From owner-freebsd-isp  Sat Apr 19 12:26:39 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id MAA04385
          for isp-outgoing; Sat, 19 Apr 1997 12:26:39 -0700 (PDT)
Received: from pinky.junction.net (pinky.junction.net [199.166.227.12])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id MAA04376
          for <freebsd-isp@freebsd.org>; Sat, 19 Apr 1997 12:26:35 -0700 (PDT)
Received: from sidhe.memra.com (sidhe.memra.com [199.166.227.105]) by pinky.junction.net (8.6.12/8.6.12) with ESMTP id MAA18939 for <freebsd-isp@freebsd.org>; Sat, 19 Apr 1997 12:26:33 -0700
Received: from localhost (michael@localhost) by sidhe.memra.com (8.6.12/8.6.12) with SMTP id MAA05333 for <freebsd-isp@freebsd.org>; Sat, 19 Apr 1997 12:21:35 -0700
Date: Sat, 19 Apr 1997 12:21:34 -0700 (PDT)
From: Michael Dillon <michael@memra.com>
To: freebsd-isp@freebsd.org
Subject: Re: Liability (was: Binaries in Usenet (was: News...))
In-Reply-To: <Pine.NEB.3.95.970419105654.485A-100000@acp.qiv.com>
Message-ID: <Pine.BSI.3.93.970419121338.4316F-100000@sidhe.memra.com>
Organization: Memra Software Inc. - Internet consulting
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


On Sat, 19 Apr 1997, Jay D. Nelson wrote:

> Along with news, what about my encrypted mail. Is an ISP a potential
> federal target if a user's encrypted mail is suspected of "terrorist"
> communication? 

Target? The ISP might be served with a court order to give copies of the
email to the FBI but they will not attempt to lay any charges against the
ISP.

> What is an ISP's liability if they filter out encrypted
> mail?

Major liability. The Electronic Communications and Privacy Act require the
ISP to deliver the email to the recipient and to *NOT* look at the email's
contents unless it is absolutely necessary in maintaining the email
system. So the law says that an ISP has to mind their own business and the
same law also requires the FBI to *NOT* interfere with the operations of
the mail server or prevent the delivery of mail to other recipients. This
has been clearly settled by case law in the Steve Jackson Games case.

Now in other countries there are usually no specific laws that apply but
ISP's probably would be found legally responsible to behave the same way
as the postal system in those countries. This generally means that once
mail is on your server you cannot look at the contents and you must do
everything possible to deliver the email to the recipient. 

Because of this, whenever I have had to help a customer get rid of
multimegabyte email messages, I always use PINE to delete them so that I
cannot see the content of any messages in the mailbox.

> BTW, I never felt much need of encryption until the gov't got their
> panties in a knot over key escrow.

The UK government also has their knickers in a knot over key escrow.

BTW, I am not a lawyer.

Michael Dillon                   -               Internet & ISP Consulting
Memra Software Inc.              -                  Fax: +1-250-546-3049
http://www.memra.com             -               E-mail: michael@memra.com