1992-10-23 - Re: Keystone

Header Data

From: gnu@cygnus.com
To: cypherpunks@toad.com
Message Hash: 0bfa1d7d1f80cbd3ce39cc23172cc4e724e96af15fbdaf8df16e75cb89f68a9c
Message ID: <9210230728.AA25822@cygnus.com>
Reply To: <9210230622.AA26831@soda.berkeley.edu>
UTC Datetime: 1992-10-23 07:28:19 UTC
Raw Date: Fri, 23 Oct 92 00:28:19 PDT

Raw message

From: gnu@cygnus.com
Date: Fri, 23 Oct 92 00:28:19 PDT
To: cypherpunks@toad.com
Subject: Re: Keystone
In-Reply-To: <9210230622.AA26831@soda.berkeley.edu>
Message-ID: <9210230728.AA25822@cygnus.com>
MIME-Version: 1.0
Content-Type: text/plain


> "A provider of communications services cannot be held liable for the
> consequences of encrypted communications that pass though its system."

Far too simple.  Suppose the provider is a BBS operator who *knows* what
their users are passing through the system?  Suppose the provider has
keys to the encrypted communications?  Suppose those keys are only to be
used under duress (e.g. under a court order)?  Suppose the provider
is a parent and the user is their teenage daughter?  Suppose the
encryption is easily breakable?

The principle you are looking for is that if the service provider has
no *control* over the content, then they should have no *liability*
for it either.  The courts are gradually making that happen.  But
control relates directly to the specific facts of the particular case --
not whether encryption is in use.

The case law on liability for content is gradually being made.  So
far, no particularly horrible precedents have been set (I don't think
there are precedents yet in the arrest-the-record-store-owner-for-rap-
records-the-cops-don't-like issue).  In a good decision, Compuserve
was let off the hook for a message sent by someone who Compuserve even
paid to moderate a corner of their service -- because Compuserve
didn't control the content of that corner.

I realize that this group has a tendency toward extremism, but let's
temper that with a bit of wisdom, too.

	John





Thread