mail
>list).
>
>Individuals and organizations that participate in NANOG can take
>actions, but not in NANOG's name. I'm no lawyer, but I suspect that
>lawyers should be consulted before taking individual or coordinated
>action of the sort being suggested against another organization.
>
>Of course IPSs do take action against individuals or organizations
>all of the time, but they need to do that based on policies and
>procedures that take into account their obligations to their
>customers as well as their obligations under the law.
>
>As an end user I really don't want my ISP to make decisions about who
>is allowed to communicate with me or who I am allowed to communicate
>with except when those decisions are based on policies designed to
>protect me or others from serious problems (DDOS attacks and the
>like), even then I want those policies to be written and available so
>I can review them, and I want them to be applied fairly.
>
>As an ISP I really don't want my upstream ISPs to make decisions
>about who is allowed to communicate with my network or who my network
>is allowed to communicate with except under the conditions outlined
>in my agreements with those ISPs. This is important to me if I am in
>turn going to be able to meet my obligations to my own end users.
>
>So, I really don't want the RIAA to tell me or my upstreams who I
>can't communicate with, but neither do I want my upstreams to tell me
>that I can't communicate with the RIAA or the labels if I (or really
>my customers) want to do so.
>
> -Jeff Ogden
> Merit Network
More information about the NANOG
mailing list