Verizon must comply with RIAA's DMCA subpoena

William Allen Simpson wsimpson at greendragon.com
Thu Jan 23 11:45:05 EST 2003


Declan McCullagh wrote:
> At 06:15 PM 1/21/2003 -0500, William Allen Simpson wrote:
> >He's placed the decision here:
> >   http://www.politechbot.com/docs/verizon.riaa.decision.012103.pdf
> >
> >All this to learn the identity of a computer at a particular IP address.
> >Presumbly, Verizon will now be smart enough to say: "All of our IP
> >addresses are assigned using DHCP, and we have no record of the name
> >of any subscriber associated with an IP address."
> 
> I was thinking along the same lines. This seems to be a market opportunity
> for an Internet provider that keeps no IP address<->identity records for
> more than a few minutes or hours.
> 
Speaking with my ISP hat on, we had an "experience" (described on NANOG 
and such) with legal process several years ago.  Since then, we: 
 1) never back up the mail servers -- if any fail, we would regenerate 
    the account information from billing records, but any unPOPed mail 
    will be lost.
 2) regenerate DSL IP addresses every 6 hours (except for those 
    companies paying extra for static IPs).
 3) syslog dialup IPs to a separate server, where they would be lost 
    when the power goes away, and in any event should roll over every day.

It's not really a sales item.  Since we are only local, I'm not sure how 
many customers would be "sold" by this feature.  Farmers and college 
students tend to be oblivious.

But there is a strong economic rationale.  We save untold operational 
expense, support costs, and legal fees.  (The legal cost of complying with 
that single interstate subpoena cost us an entire month of revenue.)

The DMCA provides for "standard technical measures" that
  "(C) do not impose substantial costs on service providers or substantial 
   burdens on their systems or networks."

Thus, we need to specifically ask our ISPs (market demand) to drive the 
process for these measures that 
  "(A) have been developed pursuant to a broad consensus ...."

Certainly, we're part of the consensus!?!?


Neil Johnson wrote:
> Which leads me to beleive that most ISP's are going to want to to keep track
> of IP's.

Oh yes, operationally we need to keep IPs around for a short time to 
track network problems and enforce the AUP.  But we've found 6 hours to 
a day to be entirely adequate.
-- 
William Allen Simpson
    Key fingerprint =  17 40 5E 67 15 6F 31 26  DD 0D B9 9B 6A 15 2C 32

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list