Congress may require ISPs to block fraud sites H.R.3817

Eric Brunner-Williams brunner at
Fri Nov 6 03:10:33 UTC 2009

Barry Shein wrote:
> I was at an IP (as in intellectual property), um, "constituency" I
> think, IPC, meeting at ICANN which basically consisted of 99 lawyers
> and me in the room.

By the Montevideo ICANN meeting '01 the "Internet Service Providers Constituency"
(ISPC) had dwindled down to the corporate trademarks portfolio managers for
the few remaining ISPs. At the Paris ICANN meeting a year ago we corrolated
the votes of the Intellectual Property, Business, and ISP Constituencies and
found that there was no discernable independence amongst them, another way of
sayins the IPC had captured the BC and ISPC.

Of course, now we have GNSO reform, and "Stakeholder Groups" replacing the

Bottom line. ISPs are f**ked by their own sonombulism. In a slightly different
and partially overlapping policy and operational scope, the Address Supporting
Organization originates no policy development of note, and has been somnolent
for most of the ICANN trajectory, so BCP 38 and sBGP and so on have no real
presence in the ICANN toolkit.

So IP lawyers are doing pretty good in the oughts, and more time and bandwidth
goes to retail cops and robbers than goes to any "critical infrastructure
vulnerability", outside of ICANN's DNS mafia, post-Kaminsky.

Any ISP that want's to spend some resources on operational issues, having some
relevance to resource identifiers, feel free to drop me a line. I could just
as well give process clue to Ops folk as ops clue to IP lawyers.

> There was a fair amount of grousing about how ISPs give them the
> run-around when they inform them of a violation looking for a
> takedown, and don't take down the site or whatever demanding (sneer
> sneer) paper from a court of competent jurisdiction as a dodge.
> I explained that they should try it from the other side, we get a fair
> amount of spurious stuff. I gave the example of a spouse in an ugly
> divorce demanding we do something or other with the web site they
> developed together in happier days IMMEDIATELY OR ELSE!!! (typically
> change the password to one only they know).
> How can we as ISPs possibly sort that out? Court orders are your
> friend, they're not that hard to get if you're legitimate.
> The way this reg is written it has that feel, it seems to promote the
> fantasy that if J. Random Voice calls me and says "a site you host,
>, violates HR3817, YOU HAVE BEEN INFORMED!" then we have
> been informed and therefore culpable/liable.
> Well, perhaps there's enough precedent that it doesn't have to be
> spelled out in that text what's meant by "knowingly" and a call like
> that wouldn't be sufficient.
> At the very least I'd require a clear transfer of liability.
> That is, if the claim (and hence, takedown) turns out to be
> unsupportable then any damages etc are indemnified by the complaining
> ("informing") party.

More information about the NANOG mailing list