Verizon must comply with RIAA's DMCA subpoena
William Allen Simpson
wsimpson at greendragon.com
Thu Jan 23 11:45:05 EST 2003
Declan McCullagh wrote:
> At 06:15 PM 1/21/2003 -0500, William Allen Simpson wrote:
> >He's placed the decision here:
> > http://www.politechbot.com/docs/verizon.riaa.decision.012103.pdf
> >
> >All this to learn the identity of a computer at a particular IP address.
> >Presumbly, Verizon will now be smart enough to say: "All of our IP
> >addresses are assigned using DHCP, and we have no record of the name
> >of any subscriber associated with an IP address."
>
> I was thinking along the same lines. This seems to be a market opportunity
> for an Internet provider that keeps no IP address<->identity records for
> more than a few minutes or hours.
>
Speaking with my ISP hat on, we had an "experience" (described on NANOG
and such) with legal process several years ago. Since then, we:
1) never back up the mail servers -- if any fail, we would regenerate
the account information from billing records, but any unPOPed mail
will be lost.
2) regenerate DSL IP addresses every 6 hours (except for those
companies paying extra for static IPs).
3) syslog dialup IPs to a separate server, where they would be lost
when the power goes away, and in any event should roll over every day.
It's not really a sales item. Since we are only local, I'm not sure how
many customers would be "sold" by this feature. Farmers and college
students tend to be oblivious.
But there is a strong economic rationale. We save untold operational
expense, support costs, and legal fees. (The legal cost of complying with
that single interstate subpoena cost us an entire month of revenue.)
The DMCA provides for "standard technical measures" that
"(C) do not impose substantial costs on service providers or substantial
burdens on their systems or networks."
Thus, we need to specifically ask our ISPs (market demand) to drive the
process for these measures that
"(A) have been developed pursuant to a broad consensus ...."
Certainly, we're part of the consensus!?!?
Neil Johnson wrote:
> Which leads me to beleive that most ISP's are going to want to to keep track
> of IP's.
Oh yes, operationally we need to keep IPs around for a short time to
track network problems and enforce the AUP. But we've found 6 hours to
a day to be entirely adequate.
--
William Allen Simpson
Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list