|
Grex > Cyberpunk > #143: Proposal to ban anonymous Internet access |  |
|
| Author |
Message |
| 25 new of 90 responses total. |
slynne
|
|
response 7 of 90:
| 
Feb 8 19:00 UTC 2001 |
So it could mean no internet email access for folks with unverified
accounts. That would suck but I think it wouldnt be a really big burden.
Anonymous BBS accounts with local email could probably still exist.
|
scg
|
|
response 8 of 90:
|
Feb 8 19:20 UTC 2001 |
I haven't read the news story. I don't know specifically what the law says.
That said, Grex logs what IP address a user comes from, and ISPs generally
log which IP addresses their users are assigned at what times, so as a
practical matter if the intent of the law is to be able to trace people
through ISP log files, and if the law is written to match that intent, Grex
would only have to verify information through its dial-up users. Of course,
I have no reason to believe the law is being written in any way that makes
sense.
It should be noted, though, that law enforcement really isn't lacking any
ability that this gives them. Since ISPs exist to make money, ISPs generally
don't go around handing out accounts without some way to bill for them, which
would generally be either a credit card number or billing address. The real
challenge for law enforcement in going from ISP biling records would be that
it can be difficult to prove that the person using the account was the person
being billed for the account. I assume that's the usual reason these
investigations generally get handled by arranging to meet the person somewhere
and seeing who shows up. Even without accurate ISP billing data, though, this
sort of thing isn't impossible to track down. Even if all the ISP knows is
what phone line the modem call came in on at what time, where the call came
from should be available either from the ISP's own caller ID logs, or from
the phone company's logs, with appropriate court orders.
I'm getting the rather strong impression that child pornography is the new
communism -- something that can generate enough hysteria to justify all kinds
of civil rights violations, with anybody who challenges them considered
immediately suspect.
|
scott
|
|
response 9 of 90:
|
Feb 8 20:17 UTC 2001 |
Maybe next they'll require some form of identification when sending mail via
the US Postal Service. After, all those eagle-painted blue boxes are just
perfect for anonymously mailing child pornography...
|
aaron
|
|
response 10 of 90:
|
Feb 8 20:33 UTC 2001 |
There is no law - there probably isn't even a draft bill yet. At
present, this may be no more than a legislator with an agenda. But it
sounds good, and our legislator has liked this type of stuff in the
past, so I would expect this to pick up some momentum.
|
remmers
|
|
response 11 of 90:
|
Feb 8 20:41 UTC 2001 |
Re #9: Good point.
I wonder how this would affect the free internet access offered
at public libraries. Would internet access be denied to indigent
people with no phone number and no credit card?
|
aaron
|
|
response 12 of 90:
|
Feb 8 20:49 UTC 2001 |
The usual USPS *mailer* of child pornography is a government agency
conducting a sting operation. They get around the anonymity requirement
by requiring a signature from the recipient.
The issue here really does seem to be focused on anonymous email
accounts. That would mean, the library could offer access, as long as
they didn't offer email. I am not sure what the proponent of this bill
intends for companies like Microsoft/Hotmail, which are likely to argue
that requiring them to collect and verify the phone/credit card
information would violate the commerce clause (as an unreasonable burden
on interstate commerce).
|
mdw
|
|
response 13 of 90:
|
Feb 8 22:00 UTC 2001 |
I read the URL. They once used the phrase "free ISP", and talk a number
of time about free providers including netzero and bluelight. Bluelight
apparently already has changed their policies - they now collect
caller-ID information. The law reportedly requires that a valid "credit
card number or telpehone number" be collected at the time of
registration.
The way I read this is, the law definitely *would* affect grex. They
may not have had us specifically in mind, but we're definitely way
within their target cone. Anyone who doubts this should read the
article first.
We *might* with some effort figure out how to collect caller-ID on
dialup lines. It would require a major technical effort since our
current infrastructure makes this almost impossible. (We'd likely have
to buy new terminal servers, so that we can track physical lines vs.
logical line usage, we'd have to install *something* that could collect
caller-ID information, and we'd have to teach newuser how to query that
*something* to get the caller-ID info & reject things that don't have
valid caller-ID).
There are definite problems with what we'd be able to do. No more web
newuser, for instance. Users from India would probably be out of luck.
It's not clear what we'd have to do with pre-existing accounts. An
interesting technical problem is that caller-ID information itself is
not that hard to fake. I'm not sure that's a problem for us, but I'm
not sure it's not: I can think of quite large organizations (any phone
at the University of Michigan) that provide caller ID information that
is quite misleading.
The alternative, which some people here seem to be suggesting, is that
we somehow restrict what people could do. No remote e-mail, perhaps. I
don't know if that would really buy us much or even be practical.
Without looking at the law, it's hard to say if it would include
providing lynx access to material, allowing people to post web pages
with "objectional" material, local mail entirely within grex, or
material posted in conferences.
|
krj
|
|
response 14 of 90:
|
Feb 9 00:01 UTC 2001 |
From the Free Press article, and from Aaron's resp:6, I think the
essential issue is: under this law, if the police come around asking
where a piece of mail or a certain user came from, the answer,
"We don't know, and the information doesn't exist," means that
Grex has committed a crime.
I think what Grex would have to do if this law passes and is upheld,
is shutdown the dialins. To my mind, the definition of an ISP
seems to be a black box with a physical location or the telephone
system at one side, and the Internet on the other side.
With the dialins gone, Grex would resemble Hotmail or other free
email provider, web forum, what have you. I read no hint so far
that such entities would be required to register their users.
If the police came around, Grex could give them the IP address a
user came from.
I am not advocating this solution, but I think it may be forced upon
Grex. I am not optimistic that this law will be defeated either
in the Legislature or in the courts. A quote from an EFF lawyer
I saw today seems to indicate that even they do not find an
absolute right to anonymity.
|
aaron
|
|
response 15 of 90:
|
Feb 9 00:07 UTC 2001 |
EFF is not a civil rights organization, but I do tend to agree with that
conclusion. However, if this succeeds with ISP's (or perhaps even as part
of the same bill), I expect services like hotmail to be next on the list.
|
mcnally
|
|
response 16 of 90:
|
Feb 9 01:11 UTC 2001 |
OK, so why not organize to defeat this *now*?
At the very least, would someone like to draft a letter from the board to
the legislator proposing the legislation making him aware of how possibly
unintended consequences of his proposal would effect the community on Grex?
|
aaron
|
|
response 17 of 90:
|
Feb 9 02:37 UTC 2001 |
Absolutely, organize to defeat this now.
Drafting a letter to your legislator is a nice step. An open letter to
the governor, sent to the Free Press and Detroit News, would also be a
nice step, particularly if you can get some prominent individuals to
sign it.
|
jep
|
|
response 18 of 90:
|
Feb 9 02:39 UTC 2001 |
Why don't people write their own letters?
|
scg
|
|
response 19 of 90:
|
Feb 9 02:57 UTC 2001 |
That would be a good idea too.
How are letters from non-Michigan residents likely to be received by the
Governor or legislators? Are they also helpful, or should I leave this to
those who still live in Michigan?
|
scg
|
|
response 20 of 90:
|
Feb 9 03:12 UTC 2001 |
By the way, I should note that I'm a bit skeptical of the claims of how
uncooperative NetZero was. Chances are, even if NetZero doesn't know who
their users are, the companies they are buying dial access from at least have
logs of when the person called in and on what line, which should be enough
for a sufficiently determined investigator armed with the appropriate court
orders to figure out where the person's been calling from. An e-mail message
sent through one of the free ISPs certainly isn't any more anonymous than a
phone call, and tracking the sources of phone calls isn't a new problem for
police agencies. If NetZero is ignoring subpoenas or wiretap orders, that's
not something that requires new law to deal with.
I find it telling that the apparrent push for this is coming from local law
enforcement, rather than Federal authorities. The Federal authorities are
getting a pretty good grasp of Internet stuff at this point, I get the
impression. The local authorities I dealt with in my days of working at an
ISP, on the other hand, generally seemed extremely clueless, both on the
technology they were dealing with and the procedures they would have had to
follow to be able to legally use the evidence they were asking for. They
would call wanting to know which of our users had done something, and I would
tell them what information they needed to be looking for, confirm that I had
the information, and then hand them over to management, who would tell them
that we'd be happy to give them the information if they came back with the
appropriate court orders. Not one of them ever did.
|
aaron
|
|
response 21 of 90:
|
Feb 9 03:49 UTC 2001 |
John - many people will copy, perhaps even slightly revise, a drafted
letter, and actually mail it, where they would not draft a letter of
their own from scratch. You have probably encountered many situations
where you have been contacted by one organization or another, asking you
to send letters to legislators, usually with a draft letter and the
target's mailing address provided.
scg - I think legislators are most likely to respond to the concerns of
their constituents. However, if letters arrive from out of state in any
significant quantity, I think it can have an effect.
The federal sting operations tend to be focused now on exchanges of
illegal materials where money changes hands. I was recently informed by
somebody who tried to get the FBI to investigate a child pornography
exchange, that he was essentially told that they aren't interested if
money isn't changing hands. At present, there seem to be enough cases of
that variety to exceed the FBI's ability to investigate, arrest, and
assist with the prosecution of all of the offenders involved. Given that
people seem willing to buy illegal materials from overseas vendors by
credit card, identifying customers usually isn't difficult.
Local authorities have different priorities. They know they aren't
likely to be able to shut down a major supplier of illegal materials,
situated in another state or country. They are more interested in
finding people within their own jurisdictions who are willing to engage
in self- identifying criminal behavior online (or by being lured to a
hotel room in their jurisdiction, to 'meet' a minor). For that, it will
help them to be able to tie an email address to a specific person.
|
polygon
|
|
response 22 of 90:
|
Feb 9 04:18 UTC 2001 |
I didn't think that my opinion of Bob Ficano could go any lower, but he
has proved me wrong again.
One possible benefit of a GWB Administration is a Republican U.S. Attorney
who would be willing to bring Ficano to justice.
|
mdw
|
|
response 23 of 90:
|
Feb 9 06:07 UTC 2001 |
From the article at least, it was clear the people drafting this law
were targetting people who provide "free e-mail accounts", not people
who provide "dial-up internet access". I suspect if pressed they might
claim an internet service provider is anyone who provides an internet
based service; not anyone who provides a bank of modems. Regardless,
unless the law is incredibly badly worded, it's unlikely to use the term
"ISP" without definition, and it should be easy enough to decide whether
we're likely to be included under the terms of that definition, and
whether dropping dial-in lines will make any real difference.
Presumably, it should be easy enough to get a draft of the current law,
and we might even be able to influence the language of the final law,
although I doubt that will be at all to our advantage given the claimed
goal of this law.
|
scg
|
|
response 24 of 90:
|
Feb 9 06:30 UTC 2001 |
I'm curious how you read that into the Free Press article, Marcus. The thrust
of the article seemed to be that Bluelight is good and NetZero is bad.
They're both free dial providers.
Hotmail and various other free e-mail providers include an X-Originating-IP
line in the headers, saying where the message came from, the implication being
that if you want to track the person down you can go to the owner of that IP
address.
|
bdh3
|
|
response 25 of 90:
|
Feb 9 07:28 UTC 2001 |
The problem isn't 'child prono', its not 'terrorists' or 'criminals'.
The real agenda is a very real fear on the part of 'government' that
with an anonymous 'digital society' it runs the risk of being unable to
collect taxes. Its that simple. Now I'm not saying that this specific
talking about proposed legislation by this particular 'sucker at the
public teat' is motivated by that, he or she may be actually motivated
by the quaint notion that the 'solution' to that particular problem that
irritates them is to somehow 'restrict' the Internet. One should note
that even more real crime could be eliminated by eliminating public
telephones, but I don't recall that being talked about much. (Here in
chicagoland an alderman (politician) in my 'hood got hot about a bank of
four public phones used by drug dealers at the gas station about three
blocks east of my crib. The owner of the gas station on the south corner
was convinced to request that the phone company remove them even tho-
the owner got a 'taste' of the revenue generated. The phones were
'removed'. Two of the phones were taken away and the othe two were
'removed' to the north side of the same intersection gas station who's
owner had noted the traffic patterns. Probably determined could make as
much with two phones with folk lined up as four phones with always an
empty phone or two. Net result, the alderman (a female) 'cracked down
on crime', there are two fewer public phones for honest citizens to use,
and two fewer phones to tap for the cops...not sure of the net 'gain' to
society as a whole.)
Lets consider the effect of a 'non-anonymous Internet'. The few
criminals that don't find ways around it are busted. The common
ordinary citizen who works at a company that is dumping toxic waste into
the drinking water now no longer reports ('whistle blower') it on
account he/she needs the job and recognizes that 'public approbation'
doesn't put food on table or send kids to college.
The way to police 'child prono' on the Internet is to give tax credits
to ISPs who have an active program to eliminate it - give them a
financial incentive to track down, document, and report the 'vendors' of
filth. Lord knows given the financial situation of the majority of them
it would be a far better way to spend tax dollars and keeps the cost to
the average consumer unchanged (encouraging everyone to get online.)
(Again, its a 'show me the money, honey' problem).
Back to the 'real agenda'. Imagine for a moment that I pay you to
'perform X task'. I pay you 10 bucks an hour in reported $US and
the equivalent of 60$US an hour in anonymous digital 'cash' over the
Internet. The amount of income tax you pay is based on that 10$US rate
and the amount of matching FICA/etc. stuff I pay is based on the same.
You go to person Y who has a horse for sale. You and he agree on terms.
He sells you a horse for 10$US and 60$US in 'digital cash' which is
anonymously transfered to him. You pay sales or VAT tax on 10$US horse.
The seller reports income of 10$US from the sale and has 60$US in
'digital cash' anonymously on the side. You see the problem for a
government?
(This is not a new problem. Long prior to 'Internet' for example there
was and is a 'chinese banking system' (aka 'Tongs', 'Triads', etc.) that
operates worldwide, immune from IRS/Revenue Dept. scrutiny. You go into
a 'chinese bank', give the clerk 'cash', get a 'ticket' (written in
'secret language' and 'chopped'), take the 'ticket' to any 'chinese
bank' in the world and redeem it how you negotiate. Of course, no FDIC,
no interest (indeed there may be a cost) and no recourse if you lose the
'ticket' - 'no tickey no washey' is no accident, and its no accident
that it is known as 'laundering'.))
|
aaron
|
|
response 26 of 90:
|
Feb 9 14:32 UTC 2001 |
While that was quite fascinating, beady, we're not speaking of the feds
here, and we're not speaking about a police agency that collects taxes
or enforces tax laws. Believe it or not, for a wide variety of reasons,
it benefits local politicians to go after child pornography.
|
i001
|
|
response 27 of 90:
|
Feb 10 00:21 UTC 2001 |
i dont beleive that all of the law's evil conterparts are out on anon internet
access. this is just another attempt to destroy privacy because of one
persons ill-founded fear. Descions such as this one should not be made by
people who dont even understand technology. Why should the intelligent be
rulled by the ignorent. even if anon internet is destroyed there will always
be an work-around. Please forgive my poor spelling.
|
mdw
|
|
response 28 of 90:
|
Feb 10 00:23 UTC 2001 |
The problem described in the free press article was "people who use free
e-mail accounts to send pornography", and the difficulty in associating
those free e-mail accounts with humans. The solution described was to
require systems hosting those free e-mail accounts to acquire either a
"valid" telephone number or a credit card #. There was an underlying
assumption that the same people providing the e-mail accounts were also
providing dial-up access, and there was little if any discussion about
web pages, downloads, IP connectivity, dial-up authentication, shell
accounts, anonymous "kiosk" style walk-up internet access, hotmail, or
any of the numerous other ways people might use the internet. Since
that discussion was missing, and none of us has any real idea what the
law actually might say, there's no way to prove or disprove whether it
might apply to grex, or whether dropping dial-in lines will affect that.
I'm sure any of us could draft a law that would apply to grex
regardless, or a very similar law that would only affect sites offering
dial-up access. Based on the "problem" described, I'm guessing that if
the people who wrote this law will have tried very hard to write a law
that will be as broad as possible, and will happen to include grex. If
it's at all similar to past laws we've seen, it's likely to be written
with multiple overlapping sets of definitions, some narrowly defined
(and likely covering dial-up access), and others more broad & vague, but
very likely elastic enough to cover grex. Several people here are
apparently hoping for a much more narrowly defined law, possibly written
by people who don't know of all the other possibilities and won't cover
all those cases. This is certainly possible, and I definitely can't
disprove it. Even so, I wouldn't care to bet on this necessarily being
the case.
|
scg
|
|
response 29 of 90:
|
Feb 10 01:05 UTC 2001 |
There's actually a very good reason for them to go after the dial providers
instead of the free e-mail providers. A free e-mail provider with a bunch
of servers in some other state, not charging money for their services, isn't
doing business in Michigan. This was one of the grounds we were using to
argue that the censorship law was too broad in Cyberspace v. Engler. The free
dial providers actually have to put infrastructure in Michigan (or more likely
rent somebody else's infrastructure in Michigan), meaning that they're
actively doing business in Michigan.
|
mdw
|
|
response 30 of 90:
|
Feb 10 01:19 UTC 2001 |
It's a nice theory. Presumably, we'll get to see how close reality is
soon enough.
|
eeyore
|
|
response 31 of 90:
|
Feb 10 08:24 UTC 2001 |
I would really like to see the written out first, and not just what the
newspapers have to say about it.
|