From: cfrye@mason1.gmu.edu (Curtis D Frye)
Date: Mon, 23 May 94 22:38:38 PDT
To: cypherpunks@toad.com
Subject: Response to Uni's "Lawsuit" Message
Message-ID: <9405240538.AA21324@mason1.gmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


First off, many thanks to Uni for deciding to share his venture into the
legal ramifications of Usenet.  It's a shame things had to be taken to this
extreme, though his reasoning (edited to conserve bandwidth) is flawless
and the potential harm quite grave.

I address this issue from my George Mason University account as it presents
my personal opinions on the subject and does not necessarily reflect the
views of Digital Gateway Systems, Inc., a DC-area Internet access provider
where I am Director of Sales and Marketing.  However, Uni's comments on
Netcom's role in the matter are, to say the least, thought-provoking for
someone in my position.

I have deleted quite a bit of the background and history, though I believe
the context of all relevant points has been preserved.  Should I make an
error in that sense, or misrepresent one of Uni's positions, I hope to be
corrected quickly.


<--uni's words begin--> 
I contacted netcom.com to see how they might respond to the suit, and to 
ask about the need for a preliminary injunction to prevent data in and 
about tmp's account from being destroyed inadvertently or intentionally.  
Netcom.com was initially not very cooperative.  They suggested I sort 
the problem out with tmp, and that it was not their issue.  This was 
until my attorney called Mr. Bruce Woodcock at Netcom support services.  
Mr. Woodcock was VERY cooperative.  He was very interested in avoiding 
liability and was perhaps the best card we had in the suit.  While I 
cannot go into detail as to the specific support he provided, I think it 
is safe to say AS A GENERAL MATTER that while most internet providers 
will be very strict about privacy for their account holders, the 
appearance of legal proceedings and potential court orders make a 
provider very interested in not being named as a co-defendant. (Note 1)  
I must thank Mr. Woodcock and commend him on his excellent balance of 
client privacy and respect for the judicial system.
<--uni's words end-->

I would imagine that the folks who received the initial communication were
not in a position to realize the potential damage that being named on such
a suit could cause even if a court chose not to impose monetary
liabilities.  I live in fear of that sort of occurrence and, while
cooperation with lawyers and striking an "excellent balance of client
privacy and respect for the judicial system" can be turned into your favor,
the risk of someone not being of a mind to settle with the defendant and
also willing to drag as many people/organizations down with the defendant
as possible is daunting.  

A question I don't ever expect to have answered, as it involves both a
hypothetical situation and is, by its nature, unfair:  What if you had lost
the Swiss furniture deal?  You admitted that you would not have been as
sanguine about the affair -- would the rage have led you to forego
contacting Netcom and name them as a co-defendant?  Even had you later
dropped them from the suit, substantial damage would have been done.  Also,
that action might have caused them to entrench and force you to go through
discovery, a long and trying process.  Not to mention the expense...

One way I had foreseen providing (relatively) anonymous Internet access for
my Cypherpunk comrades was to establish an account with no personal
information in the system log, post a cash or money order payment to DGS's
bank account, and retain an account name-indexed list where I could email
individuals whose accounts were due to expire.  The problems with this
scheme?  Keeping track of who was who and making sure no one grabbed
someone else's userid (zero knowledge proofs, anyone???) is one, legal
liability for providing such a service is another.  I need to research the
applicable regulations which state how much customer information we are
required to maintain, if any.  Anyone out there familiar with the laws of
the Commonwealth of Virginia on this point?

The weak link in the system?  Me.  Numerous points of failure and
susceptible to lawsuits and other legal/non-legal forms of "rubber hose de-
anonymization".


<--uni's words begin--> 
In a way I'm sorry the case didn't go to the courts.  While it probably 
would not have been a precedent setting one, because it doesn't seem 
tmp@netcom.com could have appealed a ruling and gotten it into the 
record books as an appeals case with some precedent, it would have been 
interesting to see what sort of liability Usenet might present.  In a 
way I felt guilty.  Usenet and the net in general is such a break from 
the normal rules and fears of liability it seemed a shame in a way to 
introduce the ugly head of jurisdiction and subservience to the legal 
system to cyberspace.  
<--uni's words end-->


Agreed, though your willingness to settle mitigates the "sin" of the
original action, IMHO.  I fear that future suits, when they inevitably
occur, will be based on a much less extravagant disregard for the truth,
possibly setting the threshold for libel/slander on the Usenet at
intolerably low levels.  As you mention later, the possibility of
government-controlled nationwide information networks would be a
frightening proposition if the government were to choose a test case, get
the best lawyers they could afford (!!??) and take a chance with twelve
"peers" sitting on a pine bench for $5 per day.


<--uni's words begin-->
I also don't like to be a bully.  In another way 
it seemed like a no-lose situation.  If I won a suit, I would be 
vindicated (as petty as that is), and there would be some clue as to how 
far one could go on Usenet and in cyberspace in general.  If I lost, I 
would be just as pleased that the line had been drawn and the results of 
basic immunity to defamation and libel would have been quite a social 
experiment, a result still quite worth the expenditure for me.  In 
addition, I was very interested in discovering how a court, the ultimate 
throwback to the real world, would impose (or refuse to impose) 
traditional legal theory on Usenet and electronic mailing lists in 
general.  As a legal scholar, it was a problem that presented a 
wonderful chance to see the law evolve literally right before my eyes.  
In retrospect, I'm not sure I would have been so pleased if the Swiss 
deal had been compromised in the process.
<--uni's words end-->

As I do not share your frame of reference, it's hard for me to make a
judgment on these points.  Moving from the theoretical to the practical,
seeing the law made before your eyes is an unnerving experience that, as a
non-lawyer, I find a bit difficult to view with the detachment you seem to
show in this passage.  (I'm sure you're concerned as well, it's just that
this paragraph, read out of context, is a bit dispassionate.)

Also see my points about thresholds of abuse above.


<--uni's words begin--> 
Note 1:
It seems to me that the entire event highlights the potential demand for 
anonymous utilities on both sides.  tmp would have been much better off 
for his ability to use remailers, and I would have been much better off 
had I guarded my pseudonym more effectively.  The interesting solution 
would be a multi-jurisdictional remailer making records non-
reconstructable, and guarding the operator from jurisdiction and 
liability.  tmp's greatest weak spot was Netcom's potential liability.  
I would have been hard pressed to sue had Netcom not been so easily 
included as a defendant.  Netcom's cooperation (which was not at all 
"voluntary" I must add, but rather based on significant perceived, 
potential liability) made expensive depositions and numerous 
interrogatories throughout the discovery game unnecessary, and probably 
would have been much more difficult if Netcom had insisted on pursuing a 
hearing in court on each request and fought tooth and nail as (I assume) 
Julf might have.
<--uni's words end-->


What exactly is Netcom's liability in this case?  If a service provider is
treated as a phone company, abuse of the service could be grounds for
discontinuing the service.  As Netcom did not discontinue tmp's service
(see below), perhaps there is room for suit there.  Should, however, an
access provider be treated as analogous to a direct mail firm, the
responsibility is much more obvious.  As various Internet services perform
different functions (Usenet is like mass mailing, email is like phone
service, IRC is like public conversation etc.), the range of liabilities is
staggering.  

What protection should Netcom, and other access providers, have against the
abuses of their subscribers?  Damn if I know, but it's an important
question to stay awake at night worrying about...


<--uni's words begin-->
In any event this raises another matter.  How then are remailers to be 
supervised?  My personal feeling is that Julf, or any remailer operator, 
would have blocked tmp's use of a remailer far before Netcom would have.  
(Note that Netcom STILL has not revoked tmp's account, I guess they are 
just asking for trouble?)  
<--uni's words end-->


As Julf provides his service as a favor to the Internet community and
appears not to be driven by any profit motive (he hasn't solicited a
contribution from me, though I haven't used my penet.fi account in a few
years), he can allow his "cultural expectations" of the Internet/Usenet
community to temper his judgments.  

As for Netcom, they are taking a foolish risk by allowing tmp to remain as
a subscriber.  I can say with 99% probability that any DGS user exhibiting
behavior similar to tmp's would have been bounced and their money
cheerfully refunded.  And I'd hope the door would hit him on the ass on the
way out...


<--uni's words begin-->
In as much as remailers are operated by those 
who have some degree of respect for Usenet and cyberspace in general, 
the kind of self patrolling that goes on seems to me as effective, 
provided there isn't an imposition by the operator of the morality 
legislation that remailers are often used to circumvent (pornography, 
etc.)  In my view the traffic level alone of tmp's Usenet posts is more 
offensive than any pornography, tax avoidance, political activism, or 
free marketing that goes on through remailers.  It should be this, along 
with harassment or obvious forum abuse that should dictate the line at 
which a remailer operator blocks access.  In the current system, as 
displayed by Netcom's policy, it is quite the opposite that is affected.  
Potential legal liability (which is based on the whims of the empowered 
jurisdiction) is the only effective bar against misconduct.  The 
implications of a nationalized internet are quite unnerving in this 
context.  
<--uni's words end-->


See above, and amen.


<--uni's words begin-->
In a way Netcom is a victim here.  They are at the mercy of 
the U.S. legal system despite what is or is not morally acceptable in 
cyberspace.  In a way they have dug their own hole.  Their restrictions, 
and motivations are based on profit, not on ethics.
<--uni's words end-->


Very much in line with your earlier thoughts on the potential (non-)
application of traditional libel/slander law to the Net -- would the Courts
allow cyberspace to be that much more rough-and-tumble, with higher
standards of abuse required for successful suits?   The proof is left as an
exercise for the original poster :-).

As for profit motive (and please take this as a VERY GENTLE rebuke), you
admitted that your disposition may have been different if the Swiss deal
had fallen through.  My company is also motivated by profit -- my job is to
write the ads and market the groups that will bring in more and more money. 
I would agree that Netcom, by valuing tmp's $20 per month over the
potential harm to the Net community, has taken that view to a bit of an
extreme.  I would hope that my company would draw the line closer to...
well, closer to what I subjectively feel is a reasonable place to draw some
sort of distinction on a case-by-case basis.


***Conclusion***

So many issues out here on the bleeding edge...so much to stay up on, let
alone get ahead.  I'd like to thank Uni for trusting us enough to share
many of the details of his suit and hope he continues his valuable
contributions to Cypherpunks and net.culture in general.

--
Curtis Frye, speaking for himself and trying to put it all together...