Response to Uni's "Lawsuit" Message
First off, many thanks to Uni for deciding to share his venture into the legal ramifications of Usenet. It's a shame things had to be taken to this extreme, though his reasoning (edited to conserve bandwidth) is flawless and the potential harm quite grave. I address this issue from my George Mason University account as it presents my personal opinions on the subject and does not necessarily reflect the views of Digital Gateway Systems, Inc., a DC-area Internet access provider where I am Director of Sales and Marketing. However, Uni's comments on Netcom's role in the matter are, to say the least, thought-provoking for someone in my position. I have deleted quite a bit of the background and history, though I believe the context of all relevant points has been preserved. Should I make an error in that sense, or misrepresent one of Uni's positions, I hope to be corrected quickly. <--uni's words begin--> I contacted netcom.com to see how they might respond to the suit, and to ask about the need for a preliminary injunction to prevent data in and about tmp's account from being destroyed inadvertently or intentionally. Netcom.com was initially not very cooperative. They suggested I sort the problem out with tmp, and that it was not their issue. This was until my attorney called Mr. Bruce Woodcock at Netcom support services. Mr. Woodcock was VERY cooperative. He was very interested in avoiding liability and was perhaps the best card we had in the suit. While I cannot go into detail as to the specific support he provided, I think it is safe to say AS A GENERAL MATTER that while most internet providers will be very strict about privacy for their account holders, the appearance of legal proceedings and potential court orders make a provider very interested in not being named as a co-defendant. (Note 1) I must thank Mr. Woodcock and commend him on his excellent balance of client privacy and respect for the judicial system. <--uni's words end--> I would imagine that the folks who received the initial communication were not in a position to realize the potential damage that being named on such a suit could cause even if a court chose not to impose monetary liabilities. I live in fear of that sort of occurrence and, while cooperation with lawyers and striking an "excellent balance of client privacy and respect for the judicial system" can be turned into your favor, the risk of someone not being of a mind to settle with the defendant and also willing to drag as many people/organizations down with the defendant as possible is daunting. A question I don't ever expect to have answered, as it involves both a hypothetical situation and is, by its nature, unfair: What if you had lost the Swiss furniture deal? You admitted that you would not have been as sanguine about the affair -- would the rage have led you to forego contacting Netcom and name them as a co-defendant? Even had you later dropped them from the suit, substantial damage would have been done. Also, that action might have caused them to entrench and force you to go through discovery, a long and trying process. Not to mention the expense... One way I had foreseen providing (relatively) anonymous Internet access for my Cypherpunk comrades was to establish an account with no personal information in the system log, post a cash or money order payment to DGS's bank account, and retain an account name-indexed list where I could email individuals whose accounts were due to expire. The problems with this scheme? Keeping track of who was who and making sure no one grabbed someone else's userid (zero knowledge proofs, anyone???) is one, legal liability for providing such a service is another. I need to research the applicable regulations which state how much customer information we are required to maintain, if any. Anyone out there familiar with the laws of the Commonwealth of Virginia on this point? The weak link in the system? Me. Numerous points of failure and susceptible to lawsuits and other legal/non-legal forms of "rubber hose de- anonymization". <--uni's words begin--> In a way I'm sorry the case didn't go to the courts. While it probably would not have been a precedent setting one, because it doesn't seem tmp@netcom.com could have appealed a ruling and gotten it into the record books as an appeals case with some precedent, it would have been interesting to see what sort of liability Usenet might present. In a way I felt guilty. Usenet and the net in general is such a break from the normal rules and fears of liability it seemed a shame in a way to introduce the ugly head of jurisdiction and subservience to the legal system to cyberspace. <--uni's words end--> Agreed, though your willingness to settle mitigates the "sin" of the original action, IMHO. I fear that future suits, when they inevitably occur, will be based on a much less extravagant disregard for the truth, possibly setting the threshold for libel/slander on the Usenet at intolerably low levels. As you mention later, the possibility of government-controlled nationwide information networks would be a frightening proposition if the government were to choose a test case, get the best lawyers they could afford (!!??) and take a chance with twelve "peers" sitting on a pine bench for $5 per day. <--uni's words begin--> I also don't like to be a bully. In another way it seemed like a no-lose situation. If I won a suit, I would be vindicated (as petty as that is), and there would be some clue as to how far one could go on Usenet and in cyberspace in general. If I lost, I would be just as pleased that the line had been drawn and the results of basic immunity to defamation and libel would have been quite a social experiment, a result still quite worth the expenditure for me. In addition, I was very interested in discovering how a court, the ultimate throwback to the real world, would impose (or refuse to impose) traditional legal theory on Usenet and electronic mailing lists in general. As a legal scholar, it was a problem that presented a wonderful chance to see the law evolve literally right before my eyes. In retrospect, I'm not sure I would have been so pleased if the Swiss deal had been compromised in the process. <--uni's words end--> As I do not share your frame of reference, it's hard for me to make a judgment on these points. Moving from the theoretical to the practical, seeing the law made before your eyes is an unnerving experience that, as a non-lawyer, I find a bit difficult to view with the detachment you seem to show in this passage. (I'm sure you're concerned as well, it's just that this paragraph, read out of context, is a bit dispassionate.) Also see my points about thresholds of abuse above. <--uni's words begin--> Note 1: It seems to me that the entire event highlights the potential demand for anonymous utilities on both sides. tmp would have been much better off for his ability to use remailers, and I would have been much better off had I guarded my pseudonym more effectively. The interesting solution would be a multi-jurisdictional remailer making records non- reconstructable, and guarding the operator from jurisdiction and liability. tmp's greatest weak spot was Netcom's potential liability. I would have been hard pressed to sue had Netcom not been so easily included as a defendant. Netcom's cooperation (which was not at all "voluntary" I must add, but rather based on significant perceived, potential liability) made expensive depositions and numerous interrogatories throughout the discovery game unnecessary, and probably would have been much more difficult if Netcom had insisted on pursuing a hearing in court on each request and fought tooth and nail as (I assume) Julf might have. <--uni's words end--> What exactly is Netcom's liability in this case? If a service provider is treated as a phone company, abuse of the service could be grounds for discontinuing the service. As Netcom did not discontinue tmp's service (see below), perhaps there is room for suit there. Should, however, an access provider be treated as analogous to a direct mail firm, the responsibility is much more obvious. As various Internet services perform different functions (Usenet is like mass mailing, email is like phone service, IRC is like public conversation etc.), the range of liabilities is staggering. What protection should Netcom, and other access providers, have against the abuses of their subscribers? Damn if I know, but it's an important question to stay awake at night worrying about... <--uni's words begin--> In any event this raises another matter. How then are remailers to be supervised? My personal feeling is that Julf, or any remailer operator, would have blocked tmp's use of a remailer far before Netcom would have. (Note that Netcom STILL has not revoked tmp's account, I guess they are just asking for trouble?) <--uni's words end--> As Julf provides his service as a favor to the Internet community and appears not to be driven by any profit motive (he hasn't solicited a contribution from me, though I haven't used my penet.fi account in a few years), he can allow his "cultural expectations" of the Internet/Usenet community to temper his judgments. As for Netcom, they are taking a foolish risk by allowing tmp to remain as a subscriber. I can say with 99% probability that any DGS user exhibiting behavior similar to tmp's would have been bounced and their money cheerfully refunded. And I'd hope the door would hit him on the ass on the way out... <--uni's words begin--> In as much as remailers are operated by those who have some degree of respect for Usenet and cyberspace in general, the kind of self patrolling that goes on seems to me as effective, provided there isn't an imposition by the operator of the morality legislation that remailers are often used to circumvent (pornography, etc.) In my view the traffic level alone of tmp's Usenet posts is more offensive than any pornography, tax avoidance, political activism, or free marketing that goes on through remailers. It should be this, along with harassment or obvious forum abuse that should dictate the line at which a remailer operator blocks access. In the current system, as displayed by Netcom's policy, it is quite the opposite that is affected. Potential legal liability (which is based on the whims of the empowered jurisdiction) is the only effective bar against misconduct. The implications of a nationalized internet are quite unnerving in this context. <--uni's words end--> See above, and amen. <--uni's words begin--> In a way Netcom is a victim here. They are at the mercy of the U.S. legal system despite what is or is not morally acceptable in cyberspace. In a way they have dug their own hole. Their restrictions, and motivations are based on profit, not on ethics. <--uni's words end--> Very much in line with your earlier thoughts on the potential (non-) application of traditional libel/slander law to the Net -- would the Courts allow cyberspace to be that much more rough-and-tumble, with higher standards of abuse required for successful suits? The proof is left as an exercise for the original poster :-). As for profit motive (and please take this as a VERY GENTLE rebuke), you admitted that your disposition may have been different if the Swiss deal had fallen through. My company is also motivated by profit -- my job is to write the ads and market the groups that will bring in more and more money. I would agree that Netcom, by valuing tmp's $20 per month over the potential harm to the Net community, has taken that view to a bit of an extreme. I would hope that my company would draw the line closer to... well, closer to what I subjectively feel is a reasonable place to draw some sort of distinction on a case-by-case basis. ***Conclusion*** So many issues out here on the bleeding edge...so much to stay up on, let alone get ahead. I'd like to thank Uni for trusting us enough to share many of the details of his suit and hope he continues his valuable contributions to Cypherpunks and net.culture in general. -- Curtis Frye, speaking for himself and trying to put it all together...
-----BEGIN PGP SIGNED MESSAGE----- I wonder if tmp@netcom.com would have used a "temporary insanity" plea. :-) Sorry, I couldn't resist that.... - -- Allan Bailey, allan@elvis.tamu.edu | "Freedom is not free." Infinite Diversity in Infinite Combinations | allan.bailey@tamu.edu Esperanto: MondLingvo, lingvo internacia. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLeHW7k19fA0AcDy9AQGKQwP/ScEweMVBGlhmeQZ71zj3uepq7cSLpnlF 9Zm9aFJWpXBW3h0kE4A3XzJkSVJIVjYClvz5ukN8Px9QSwemK5MEJRumInYeSsOg tpGHDt3NCPjg0sDTgnlJJlYf8Wfo/0bdYZF3p5+iplWTSQn/5Icaq2GA9WFlomcf J+33KscFMKE= =LEBr -----END PGP SIGNATURE-----
C'punks, On Tue, 24 May 1994, Curtis D Frye commented on Black Unicorn's recent post about his threatened law suit against "tmp" and Netcom. While I agree with Curtis' response, that is not the purpose I am writing this response. I would like to focus on one suggestion for providing anonymous Internet access. Curtis wrote:
. . . One way I had foreseen providing (relatively) anonymous Internet access for my Cypherpunk comrades was to establish an account with no personal information in the system log, post a cash or money order payment to DGS's bank account, and retain an account name-indexed list where I could email individuals whose accounts were due to expire. The problems with this scheme? Keeping track of who was who and making sure no one grabbed someone else's userid (zero knowledge proofs, anyone???) is one, legal liability for providing such a service is another. I need to research the applicable regulations which state how much customer information we are required to maintain, if any. Anyone out there familiar with the laws of the Commonwealth of Virginia on this point?
The weak link in the system? Me. Numerous points of failure and susceptible to lawsuits and other legal/non-legal forms of "rubber hose de- anonymization".
How about this, instead: A company called "ID Anonymous, Ltd." sets up in a business secrecy jurisdiction. It buys Internet access accounts in bulk from DGS, Netcom, etc. (ID1, ID2, ID3, . . .). It then resells them to people living in the service territories of the various access providers. ID Anonymous, Ltd. collects monthly fees from all of its sub-users. It pays the Internet provider a single check each month for the monthly fees of all its anonymous account. Under such a system, there is no weak link. If a user misbehaves, DGS or Netcom can cut off the offending account, but nobody can reveal the identity of the underlying user. By being located in an offshore jurisdiction, ID Anonymous, Ltd. is not susceptible to lawsuits or rubber hose techniques. QED. S a n d y
participants (3)
-
allan@elvis.tamu.edu -
cfrye@mason1.gmu.edu -
Sandy Sandfort