* Reply to msg originally in CYPHERPUNKS
You haven't been listening at all to Mr. Godwin, have you?
Frankly, no. I have however followed this same endless debate among lawyers in BBS_LAW, however, and (if I understand all parties correctly) their assessment for the most part disagrees with the one you cite here.
1) The ECPA *DOES* apply to the BBSes whether they want it to or not.
Perhaps we misunderstand each other; I do not mean, literally, that "hobby BBSs are exempt from ECPA," but that the situations addressed are generally avoided by sysop policies. Let me make sure I understand your point; are you saying that: 1] On a privately-owned computer... 2] Operating a noncommercial BBS without monetary compensation... 3] On which a repeating log-on notice informs users that all messages are subject to sysop viewing... 4] Sysop/sole owner viewing of non-public (as opposed to "private") messages during system maintenance or monitoring for unlawful activity... 5] Is prosecutable under ECPA? If so, has such a prosecution been successful?
2) The BBS operators are NOT liable UNLESS they censor the mail. If they censor the mail, they are liable for anything they fail to censor. If they do not censor, they are common carriers, and have no liability.
It is my understanding that noncommercial FIDOnet participants are not in fact common carriers and that technical, legal common carrier status requires more than simply ignoring e-mail. I understand it also brings more potential liabilities than FIDO can handle. In any case, I am informed hobby sysops have been arrested and their systems seized for allegedly illegal traffic on their systems of which they claim to have had no knowledge. I believe this is the case in the CT case pending. Even if these cases are eventually dismissed, the legal expense and personal disruption to a private party (usually a young person of very limited means) is catastrophic and without practical recourse. -> There has been a very heated war in FIDOland over PGP and other -> encryption. Considering the risk that sysops take on by permitting -> secure (?) communication on their BBSs,
They take NO risk. They are common carriers if they stop censoring their mail. People don't seem to understand that the law on this is very clear.
As I say, there seems to be a great deal more to legal "common carrier" status than simply ignoring e-mail. In FIDOdom common carrier status is regarded as a much larger can of worms, with more potential problems and liabilities for sysops than other options.
Actually, as I've just noted, you have not protected yourself. You have opened yourself up for massive legal liability where you had none before.
I believe you are confusing me with someone else. I am not, nor would I _ever_ be, a BBS sysop. This thread gives a perfect example of why not. As far as I can tell, it's purely a fool's errand: Paying good money and personal time and trouble to no better end than incurring grief and liabilities with unpleasant, ungrateful and parasitic users, as well as potential hassles with cops, lawyers and bureaucrats. There's zero payback here; BBS sysops are crazy. Direct followup to FIDOnet BBS_LAW.
anonymous writes:
Frankly, no. I have however followed this same endless debate among lawyers in BBS_LAW, however, and (if I understand all parties correctly) their assessment for the most part disagrees with the one you cite here.
I don't want to play duelling credentials, and, as I said earlier, there are some parts of ECPA over which reasonable lawyers can disagree. But many of the assumptions some sysops make about a) whether they're exempt from ECPA and b) whether they're at risk if they don't read e-mail, and c) whether it helps to have a sysop-can-read-e-mail policy when the sysop does not in fact read all e-mail, and d) whether encryption creates a special risk of liability for sysops strike me as pretty uninformed. Note: even if the courts were to decide that I'm wrong on point (a), it's irrelevant to points (b), (c), and (d) above. The notion that sysops have some *legal* reason to ban encrypted messages is profoundly silly, and unsupported by any caselaw anywhere. And you can quote me on that.
Perhaps we misunderstand each other; I do not mean, literally, that "hobby BBSs are exempt from ECPA," but that the situations addressed are generally avoided by sysop policies.
Avoidable, yes, but not by policies per se--sysops can avoid ECPA liability by contracting with users or by limiting their viewing of private mail to the specific restrictions of ECPA.
5] Is prosecutable under ECPA? If so, has such a prosecution been successful?
They're as frequent and successful as prosecutions of sysops for carrying encrypted mail. Which is to say, there are no cases on point regarding ECPA, but at least we know what the statute says. On the other hand, there's no statute that says sysops will be criminally liable if they don't ban encrypted communications.
It is my understanding that noncommercial FIDOnet participants are not in fact common carriers and that technical, legal common carrier status requires more than simply ignoring e-mail. I understand it also brings more potential liabilities than FIDO can handle.
The issue of common-carrier status isn't relevant to the points I've been making here. I'm assuming that no BBS qualifies as a common carrier.
In any case, I am informed hobby sysops have been arrested and their systems seized for allegedly illegal traffic on their systems of which they claim to have had no knowledge.
Please do not make the common layman mistake of supposing that arrest or seizure equals criminal liability. If you want to talk about specific cases, please cite them. It should be noted, however, that the Steve Jackson Games seizure occurred even though there was no illegal material on his system.
I believe this is the case in the CT case pending.
You are mistaken.
Even if these cases are eventually dismissed, the legal expense and personal disruption to a private party (usually a young person of very limited means) is catastrophic and without practical recourse.
But you still don't get it--there's no correlation between these seizures and the use of truly private or encrypted e-mail. No connection at all. Period. The link is entirely in some sysops' minds.
As I say, there seems to be a great deal more to legal "common carrier" status than simply ignoring e-mail. In FIDOdom common carrier status is regarded as a much larger can of worms, with more potential problems and liabilities for sysops than other options.
As well it should be. But common-carrier status is not the only way to avoid legal liability. --Mike
anonymous@extropia.wimsey.com says:
* Reply to msg originally in CYPHERPUNKS
You haven't been listening at all to Mr. Godwin, have you?
Frankly, no.
The rest of your posting is therefore 100% irrelevant.
Let me make sure I understand your point; are you saying that:
1] On a privately-owned computer... 2] Operating a noncommercial BBS without monetary compensation... 3] On which a repeating log-on notice informs users that all messages are subject to sysop viewing... 4] Sysop/sole owner viewing of non-public (as opposed to "private") messages during system maintenance or monitoring for unlawful activity... 5] Is prosecutable under ECPA?
Gee, you are starting to catch on, aren't you?
2) The BBS operators are NOT liable UNLESS they censor the mail. If they censor the mail, they are liable for anything they fail to censor. If they do not censor, they are common carriers, and have no liability.
It is my understanding that noncommercial FIDOnet participants are not in fact common carriers
Lets say that you operate a magazine, and decide what can and can't be placed in it. You are then liable for the contents. Lets say that instead you operate a courier service, and censor nothing. You are then not responsible for what your clients. Forget the common carrier question. If you actively decide what can and cannot go through, then any time you fail to stop something you are liable. If, on the other hand, you exercise no control, you have no legal liability.
In any case, I am informed hobby sysops have been arrested and their systems seized for allegedly illegal traffic on their systems
Mike Godwin, council to the EFF, has never heard of such a case. If you believe one has occured, why don't you tell us precisely where and when it occured? Perry
Perry Metzger writes:
1] On a privately-owned computer... 2] Operating a noncommercial BBS without monetary compensation... 3] On which a repeating log-on notice informs users that all messages are subject to sysop viewing... 4] Sysop/sole owner viewing of non-public (as opposed to "private") messages during system maintenance or monitoring for unlawful activity... 5] Is prosecutable under ECPA?
Gee, you are starting to catch on, aren't you?
Perry, he actually does touch on one exception under ECPA--viewing of non-public messages during normal system maintenance. Also, a sysop can't monitor for unlawful activity in general, but he or she can monitor activity that may relate to the protection of the system from, say, intruders. Think of this latter as the Cuckoo's Egg exception.
In any case, I am informed hobby sysops have been arrested and their systems seized for allegedly illegal traffic on their systems
Mike Godwin, council to the EFF, has never heard of such a case. If you believe one has occured, why don't you tell us precisely where and when it occured?
Let me be precise. I do know of systems that have been seized, not for some crime of "illegal traffic," but because law enforcement believed that the system contained evidence of a crime. I know of no case in which a sysop has been "arrested" merely because of allowing so-called "illegal traffic" that he or she didn't know about. --Mike
In any case, I am informed hobby sysops have been arrested and their systems seized for allegedly illegal traffic on their systems
Mike Godwin, council to the EFF, has never heard of such a case. If you believe one has occured, why don't you tell us precisely where and when it occured?
How about that case recently posted about here? Doesn't that count? -- Ed Carp, N7EKG erc@apple.com 510/659-9560 an38299@anon.penet.fi If you want magic, let go of your armor. Magic is so much stronger than steel! -- Richard Bach, "The Bridge Across Forever"
Ed Carp says:
In any case, I am informed hobby sysops have been arrested and their systems seized for allegedly illegal traffic on their systems
Mike Godwin, council to the EFF, has never heard of such a case. If you believe one has occured, why don't you tell us precisely where and when it occured?
How about that case recently posted about here? Doesn't that count?
Which one are you refering to? Be specific. .pm
participants (4)
-
anonymous@extropia.wimsey.com -
khijol!erc -
Mike Godwin -
Perry E. Metzger