Interesting warning regarding filesharing

Fri Feb 27 20:18:47 UTC 2004

On Fri, Feb 27, 2004 at 12:50:34PM -0600, Garth Meisel wrote:
>I don't remember where I heard something that lies within this last post about 
>ISP's reporting the users to the authorities.  Some ISP's were reporting the 
>IP's, bandwidth used, and providing names of users to the authorities.  
>Somewhere down the road someone said "Invasion of privacy" or some other 
>legitimate right and now some ISP's have either had to rewrite their customer 
>contracts but some have outright refused to co-operate with the authorities.  

Most Terms of Service contracts with ISPs allow the ISP to reveal certain
aspects of your user information simply by fiat, though that is changing
a little bit as people begin to read the contracts they sign and choose
between functionally equivalent providers based on how draconian their
TOS are [1].  In any case, if an ISP is subpoenaed for client information,
they are obliged to produce that information.

>That without a doubt cannot be 
>legal in any way shape or form no matter who the authority is SO LONG as the 
>activity is not TERRORIST related but this also a new area without much 
>precedent thus far.    

This is a common misconception about precedent in the Internet age [2].
Most issues at law are well-covered by precedent by this point, such as
client confidentiality and user information lists.  These issues have
been well tested long before the computer came along, and the precedents
are valid.  Most Internet activity when addressed in a courtroom is
simply an different medium for the same content, and law is frequently
medium-neutral.

In the case of ISPs, they must produce their client's information when 
presented with a court order, or they must challenge the order (Shaw 
Communications is doing this at the moment).  It is likely that as ISP 
the doesn't maintain records of which customers are using which IP 
addresses and how much bandwidth each customer is using could be found 
negligent in a civil suit because they create an environment which 
encourages criminal activity.

[1]	This came up a few years ago when Yahoo bought Geocities, and
changed the TOS (which was legal) to read that information presented on
Geocities web space was the property of Geocites/Yahoo (which is also
legal).  This cheesed a lot of people off, and they changed their TOS,
but it was legal.  I haven't read the Hotmail TOS in a while, but M$ may
well own all that you write from a Hotmail account.

[2]	Some issues are relatively new though, such as whether
cross-indexing databases, cross-site scripting and click tracking is an
invasion of privacy or whether computer-generated personal information
databases are salable intellectual property or whether they are
derivative works.  We do live in interesting times, and since "ethic
change with technology" (i.e., what is acceptable depends on what is
possible) things are only going to get more interesting.
-- 

yours,

William

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml