Computer underground Digest Sun Mar 1, 1998 Volume 10 : Issue 15 ISSN 1004-042X Editor: Jim Thomas (cudigest@sun.soci.niu.edu) News Editor: Gordon Meyer (gmeyer@sun.soci.niu.edu) Archivist: Brendan Kehoe Shadow Master: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Field Agent Extraordinaire: David Smith Cu Digest Homepage: http://www.soci.niu.edu/~cudigest CONTENTS, #10.15 (Sun, Mar 1, 1998) File 1--Privacy groups tell FCC to deep-six wiretap law File 2--SLAC Bulletin, February 14, 1998 File 3--Thoughts on the Coaltion of ISPs and the Usenet Blockade File 4--Cu Digest Header Info (unchanged since 7 May, 1997) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. --------------------------------------------------------------------- Date: Wed, 11 Feb 1998 17:33:17 -0800 (PST) From: Declan McCullagh Subject: File 1--Privacy groups tell FCC to deep-six wiretap law Seems as though even the folks (not the undersigned) who lauded the virtues of the Digital Telephony wiretapping law and cut a deal to ensure its passage are now claiming it's gone astray. Attached below are comments filed (I believe today) with the FCC on the law. Even if you don't care about wiretapping, consider this: the Digital Telephony law requires technology firms to make communications readily snoopable by law enforcement agents. Think of this as a precedent for requiring technology firms to make //encrypted// communciations readily snoopable by law enforcement agents. Trust me, even if you haven't thought about that precedent and its value when lobbying members of Congress, Louis Freeh has. -Declan ****** Before the Federal Communications Commission Washington, D.C. 20554 In the Matter of ) ) CC Docket No. 97-213 Communications Assistance for ) Law Enforcement Act ) Surreply Comments of The American Civil Liberties Union The Electronic Privacy Information Center The Electronic Frontier Foundation Computer Professionals for Social Responsibility The American Civil Liberties Union (ACLU), Electronic Privacy Information Center (EPIC), Electronic Frontier Foundation (EFF), and Computer Professionals for Social Responsibility (CPSR) respectfully submit these surreply comments in the above referenced proceeding. Our organizations represent a broad perspective of public interest, privacy and civil liberties interests. ACLU, EPIC and EFF jointly filed comments with the Federal Communications Commission in response to the Notice of Proposed Rulemaking (NPRM) on implementation of the Communications Assistance for Law Enforcement Act (CALEA) on December 12, 1997. In our previous comments, we urged the Commission to exercise its statutorily conferred authority to delay compliance with the Act until October, 2000. However, after reviewing the comments filed by the Federal Bureau of Investigation (FBI), public interest groups, and industry; and in light of the FBI's four year delay in releasing to the public the statutorily required Notice of Capacity; and the FBI's obstruction of the adoption of industry compliance standards that are feasible and technically possible, we are convinced that the Commission must indefinitely delay the implementation of CALEA. We call on the Commission to report to Congress on the serious legal, technical, and policy obstacles that have thwarted CALEA's implementation. Our organizations also request that the Commission require the FBI to provide comment-- on the public record-- explaining their failure to meet the statutory Notice of Capacity Requirement imposed by Congress nearly four years ago. Our requests in this proceeding are based on several provisions for government accountability and privacy protection incorporated in CALEA and its legislative history, which has thus far been largely ignored. Section 107 of CALEA provides that any person(s), including public interest groups, concluding that any standard issued on the implementation of the Act is deficient, may petition the Commission for review. This section provides that one factor for judging the acceptability of standards is whether they protect the privacy of communications that are not permitted to be intercepted under the law. Furthermore, the legislative history of CALEA makes clear that the Commission's authority over this implementation process is designed to ensure that the following goals are realized: (1) Costs to consumers are kept low, so that 'gold-plating' by the industry is kept in check; (2) the legitimate needs of law enforcement are met, but that law enforcement does not engage in gold-plating of its demands; (3) privacy interests of all Americans are protected; (4) the goal of encouraged competition in all forms of telecommunications is not undermined, and the fact of wiretap compliance is not used as either a sword or a shield in realization of that goal. Because our organizations have concluded that these statutory goals have not been satisfied, we believe it is incumbent on the Commission to take action with regards to our requests. In these surreply comments we will also address several issues raised in submissions of other interested parties that call for an expansion of the CALEA's mandate and that run counter to Congress' stated goals. I. The FBI has Disregarded the Congressional Limitations and Statutory Obligations Imposed on Law Enforcement by CALEA: CALEA explicitly called on law enforcement to issue a technical capacity notice by October 25, 1995, one year after the law's enactment. Carriers were given three years after the notification to install capacity meeting the notification requirements. Thus, under the statutory timetable, industry's deadline for compliance was to have been October 1998. Section 104(a)(2) requires that the technical capacity notice provide a numerical estimate of law enforcement's anticipated use of electronic surveillance for 1998. The notice is required to establish the maximum interceptions that a particular switch or system must be capable of implementing simultaneously. By mandating the publication of numerical estimates of law enforcement surveillance activity, Congress intended CALEA's notice requirements to serve as accountability "mechanisms that will allow for Congressional and public oversight. The bill requires the government to estimate its capacity needs and publish them in the Federal Register." In addition to the concerns of privacy advocates, the Public Notice requirement was based on industry concerns that the cost of providing intercepts was becoming an undue burden on companies and that the number of intercepts was growing too rapidly for industry to respond. In 1994, AT&T testified that such law enforcement notice was necessary for industry to accomplish the following: -require law enforcement to focus on what it actually requires to accomplish its legitimate needs thereby freeing resources they do not actually require for other purposes; -provide an essential mechanism for Congress to control both the costs and level of law enforcement involvement in the development of new services; -ensure that the fewest taxpayer dollars are spent to address law enforcement concerns. As documented in detail in our prior comments, the FBI has yet to provide the mandated Notice of Capacity. The Bureau has thus far released two initial notices that were both withdrawn after sharp public criticism over the FBI's failure to meet the statutory requirements. The FBI comments also do not explain why the public and Congress should ignore their failure to meet this statutory obligation. Instead, the FBI asserts that public safety should override any technical problems industry groups may face in complying with CALEA's statutory deadline. However, we believe that this assertion has also not been justified by the FBI to date. According to statistics released by the Administrative Office of the U.S. Courts and the Department of Justice, the actual number of interceptions has risen dramatically each year and in 1996 alone 2.2 million conversations were captured by law enforcement. A total of 1.7 million of these intercepted conversations were deemed not "incriminating" by prosecutors. Our organizations believe that these numbers do little to support the FBI contentions that CALEA should be given broad interpretation. Moreover, the FBI comments state that a blanket extension on the compliance with CALEA should not be granted despite the impasse between industry and law enforcement because of the potential threat to public security. While we recognize the importance of protecting the public, Congress required that there be a balancing of the interests of law enforcement with the need to protect privacy and develop new technologies. Specifically, Congress had the following objectives: (1) to preserve a narrowly focused capability for law enforcement agencies to carry out properly authorized intercepts; (2) to protect privacy in the face of increasingly powerful and personally revealing technologies; and (3) to avoid impeding the development of new communications services and technologies. Hence, we are not persuaded by the FBI's conclusion that there should not be a blanket extension for compliance with CALEA. Until it is clear that each of the Congressional objectives is met and there is a public release by the FBI of its statutorily mandated Notice on Capacity, the technical compliance with the Act should be postponed. II. The FBI Has Not Maintained Narrowly Focused Capability for Law Enforcement Agencies to Carry Out Authorized Intercepts The FBI's bad faith in the implementation process has prevented the development of acceptable technical standards that are feasible by industry. As our prior comments document and industry comments support, the FBI has repeatedly endeavored to require that industry meet a FBI wish-list of surveillance capability needs never contemplated by Congress. Indeed, avoiding such an impasse was precisely why Congress explicitly redrafted the statute in 1994 to eliminate law enforcement control over industry standard-setting. Instead of preserving a narrow focus on surveillance capability, the FBI has sought an expanded capability by interpreting CALEA to apply to entities and user services specifically exempt by Congress. The comments submitted by the FBI underscore the validity of our concerns by presenting a wish-list of items that go far beyond the authorized electronic surveillance under the provisions of Title III of the Omnibus Crime Control and Safe Streets Act of 1968, the Electronic Communications Privacy Act of 1986 and CALEA.. For example, the FBI comments call for CALEA compliance by carriers providing access to information services, private communications services, and paging services -- an expansion of surveillance capabilities never contemplated by Congress. (a) Information services In paragraph 29 of its submission, the FBI states that it agrees that providers of "exclusively information services are excluded from CALEA" but that "any portion of a telecommunications service provided by a common carrier that is used to provide transport access to information services is subject to CALEA." Such services are explicitly exempt under the statute. Section 103 (4)(b) provides limitations on what services are required to meet assistance capability requirements under CALEA. It states: (b) Limitations: (2)Information services; private networks and interconnection services and facilities. The requirements of subsection (a) do not apply to-- (A) information services; or (B) equipment, facilities, or services that support transport or switching of communications for private networks or for the sole purpose of interconnecting telecommunications carriers. Congress explicitly rejected any application of CALEA to information services including electronic mail and on-line services recognizing that interception of those communications is the equivalent of "call content" and is therefore, subject to a much higher degree of protection under the Constitution. The FBI, and the Commission NPRM, incorrectly assume there is a distinction between carriers that exclusively provide information services and common carriers that provide access for information services. The FBI is simply attempting to gain back-door access to information services contrary to Congress' intent. (b) Carriers Providing Private Services: Paragraph 22 of the FBI comment states that "there may exist telecommunications companies that do not hold themselves out to serve the public indiscriminately that should also be treated as 'telecommunications carriers' by the Commission. Otherwise, companies that hold themselves out to serve particular groups may, intentionally or inadvertently, undermine CALEA." Thus, the FBI's conclusion that private services that do not indiscriminately provide services to the public fall within CALEA's ambit is unwarranted. Indeed as the legislative history states: "...telecommunications services that support or transport switching of communications for private networks or for the sole purpose of interconnecting telecommunications carriers...need not meet any wiretap standards...Earlier digital telephony proposals covered all providers of electronic communications services, which meant every business and institution in the country. That broad approach was not practical. Nor was it justified to meet any law enforcement need." Indeed the explicit exclusion of private networks was also based on the potential threats to personal privacy that such could be incurred by requiring private networks to meet the CALEA configuration requirements. CALEA's legislative history states that private networks are not the usual focus of court authorized electronic surveillance and that these networks, although excluded by CALEA's requirements, may be required to provide law enforcement with access to information after receiving a court order. (c) Paging services: Paragraph 25 of the FBI comments state: "Law enforcement contends that paging systems should be included in the definition of "telecommunications carrier" for the purposes of interpreting CALEA because paging systems generally fall within the definition of common carrier or, at minimum, rely on common carriers to be activated." Paging service's reliance on common carriers for activation does not automatically compel their compliance with CALEA. III. The FBI Has Ignored Privacy Protection Requirements The Congress specifically required privacy safeguards to assure that communications not be made vulnerable to hackers and rogue wiretaps as a result of CALEA. Section 105 of CALEA, Systems Security and Integrity, mandates that "telecommunications carriers shall ensure that any interception of communications or access to call-identifying information effected within its switching premises can activated only in accordance with a court order or other lawful authorization...". However, the FBI comments and FCC NPRM merely reduce privacy concerns to questions of telecommunication carrier recordkeeping and employee screening measures. Furthermore, Section V of the FBI comments, which addresses the carrier security procedures, attempts to undermine the protections against unlawful government surveillance guaranteed in the Electronic Communications Privacy Act of 1986. 18 U.S.C. 2510, et. seq. This section asserts that there is "anecdotal evidence" that carriers have refused to comply with law enforcement requests for wiretapping where there is confusion as to the validity of court orders. As a result, the FBI has called on the Commission to limit the ability of carriers to question the lawfulness of requests for interception by various law enforcement entities. Similarly, paragraph 47 states that "[c]arriers are the implementers, not the enforcers, of lawful intercept orders or certifications under the electronic surveillance laws." We strongly disagree with that conclusion. Carriers have an affirmative obligation under ECPA to ensure that they are not wrongfully disclosing information to the government or third parties. The failure of carriers to exercise good faith judgment and carefully scrutinize such requests for information may expose them to criminal and civil liability under ECPA. 18 U.S.C. 2520 (d). We believe that a Commission ruling providing that carrier's lack the ability to scrutinize the validity of warrants would require them to abrogate their statutory good faith obligations. In addition, the Commission lacks authority to limit the rights of carriers to review such orders and such a requirement would not comport with other federal and state requirements. Paragraph 46 of the FBI comments broadly states that carriers may not question law enforcement authority to conduct wiretapping investigations where one party has consented to interception. The FBI broadly states that "[i]n such cases, the electronic surveillance statutes clearly indicate that no court order is required." We similarly disagree with this conclusion. Currently, at least 12 states do not permit "one party consent" to interceptions of communications. Thus, we believe that a Commission rule limiting carrier discretion would certainly create pre-emption questions where there is no Congressional basis and where the request comes from state law enforcement. Conclusion Congress envisioned CALEA's implementation as an open process that would ensure accountability and prevent the development of unprecedented surveillance capabilities. The expanded capabilities sought by the FBI, along with their non-compliance with CALEA's Public Notice of Capacity Requirements warrant serious Commission and Congressional response. Our organizations believe that given the FBI's failure to meet public accountability provisions, the Commission must indefinitely delay the implementation of CALEA and report to the Congress on the serious obstacles that have thwarted its implementation to date. We also ask that the Commission require the FBI provide comment on the public record explaining its failure to meet it unambiguous statutory obligations under CALEA. Respectfully Submitted, _____________________________________ Laura W. Murphy, Director Greg Nojeim, Legislative Counsel A. Cassidy Sehgal, William J. Brennan Fellow American Civil Liberties Union Washington National Office 122 Maryland Ave, NE Washington, D.C. 20002 (202) 544-1681 Marc Rotenberg, Director Barry Steinhardt, President David L. Sobel, Legal Counsel Electronic Frontier Foundation David Banisar, Staff Counsel 1550 Bryant Street, Suite 725 Electronic Privacy Information Center San Francisco CA 94103 666 Pennsylvania Ave., SE, Suite 301 (415) 436-9333 Washington, D.C. 20003 (202) 544-9240 Computer Professionals for Social Responsibility CPSR, P.O. Box 717, Palo Alto, CA 94302 (650) 322-3778 cc: Rep. Bob Barr Sen. Orrin Hatch Sen. Patrick Leahy Rep. Henry Hyde Sen. Ashcroft Sen. Edward McCain Sen. Arlen Spector Rep. Billy Tauzin Rep. McCollum Rep. Charles Schumer The Communications Assistance for Law Enforcement Act, Pub. L. No. 103-414, 108 Stat. 4279 (1994) (codified as amended in sections of 18 U.S.C. and 47 U.S.C.) Statement of the AT&T Corporation Before the House Subcommittee on Civil and Constitutional Rights and Senate Subcommittee on Technology and Law, reprinted, in Schneier and Banisar: The Electronic Privacy Papers, Wiley and Sons, 1997. See generally, EPIC letter to The Telecommunications Industry Liason Unit, November 13, 1995, reprinted in 1996 Electronic Privacy and Information Center, Cryptography and Privacy Sourcebook, 1996, discussing the failure of the Initial FBI Notification of Law Enforcement Capacity Requirements to meet CALEA's obligations. --------------------------------------------------------- POLITECH -- the moderated mailing list of politics and technology To subscribe: send a message to majordomo@vorlon.mit.edu with this text: subscribe politech More information is at http://www.well.com/~declan/politech/ ------------------------------ Date: Sat, 14 Feb 1998 13:09:56 -0500 (EST) From: jw@bway.net Subject: File 2--SLAC Bulletin, February 14, 1998 SLAC Bulletin, February 14, 1998 --------------------------------- The SLAC Bulletin is a low-volume mailer (1-5 messages per month) on Internet freedom of speech issues from Jonathan Wallace, co-author of Sex, Laws and Cyberspace (Henry Holt 1996) and publisher of The Ethical Spectacle (http://www.spectacle.org). To add or delete yourself: http://www.greenspun.com/spam/home.tcl?domain=SLAC NO GATEKEEPERS Jonathan Wallace jw@bway.net Our president's latest scandal was broken by Internet columnist Matt Drudge, who reported that Newsweek had spiked a story about Monica Lewinsky. Some people see that as a black eye for the print media and a victory for the Internet. Not First Lady Hilary Clinton, who was asked about the Net's role in dissemination of news at a press conference on February 11. "As exciting as these new developments are.... there are a number of serious issues without any kind of editing function or gate-keeping function. What does it mean to have the right to defend your reputation, or to respond to what someone says? "There used to be this old saying that the lie can be halfway around the world before the truth gets its boots on. Well, today, the lie can be twice around the world before the truth gets out of bed to find its boots. I mean, it is just beyond imagination what can be disseminated." Clinton was asked whether she favored regulation of the Net. She said she didn't yet know, but commented: "Anytime an individual or an institution or an invention leaps so far out ahead of that balance [contemplated by the Founders] and throws a system, whatever it might be --political, economic, technological --out of balance, you've got a problem, because then it can lead to the oppression of people's rights, it can lead to the manipulation of information, it can lead to all kinds of bad outcomes which we have seen historically. So we're going to have to deal with that." These are among the most scary words ever said about Net regulation. Contrast them to the rhetoric we're used to, about the Net as a hydra-headed pornmonger reaching into your child's bedroom. Censorship advocates like former Senator Exon at least have the decency to pretend that all they care about is "decency." Mrs. Clinton goes a huge step further: she's worried about information. Not just falsehood. Information. Obviously, for her the right result was Newsweek's decision to spike the story, not Drudge's to run it. We're already far enough along in the Lewinsky scandal to know something happened. The President and Mrs. Clinton have endured a lot of falsehood on the Net. I don't remember either of them calling for Net regulation because of Usenet postings or Web pages claiming that the military shot down flight 800, or that Ron Brown or Vincent Foster were assassinated. It took the truth, not a lie, to make Hilary Clinton say the Net is dangerous. This recalls the early days of the republic, when laws banning "seditious libel" were in force. Back then, there were greater penalties for telling the truth than for lying. People might disbelieve a lie. The truth was more damaging. Preserve us from gatekeepers. Their function is highly overrated. Yes, they filter out some falsehoods, but they also print some, while blocking some truths. Their sense of what interests the public is notoriously faulty and unrepresentative. Most of the time, if I really want to drill down into an issue and get to to the truth, I get my information from the Net. I didn't see Hilary Clinton's comments above reported in the print media; I got them from a posting by Declan McCullagh to his fight-censorship list. For three years, I've written whatever I wanted, whenever I felt like, in The Ethical Spectacle and to my mailing lists. A gatekeeper of any kind would have spiked most of of the stories I wrote about. An editor might have made some little contribution to my grammar or, on occasion, my spelling. In the balance, I've done much better without gatekeepers than I have with them. Contrast the experience I've had writing for others. In the past three years, I've had articles killed by print media, or edited beyond recognition. Language I never wrote expressing ideas that aren't mine has been introduced. I even saw scores of typographical errors crop up in the hardcover of Sex, Laws and Cyberspace during the editing process. More people read The Ethical Spectacle in a month than have read that book in the two years it has been out. People like Hilary Clinton want gatekeepers for the Net not to screen for falsehood but to keep the truth within acceptable parameters. Government censorship isn't necessary when the media censors itself. Mrs. Clinton appears to hold the "Don't make me come over there" theory of government. A much better opinion of the value of a medium without gatekeepers was expressed by Judge Stewart Dalzell in his opinion in ACLU v. Reno, invalidating the Communications Decency Act. Judge Dalzell appreciated the Net's "low barriers to entry", "astoundingly diverse content" and "relative parity among speakers." His fascinating conclusion was that the Net is superior to print media as a "speech-enhancing medium" precisely because of the lack of gatekeepers: "It is no exaggeration to conclude that the Internet has achieved, and continues to achieve, the most participatory marketplace of mass speech that this country -- and indeed the world -- has yet seen.... Indeed, the Government's asserted 'failure' of the Internet rests on the implicit premise that too much speech occurs in that medium, and that speech there is too available to the participants." He noted that, if the government were permitted to impose gatekeepers on the Net, the "Internet would ultimately come to mirror broadcasting and print, with messages tailored to a mainstream society" where "economic power has become relatively coterminous with influence." Judge Dalzell praised "the autonomy" that the Net "confers to ordinary people as well as media magnates." This autonomy is precisely what frightens Hilary Clinton. ------------------------------ Date: Tue, 24 Feb 1998 09:20:53 -0600 From: Richard MacKinnon Subject: File 3--Thoughts on the Coaltion of ISPs and the Usenet Blockade The Usenet Blockade The Usenet Death Penalty (UDP) is a misnomer because it is not a form of virtual capital punishment--at least not in the short-term. It is more akin to a blockade or a seige. A Usenet Blockade may be an effective means of coercing the Netcom leadership to better address the antisocial activities originating from the base camp of spammers located within its borders. Primarily an economic attack, blockades have been used throughout history to help meatspace governments align their priorities with their neighbors. Since Usenet consists of several sovereignties, it can be useful to apply much of what we know about international relations, that is, the theories relating to national actors interacting in an ungoverned space. As an ungoverned space, Usenet is learning how to self-govern by way of coalitions which is the primary way actors move out of the state of nature into relative civilization. Competing Illiberalisms There is no doubt that spam is a major annoyance for the Usenet world, and for some there is a real economic cost. As a result, users have turned to their leaders for solutions. These solutions range from personal defense systems (filtering software), to isolationism (closed systems), to blockades (the Usenet death penality). Unfortunately, all three categories of solutions pose serious challenges to the concept of free speech and the free movement of information--arguably an ideology foundational to Usenet. The challenge is to determine which solution is less illiberal and to determine who ought to make this determination. Analysis of the Competition: Defense systems may be end-user based, ISP-based, or network-based. End-User based 1. In the event of bombing (Usenet "spamming" in this example), end-users may purchase among the many competing brands of poor, mediocre, and barely satisfactory personal filtering systems on the open market. A functioning, Reaganesque "Star Wars Defense" system has not yet appeared in the state-of-the-art efforts--not only do the defense systems screen out incoming missiles, they often screen out rain, sunlight, and other useful things causing the otherwise vivacious virtual environment to wilt, dry up, and become dull. 2. Frustratingly, they also fail in their primary mission and let a lot of missiles through with varying degrees of casualties reputedly ranging from exposing children to naked adults and exposing adults to naked children. This is something that software may never be able to dress/address. 3. There is a lot of political controversy over these inadequacies. Leaders of various end-user communities have met with representatives of the moral-military-industrial complex in an attempt to either make better personal defense systems or eliminate their use altogether. As Bruce Sterling in Austin observed at last week's Conference on Computers, Freedom and Privacy, the resolution seemingly lies beyond the grasp of even the White House Office of Science and Technology which finds it simpler to tackle the problems posed by theoretical physics and space exploration. Needless to say, the resolution is out there--way, way, out there--creating a vacuum of indecision and an opportunity for ad hocractic power. ISP-based 4. Some ISPs in the past have attempted to close their borders and restrict the flow of traffic in and out. This has also been frowned upon by many of the same leaders of end-user communities. Fundamentally, isolationism is an ostrich approach to making "foreign policy" among CISPs. The Usenet world continues to spin and the people with their heads in holes just end up missing out on lots of interesting events. 5. As a result, lots of disgruntled netizens flee from closed systems to freer systems. Geo-economics has forced many "virtual countries" to loosen up their border controls. Naturally, this makes them susceptible to bombing attacks. Network-based 6. Virtual countries which are loathe to close their borders because that policy is inherently illiberal are forced to choose between establishing network-level blockades or placing the burden of defense on the end-users by way of personal filtering systems--most of which have also been considered illiberal. 7. Blockading, fundamentally an ad hoc economic attack, has been identified as a means of coercing a virtual country into policing the activities within its borders so that its national digital output (NDO) falls within the bounds of systemically acceptable end-user behavior. The Leviathan rears its ugly head. Who decides? Should Usenet "global" policy be set by individuals, their virtual communities, isolated ISPs, coalitions of ISPs (CISP), or national governments? The logic of collective action in Usenet is governed by a set of social laws which are elusive but as reliable as many physical laws when properly understood. As a board member of Electronic Frontiers-Texas (formerly EFF-Austin), I have been participating in the drafting our position statement on the Usenet Death Penalty and Netcom. My understanding of the social laws of ungoverned interaction is that any policy recommendation to the coalition of ISPs requires as strong an element of coercion if it is going to get their attention. Otherwise, the ad hoc UDP CISP will continue to pursue its interest and what it perceives is the interest of its constituents. The coalition wielding the most coercive power has the most influence over the ungoverned decisionmaking process. Who decides? Should Usenet "global" policy be set by individuals, their virtual communities, isolated ISPs, coalitions of ISPs (CISP), or national governments? The logic of collective action in Usenet is governed by a set of social laws which are elusive but as reliable as many physical laws when properly understood. As a board member of Electronic Frontiers-Texas (formerly EFF-Austin), I have been participating in the drafting our position statement on the Usenet Death Penalty and Netcom. My understanding of the social laws of ungoverned interaction is that any policy recommendation to the coalition of ISPs requires as strong an element of coercion if it is going to get their attention. Otherwise, the ad hoc UDP CISP will continue to pursue its interest and what it perceives is the interest of its constituents. The coalition wielding the most coercive power has the most influence over the ungoverned decisionmaking process. 1. The weakest statement: "We the people of deplore the use of the Usenet Death Penalty" on Netcom because it infringes on the liberties of Netcom's end-users--liberties and rights which we hold dear and inalienable. What happens to Netcom today could happen to us tomorrow." I like and support this statement, but my understanding of the social physics is that it is anemic and although it may get some media play, it will have little actual influence on the play of events. It's an example of critique without action. 2. One might write a statement as follows: "We the people of deplore the use of the Usenet Death Penalty" on Netcom because it infringes on the liberties of the Netcom end-users--liberties and rights which we hold dear and inalienable. What happens to Netcom today could happen to us tomorrow." Therefore, we are calling for a general strike against all ISPs which intend to participate in this egregious and illiberal curtailment of free speech. On February XX, we are encouraging everyone to close their accounts on these systems and move to ISPs who refuse to participate in the UDP." I like this statement better because it uses the logic of the blockade (economic coercion) against the CISP and it carries the satisfaction of praxis--theory plus action. 3. Or one could write a statement like this: "We the people of deplore the use of the Usenet Death Penalty" on Netcom because it infringes on the liberties of the Netcom end-users--liberties and rights which we hold dear and inalienable. What happens to Netcom today could happen to us tomorrow." Therefore, we are calling for a general strike against all ISPs which intend to participate in this egregious and illiberal curtailment of free speech. On February XX, we are encouraging everyone to close their accounts on these systems and move to Netcom in an act of solidarity." This is the strongest statement because it shows conviction. While most of us have privately condemned Netcom for permitting the spamming, this statement underlies our belief that the classification of what is spam and what it isn't is a dangerous and suspect activity. Further, it shows that we are willing to give up our own access to Usenet in the fight to guarantee access to everyone. A long roll-call of voluntary conversions would get the attention and action need to have an effect. In other words, the statement should be accompanied with a list that looks something like this: user@netcom.com, formerly user@MAIN.Org user@netcom.com, formerly user@unforgettable.com user@netcom.com, formerly user@mail.utexas.edu user@netcom.com, formerly user@actlab.utexas.edu ...and thousands of others formerly from everywhere.anywhere This third statement accompanied by such a list, when presented to the CISP will carry the political and moral weight necessary to work with the laws of social physics, not against them. --Richard MacKinnon (http://www.actlab.utexas.edu/~spartan), author of "Searching for the Leviathan in Usenet" and "Punishing the Persona: Correctional Strategies for the Virtual Offender." His views are not necessarily the views of Electronic Frontiers-Texas or the Advanced Communication Technologies Laboratory. ------------------------------------------------------------- Richard MacKinnon http://www.actlab.utexas.edu/~spartan Government Department mailto:spartan@gov.utexas.edu Advanced Communication Technologies Laboratory (ACTLAB) The University of Texas at Austin ------------------------------ Date: Thu, 7 May 1997 22:51:01 CST From: CuD Moderators Subject: File 4--Cu Digest Header Info (unchanged since 7 May, 1997) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send post with this in the "Subject:: line: SUBSCRIBE CU-DIGEST Send the message to: cu-digest-request@weber.ucsd.edu DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS. The editors may be contacted by voice (815-753-6436), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. To UNSUB, send a one-line message: UNSUB CU-DIGEST Send it to CU-DIGEST-REQUEST@WEBER.UCSD.EDU (NOTE: The address you unsub must correspond to your From: line) Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. In ITALY: ZERO! BBS: +39-11-6507540 UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD Web-accessible from: http://www.etext.org/CuD/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) The most recent issues of CuD can be obtained from the Cu Digest WWW site at: URL: http://www.soci.niu.edu/~cudigest/ COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #10.15 ************************************