anonymous writes:
Frankly, no. I have however followed this same endless debate among lawyers in BBS_LAW, however, and (if I understand all parties correctly) their assessment for the most part disagrees with the one you cite here.
I don't want to play duelling credentials, and, as I said earlier, there are some parts of ECPA over which reasonable lawyers can disagree. But many of the assumptions some sysops make about a) whether they're exempt from ECPA and b) whether they're at risk if they don't read e-mail, and c) whether it helps to have a sysop-can-read-e-mail policy when the sysop does not in fact read all e-mail, and d) whether encryption creates a special risk of liability for sysops strike me as pretty uninformed. Note: even if the courts were to decide that I'm wrong on point (a), it's irrelevant to points (b), (c), and (d) above. The notion that sysops have some *legal* reason to ban encrypted messages is profoundly silly, and unsupported by any caselaw anywhere. And you can quote me on that.
Perhaps we misunderstand each other; I do not mean, literally, that "hobby BBSs are exempt from ECPA," but that the situations addressed are generally avoided by sysop policies.
Avoidable, yes, but not by policies per se--sysops can avoid ECPA liability by contracting with users or by limiting their viewing of private mail to the specific restrictions of ECPA.
5] Is prosecutable under ECPA? If so, has such a prosecution been successful?
They're as frequent and successful as prosecutions of sysops for carrying encrypted mail. Which is to say, there are no cases on point regarding ECPA, but at least we know what the statute says. On the other hand, there's no statute that says sysops will be criminally liable if they don't ban encrypted communications.
It is my understanding that noncommercial FIDOnet participants are not in fact common carriers and that technical, legal common carrier status requires more than simply ignoring e-mail. I understand it also brings more potential liabilities than FIDO can handle.
The issue of common-carrier status isn't relevant to the points I've been making here. I'm assuming that no BBS qualifies as a common carrier.
In any case, I am informed hobby sysops have been arrested and their systems seized for allegedly illegal traffic on their systems of which they claim to have had no knowledge.
Please do not make the common layman mistake of supposing that arrest or seizure equals criminal liability. If you want to talk about specific cases, please cite them. It should be noted, however, that the Steve Jackson Games seizure occurred even though there was no illegal material on his system.
I believe this is the case in the CT case pending.
You are mistaken.
Even if these cases are eventually dismissed, the legal expense and personal disruption to a private party (usually a young person of very limited means) is catastrophic and without practical recourse.
But you still don't get it--there's no correlation between these seizures and the use of truly private or encrypted e-mail. No connection at all. Period. The link is entirely in some sysops' minds.
As I say, there seems to be a great deal more to legal "common carrier" status than simply ignoring e-mail. In FIDOdom common carrier status is regarded as a much larger can of worms, with more potential problems and liabilities for sysops than other options.
As well it should be. But common-carrier status is not the only way to avoid legal liability. --Mike