anonymous@extropia.wimsey.com writes:
Now, the point most internet people forget is that FIDOnet hosts are hobbyists with 100% privately-owned machines and generally pay for the entire participation of their userbase out of their own pockets, excepting a few who get some dollars here and there from their generous callers.
I have never forgotten this. But their commitment and efforts do not amount to an amendment to federal law.
As a completely justified consequence, they can decide if they allow encrypted traffic _on their individual BBSs_.
Under what legal theory do they get an ECPA exemption as a "completely justified consequence"?
In that there is considerable fear of the consequences of illegal activity being conducted on their BBSs via encrypted mail, many sysops (such as the one you mention, leaving aside, for now, that he apparently confused a PGP key with an encrypted message) do not wish to take the risk and forbid encrypted traffic.
What they don't realize is that, rather than reducing the risk of legal liability, they are increasing it.
They also monitor e-mail, if only incidentally during the course of routine system maintenance, and notices to this effect are generally contained in log-on screens and new-user info files.
Any monitoring that results *directly* as a function of system maintenance is okay--it's sanctioned by ECPA.
In that these sysops are extremely, _personally_ vulnerable, they are generally more cautious than those internet folks who can hide behind institutions and businesses.
If they were really cautious, they'd talk to a lawyer before setting policy based on some guess as to what their legal liabilities may be. --Mike