Congress may require ISPs to block fraud sites H.R.3817

Christopher Morrow morrowc.lists at
Fri Nov 6 15:51:48 UTC 2009

On Thu, Nov 5, 2009 at 7:44 PM, Richard Bennett <richard at> wrote:
> I think the idea is for the government to create an official blacklist of
> the offending sites, and for ISPs to consult it before routing a packet to

this works exceptionally unwell for the Singaporese(ian) govt'...
(list of bad sites comes out monthly, montly+1min all sites change
ips, weee!)

> the fraud site. The common implementation would be an ACL on the ISPs border

'common implementation' isn't 'common' nor 'implementable' in many cases.

> router. The Congress doesn't yet understand the distinction between ISPs and
> transit providers, of course, and typically says that proposed ISP

nor 'web hosting farm' ... (of course FastFlux puts a hole in the
'hosting' part of that)

> regulations (including the net neutrality regulations) apply only to
> consumer-facing service providers.
> If this measure passes, you can expect expansion of blocking mandates for
> rogue sites of other kinds, such as kiddie porn and DMCA scofflaws.

sure, been there, done that... German anti-nazi-propganda laws anyone?
(or france or singapore or ...)

(Note, I don't think that NO LAW is a good answer, but often the laws
proposed or passed seem to misunderstand how the networks are

> RB
> Steven Bellovin wrote:
>> On Nov 5, 2009, at 5:56 PM, Valdis.Kletnieks at wrote:
>>> On Thu, 05 Nov 2009 16:40:09 CST, Bryan King said:
>>>> Did I miss a thread on this? Has anyone looked at this yet?
>>>> `(2) INTERNET SERVICE PROVIDERS- Any Internet service provider that, on
>>>> or through a system or network controlled or operated by the Internet
>>>> service provider, transmits, routes, provides connections for, or stores
>>>> any material containing any misrepresentation of the kind prohibited in
>>>> paragraph (1) shall be liable for any damages caused thereby, including
>>>> damages suffered by SIPC, if the Internet service provider--
>>> "routes" sounds the most dangerous part there.  Does this mean that if
>>> we have a BGP peering session with somebody, we need to filter it?
>> Also "transmits".  (I'm impressed that someone in Congress knows the word
>> "routes"....)
>>> Fortunately, there's the conditions:
>>>> `(A) has actual knowledge that the material contains a misrepresentation
>>>> of the kind prohibited in paragraph (1), or
>>>> `(B) in the absence of actual knowledge, is aware of facts or
>>>> circumstances from which it is apparent that the material contains a
>>>> misrepresentation of the kind prohibited in paragraph (1), and
>>>> upon obtaining such knowledge or awareness, fails to act expeditiously
>>>> to remove, or disable access to, the material.
>>> So the big players that just provide bandwidth to the smaller players are
>>> mostly off the hook - AS701 has no reason to be aware that some website
>>> in
>>> Tortuga is in violation (which raises an intresting point - what if the
>>> site *is* offshore?)
>>> And the immediate usptreams will fail to obtain knowledge or awareness of
>>> their customer's actions, the same way they always have.
>> Note the word "circumstances"...
>>> Move along, nothing to see.. ;)
>> Until, of course, some Assistant U.S. Attorney or some attorney in a civil
>> lawsuit decides you were or should have been aware and takes you to court.
>>  You may win, but after spending O(\alph_0) zorkmids on lawyers defending
>> yourself....
>>        --Steve Bellovin,
> --
> Richard Bennett
> Research Fellow
> Information Technology and Innovation Foundation
> Washington, DC

More information about the NANOG mailing list