1996-05-23 - Re: An alternative to remailer shutdowns

Header Data

From: Black Unicorn <unicorn@schloss.li>
To: Ben Holiday <ncognito@gate.net>
Message Hash: 95dfed1702fa57b021f3fdf28484780b17aed69fd7bbcd030c33a5b32c6bc622
Message ID: <Pine.SUN.3.93.960522171315.15860C-100000@polaris.mindport.net>
Reply To: <Pine.A32.3.93.960521183731.12238A-100000@seminole.gate.net>
UTC Datetime: 1996-05-23 03:31:16 UTC
Raw Date: Thu, 23 May 1996 11:31:16 +0800

Raw message

From: Black Unicorn <unicorn@schloss.li>
Date: Thu, 23 May 1996 11:31:16 +0800
To: Ben Holiday <ncognito@gate.net>
Subject: Re: An alternative to remailer shutdowns
In-Reply-To: <Pine.A32.3.93.960521183731.12238A-100000@seminole.gate.net>
Message-ID: <Pine.SUN.3.93.960522171315.15860C-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain


On Tue, 21 May 1996, Ben Holiday wrote:

> 
> 
> On Tue, 21 May 1996, Daniel R. Oelke wrote:

> 
> > > The second is to simply include the
> > > consent-code along with the encrypted peice of mail and a legal notice
> > > stating that decryption of the mail constitutes your consent to receive
> > > the mail, as well as your agreement to hold the remailer-operator harmless
> > 
> > By reduction - you could just do a rot13 on the message and 
> > append the "legal notice".   If all the information for decoding
> > a message is present in that message, is a different encoding
> > mechanism really any different from straight ASCII text?  
> > (i.e. Netscape 9.13 might have auto decoding built it....)
> > Then, the user doesn't do anything "extra" - does this invalidate 
> > the notice?
> 
> Donno. IANAL. :)

A person has notice of a fact if he knows the fact, has reason to know it,
should know it, or has been given notification of it.  Restatement,
Second, Agency section 9.

The important issue here is what constitutes constructive or implied 
notice (the second example above).

Constructive notice exists where a party could have discovered a fact by
proper diligence and where the situation casts a duty on him to inquire
into the matter.

A person who has _actual_ notice of circumstances which would set of the
"alarm bells" of a prudent person has constructive notice of the issue
itself where a notice clause was available and easily referenced.

See F.P. Baugh, Inc. v. Little Lake Lumber Co., 297 F.2d 692, 696.

Also comes the question what notice is adequate?  Notice reasonably
calculated, in all circumstances, to apprise all interested parties of
actionm and opportunity to present their objections, says U.S. v San Juan
Lumber Co., 313 F.Supp. 703, 709.

I'm not going to discuss what constitutes a legal agreement here for the
purposes of waiving rights to hold the remailer operater harmless.  These
are traditionally unnegotiated agreements that courts are not likely to
want to enforce.  (Back of a ski lift ticket, notice that the garage is
not responsible for theft).

If a court feels that the remailer operator is being negligent or some
such, a notice like you are talking about is not likely to be very
effective.

I find that making the user decrypt the message as acceptance of the mail
is clever, but what exactly does it accomplish?  The user can still have
his copyrights violated in the text, what does it matter that he did or
did not accept the mailing?

> This would accomplish two things: We could source block an address without
> knowing the source; and if push came to shove an address could be
> backtracked to its original source, provided a complaint was made in time,
> and that the Bad Guy sent another mail from the same address. I think
> that legally there would be a good argument that the remailer ops had made
> a reasonable attempt and holding lawbreakers accountable, while still
> preserving the anonymity of non-abusers

Let's call this the "hash policy."

I'd be interested to see what the ration of volume between mailers with a
hash policy and mailers without a hash policy would be.

Simply the perception that records are being kept could have a chilling
effect.

The user is in no position to verify how secure those records are, or that
they are indeed hashed at all.

While the same is true with regards to logging at all (hash or no) I think
the feeling that the existance of records somehow makes it more likely the
the remailer operator will (with resistance) cooperate with the
authorities is amplified.

Either you do or do not believe that a remailer operator is keeping
full and unhashed records.

If you KNOW that records are being kept, well, to the user, what's the
difference between this and the mailer logging all traffic fully and
putting the information in a "Secure" directory?

How precisely does hashing protect the user?

> Just a thought.. 
> 
> Ben.

---
My preferred and soon to be permanent e-mail address:unicorn@schloss.li
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information
Opp. Counsel: For all your expert testimony needs: jimbell@pacifier.com







Thread