What can ISPs do better? Removing racism out of internet

Mel Beckman mel at beckman.org
Tue Aug 6 18:43:18 UTC 2019


Anne,

I can see the 4th amendment violation here, but are there operational issues with ISPs? For example, CALEA requires telecommunications carriers (or VoIP providers) to provide voice data streams to law enforcement agencies in real time. NSLs require production of customer information in secret, which means the ISP needs internal security procedures to avoid criminal violations of the terms of the NSL. So impacted ISP’s have a clear operational concerns in both cases.

What is the CLOUD Act’s operational impact? Is it the same as responding to an ordinary subpoena or search warrant? FISA, for example, has similar 4A issues, but no operational component for ISPs (the government intercepts data using its own means in the Internet backbone). 

One operational issue with CLOUD might be how much data an ISP turns over in a CLOUD Act request (which I gather still requires due process for the ISP). For example, when your example law enforcement agency in the UK uses their power under a CLOUD executive agreement to collect a foreign target’s data from a US ISP, can the ISP legally sanitize that data to mask US citizens information? This is, after all, the standard with FISA 702 (requiring the gov to get a warrant before looking at information collected on US intelligence agencies surveilling foreign targets). If that’s the case, then there is an operational interest in ISP-operated software to do the sanitizing.

If it’s not the case, and the ISP has to turn over anything requested, I’m not seeing the operational impact. The technical effort is no different than with today’s domestic subpoenas, which ISPs deal with all the time.

 -mel

 
> On Aug 6, 2019, at 11:17 AM, bzs at theworld.com wrote:
> 
> 
> On August 5, 2019 at 19:02 valdis.kletnieks at vt.edu (Valdis Klētnieks) wrote:
>> 
>> Hint:  The DMCA has the text about data stored on ISP servers because many ISPs
>> aren't mere conduits.  And this thread got started regarding a CDN, which is very much
>> all about storing data on servers.....
> 
> I acted as an expert witness for the FBI regarding a case which
> revolved around whether email spending time on intermediate servers is
> "storing" the data or is it just another form of wire transmission?
> 
> I don't think they came to a definitive conclusion, the case was
> basically settled out of court, plea-bargained I think, it was a
> criminal matter.
> 
> But needless to say, once again, a non-legal-expert's reading of
> "storing data on servers" doesn't amount to a hill of beans in the
> legal world.
> 
> It turned out to be very important at least in theory since illegally
> intercepting a wire transmission falls under a completely different
> law than illegally accessing stored data, the defendant was arguing
> that he'd been charged under the wrong law, and the court agreed it
> was a valid point to investigate.
> 
> So my phone rang and I tried to help with the part of that (technical)
> I knew something about, how internet email is transmitted etc. But I
> was briefed on the legal aspects to help me focus on what they needed
> and I agreed it isn't /prima facie/ obvious.
> 
> For example you may see storing of email (which may not even mean to a
> physical disk) during transmission through intermediate servers as
> "storing of data" but then again many network devices have various
> buffering mechanisms in which data might reside for some amount of
> time. Are they legally distinguishable? Should they be? etc.
> 
> -- 
>        -Barry Shein
> 
> Software Tool & Die    | bzs at TheWorld.com             | http://www.TheWorld.com
> Purveyors to the Trade | Voice: +1 617-STD-WRLD       | 800-THE-WRLD
> The World: Since 1989  | A Public Information Utility | *oo*



More information about the NANOG mailing list