Congress may require ISPs to block fraud sites H.R.3817

Mark Andrews marka at isc.org
Fri Nov 6 00:06:06 UTC 2009


In message <23895.1257461806 at turing-police.cc.vt.edu>, Valdis.Kletnieks at vt.edu writes:
> --==_Exmh_1257461806_2581P
> Content-Type: text/plain; charset=us-ascii
> 
> On Thu, 05 Nov 2009 16:40:09 CST, Bryan King said:
> > Did I miss a thread on this? Has anyone looked at this yet?
> 
> > `(2) INTERNET SERVICE PROVIDERS- Any Internet service provider that, on 
> > or through a system or network controlled or operated by the Internet 
> > service provider, transmits, routes, provides connections for, or stores 
> > any material containing any misrepresentation of the kind prohibited in 
> > paragraph (1) shall be liable for any damages caused thereby, including 
> > damages suffered by SIPC, if the Internet service provider--
> 
> "routes" sounds the most dangerous part there.  Does this mean that if
> we have a BGP peering session with somebody, we need to filter it?
> 
> Fortunately, there's the conditions:
> 
> > `(A) has actual knowledge that the material contains a misrepresentation 
> > of the kind prohibited in paragraph (1), or
> 
> > `(B) in the absence of actual knowledge, is aware of facts or 
> > circumstances from which it is apparent that the material contains a 
> > misrepresentation of the kind prohibited in paragraph (1), and
> 
> > upon obtaining such knowledge or awareness, fails to act expeditiously 
> > to remove, or disable access to, the material.
> 
> So the big players that just provide bandwidth to the smaller players are
> mostly off the hook - AS701 has no reason to be aware that some website in
> Tortuga is in violation (which raises an intresting point - what if the
> site *is* offshore?)

Unless it is informed.  Once it is informed it has to take action.
Turning the informer off, luckily, doesn't meet the requirements
for "taking action" as you need to protect all of your customers
or make yourself liable for prosecution.

I suspect informing a closer peer that is also subject to the act
would be seen as taking reasonable action as it could be reasonably
assumed that they will take appropriate steps, but one would have
to check that the material was removed/blocked.

If you run a residential network, it appears to me that,  you are
now responsible for seeing that all material that is subject to the
act that is reported to you by your customers is addressed.

INAL.
 
> And the immediate usptreams will fail to obtain knowledge or awareness of
> their customer's actions, the same way they always have.
> 
> Move along, nothing to see.. ;)
> 
> --==_Exmh_1257461806_2581P
> Content-Type: application/pgp-signature
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Exmh version 2.5 07/13/2001
> 
> iD8DBQFK81gucC3lWbTT17ARAjaeAJ9Snqyq/z7qeF/Z+ag+xluKfUQAdwCgrJ4V
> LyG+0P2RJeLA9VRrzgejyiE=
> =Mxbr
> -----END PGP SIGNATURE-----
> 
> --==_Exmh_1257461806_2581P--
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org




More information about the NANOG mailing list