Computer underground Digest Sun Mar 1, 1998 Volume 10 : Issue 15

Computer underground Digest Sun Mar 1, 1998 Volume 10 : Issue 15
ISSN 1004-042X

Editor: Jim Thomas ([email protected])
News Editor: Gordon Meyer ([email protected])
Archivist: Brendan Kehoe
Shadow Master: Stanton McCandlish
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Field Agent Extraordinaire: David Smith
Cu Digest Homepage: http://www.soci.niu.edu/~cudigest

CONTENTS, #10.15 (Sun, Mar 1, 1998)

File 1--Privacy groups tell FCC to deep-six wiretap law
File 2--SLAC Bulletin, February 14, 1998
File 3--Thoughts on the Coaltion of ISPs and the Usenet Blockade
File 4--Cu Digest Header Info (unchanged since 7 May, 1997)

CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.

---------------------------------------------------------------------

Date: Wed, 11 Feb 1998 17:33:17 -0800 (PST)
From: Declan McCullagh <[email protected]>
Subject: File 1--Privacy groups tell FCC to deep-six wiretap law

Seems as though even the folks (not the undersigned) who lauded the virtues
of the Digital Telephony wiretapping law and cut a deal to ensure its
passage are now claiming it's gone astray. Attached below are comments
filed (I believe today) with the FCC on the law.

Even if you don't care about wiretapping, consider this: the Digital
Telephony law requires technology firms to make communications readily
snoopable by law enforcement agents. Think of this as a precedent for
requiring technology firms to make //encrypted// communciations readily
snoopable by law enforcement agents.

Trust me, even if you haven't thought about that precedent and its value
when lobbying members of Congress, Louis Freeh has.

-Declan

******

Before the

Federal Communications Commission
Washington, D.C. 20554

In the Matter of )
) CC Docket No. 97-213
Communications Assistance for )
Law Enforcement Act )

Surreply Comments of

The American Civil Liberties Union
The Electronic Privacy Information Center
The Electronic Frontier Foundation
Computer Professionals for Social Responsibility

The American Civil Liberties Union (ACLU), Electronic Privacy
Information Center (EPIC), Electronic Frontier Foundation (EFF), and
Computer Professionals for Social Responsibility (CPSR) respectfully
submit these surreply comments in the above referenced proceeding. Our
organizations represent a broad perspective of public interest, privacy and
civil liberties interests.

ACLU, EPIC and EFF jointly filed comments with the Federal
Communications Commission in response to the Notice of Proposed
Rulemaking (NPRM) on implementation of the Communications Assistance
for Law Enforcement Act (CALEA) on December 12, 1997. In our
previous comments, we urged the Commission to exercise its statutorily
conferred authority to delay compliance with the Act until October, 2000.

However, after reviewing the comments filed by the Federal Bureau
of Investigation (FBI), public interest groups, and industry; and in light of
the FBI's four year delay in releasing to the public the statutorily required
Notice of Capacity; and the FBI's obstruction of the adoption of industry
compliance standards that are feasible and technically possible, we are
convinced that the Commission must indefinitely delay the implementation
of CALEA. We call on the Commission to report to Congress on the
serious legal, technical, and policy obstacles that have thwarted CALEA's
implementation. Our organizations also request that the Commission
require the FBI to provide comment-- on the public record-- explaining their
failure to meet the statutory Notice of Capacity Requirement imposed by
Congress nearly four years ago.

Our requests in this proceeding are based on several provisions for
government accountability and privacy protection incorporated in CALEA
and its legislative history, which has thus far been largely ignored.
Section
107 of CALEA provides that any person(s), including public interest
groups, concluding that any standard issued on the implementation of the
Act is deficient, may petition the Commission for review. This section
provides that one factor for judging the acceptability of standards is whether
they protect the privacy of communications that are not permitted to be
intercepted under the law.

Furthermore, the legislative history of CALEA makes clear that the
Commission's authority over this implementation process is designed to
ensure that the following goals are realized: (1) Costs to consumers are kept
low, so that 'gold-plating' by the industry is kept in check; (2) the
legitimate
needs of law enforcement are met, but that law enforcement does not engage
in gold-plating of its demands; (3) privacy interests of all Americans are
protected; (4) the goal of encouraged competition in all forms of
telecommunications is not undermined, and the fact of wiretap compliance is
not used as either a sword or a shield in realization of that goal.

Because our organizations have concluded that these statutory goals
have not been satisfied, we believe it is incumbent on the Commission to
take action with regards to our requests. In these surreply comments we
will also address several issues raised in submissions of other interested
parties that call for an expansion of the CALEA's mandate and that run
counter to Congress' stated goals.

I. The FBI has Disregarded the Congressional Limitations and
Statutory Obligations Imposed on Law Enforcement by CALEA:

CALEA explicitly called on law enforcement to issue a technical
capacity notice by October 25, 1995, one year after the law's enactment.
Carriers were given three years after the notification to install capacity
meeting the notification requirements. Thus, under the statutory timetable,
industry's deadline for compliance was to have been October 1998.

Section 104(a)(2) requires that the technical capacity notice
provide a
numerical estimate of law enforcement's anticipated use of electronic
surveillance for 1998. The notice is required to establish the maximum
interceptions that a particular switch or system must be capable of
implementing simultaneously.

By mandating the publication of numerical estimates of law
enforcement surveillance activity, Congress intended CALEA's notice
requirements to serve as accountability "mechanisms that will allow for
Congressional and public oversight. The bill requires the government to
estimate its capacity needs and publish them in the Federal Register."

In addition to the concerns of privacy advocates, the Public Notice
requirement was based on industry concerns that the cost of providing
intercepts was becoming an undue burden on companies and that the
number of intercepts was growing too rapidly for industry to respond. In
1994, AT&T testified that such law enforcement notice was necessary for
industry to accomplish the following:

-require law enforcement to focus on what it actually requires to accomplish
its legitimate needs thereby freeing resources they do not actually require
for
other purposes;

-provide an essential mechanism for Congress to control both the costs and
level of law enforcement involvement in the development of new services;

-ensure that the fewest taxpayer dollars are spent to address law
enforcement concerns.

As documented in detail in our prior comments, the FBI has yet to
provide the mandated Notice of Capacity. The Bureau has thus far released
two initial notices that were both withdrawn after sharp public criticism over
the FBI's failure to meet the statutory requirements.

The FBI comments also do not explain why the public and Congress
should ignore their failure to meet this statutory obligation. Instead, the
FBI
asserts that public safety should override any technical problems industry
groups may face in complying with CALEA's statutory deadline.
However, we believe that this assertion has also not been justified by the
FBI to date.

According to statistics released by the Administrative Office of the
U.S. Courts and the Department of Justice, the actual number of
interceptions has risen dramatically each year and in 1996 alone 2.2 million
conversations were captured by law enforcement. A total of 1.7 million of
these intercepted conversations were deemed not "incriminating" by
prosecutors. Our organizations believe that these numbers do little to
support the FBI contentions that CALEA should be given broad
interpretation.

Moreover, the FBI comments state that a blanket extension on the
compliance with CALEA should not be granted despite the impasse
between industry and law enforcement because of the potential threat to
public security. While we recognize the importance of protecting the
public, Congress required that there be a balancing of the interests of law
enforcement with the need to protect privacy and develop new technologies.
Specifically, Congress had the following objectives:

(1) to preserve a narrowly focused capability for law enforcement agencies
to carry out properly authorized intercepts;

(2) to protect privacy in the face of increasingly powerful and personally
revealing technologies; and

(3) to avoid impeding the development of new communications services and
technologies.

Hence, we are not persuaded by the FBI's conclusion that there
should not be a blanket extension for compliance with CALEA. Until it is
clear that each of the Congressional objectives is met and there is a public
release by the FBI of its statutorily mandated Notice on Capacity, the
technical compliance with the Act should be postponed.

II. The FBI Has Not Maintained Narrowly Focused Capability for
Law Enforcement Agencies to Carry Out Authorized Intercepts

The FBI's bad faith in the implementation process has prevented the
development of acceptable technical standards that are feasible by industry.
As our prior comments document and industry comments support, the FBI
has repeatedly endeavored to require that industry meet a FBI wish-list of
surveillance capability needs never contemplated by Congress. Indeed,
avoiding such an impasse was precisely why Congress explicitly redrafted
the statute in 1994 to eliminate law enforcement control over industry
standard-setting.

Instead of preserving a narrow focus on surveillance capability, the
FBI has sought an expanded capability by interpreting CALEA to apply to
entities and user services specifically exempt by Congress. The comments
submitted by the FBI underscore the validity of our concerns by presenting
a wish-list of items that go far beyond the authorized electronic surveillance
under the provisions of Title III of the Omnibus Crime Control and Safe
Streets Act of 1968, the Electronic Communications Privacy Act of 1986
and CALEA.. For example, the FBI comments call for CALEA compliance
by carriers providing access to information services, private
communications services, and paging services -- an expansion of
surveillance capabilities never contemplated by Congress.

(a) Information services

In paragraph 29 of its submission, the FBI states that it agrees that
providers of "exclusively information services are excluded from CALEA"
but that "any portion of a telecommunications service provided by a
common carrier that is used to provide transport access to information
services is subject to CALEA."

Such services are explicitly exempt under the statute. Section 103
(4)(b) provides limitations on what services are required to meet assistance
capability requirements under CALEA. It states:

(b) Limitations:
(2)Information services; private networks and interconnection services and
facilities. The requirements of subsection (a) do not apply to--

(A) information services; or

(B) equipment, facilities, or services that support transport or switching of
communications for private networks or for the sole purpose of
interconnecting telecommunications carriers.

Congress explicitly rejected any application of CALEA to
information services including electronic mail and on-line services
recognizing that interception of those communications is the equivalent of
"call content" and is therefore, subject to a much higher degree of protection
under the Constitution. The FBI, and the Commission NPRM, incorrectly
assume there is a distinction between carriers that exclusively provide
information services and common carriers that provide access for
information services. The FBI is simply attempting to gain back-door
access to information services contrary to Congress' intent.

(b) Carriers Providing Private Services:

Paragraph 22 of the FBI comment states that "there may exist
telecommunications companies that do not hold themselves out to serve the
public indiscriminately that should also be treated as 'telecommunications
carriers' by the Commission. Otherwise, companies that hold themselves
out to serve particular groups may, intentionally or inadvertently, undermine
CALEA."

Thus, the FBI's conclusion that private services that do not
indiscriminately provide services to the public fall within CALEA's ambit is
unwarranted. Indeed as the legislative history states:
"...telecommunications services that support or transport switching of
communications for private networks or for the sole purpose of
interconnecting telecommunications carriers...need not meet any wiretap
standards...Earlier digital telephony proposals covered all providers of
electronic communications services, which meant every business and
institution in the country. That broad approach was not practical. Nor was
it justified to meet any law enforcement need."

Indeed the explicit exclusion of private networks was also based on
the potential threats to personal privacy that such could be incurred by
requiring private networks to meet the CALEA configuration requirements.
CALEA's legislative history states that private networks are not the usual
focus of court authorized electronic surveillance and that these networks,
although excluded by CALEA's requirements, may be required to provide
law enforcement with access to information after receiving a court order.

(c) Paging services:

Paragraph 25 of the FBI comments state: "Law enforcement
contends that paging systems should be included in the definition of
"telecommunications carrier" for the purposes of interpreting CALEA
because paging systems generally fall within the definition of common
carrier or, at minimum, rely on common carriers to be activated."

Paging service's reliance on common carriers for activation does not
automatically compel their compliance with CALEA.

III. The FBI Has Ignored Privacy Protection Requirements

The Congress specifically required privacy safeguards to assure that
communications not be made vulnerable to hackers and rogue wiretaps as a
result of CALEA. Section 105 of CALEA, Systems Security and Integrity,
mandates that "telecommunications carriers shall ensure that any
interception of communications or access to call-identifying information
effected within its switching premises can activated only in accordance with
a court order or other lawful authorization...". However, the FBI comments
and FCC NPRM merely reduce privacy concerns to questions of
telecommunication carrier recordkeeping and employee screening measures.

Furthermore, Section V of the FBI comments, which addresses the
carrier security procedures, attempts to undermine the protections against
unlawful government surveillance guaranteed in the Electronic
Communications Privacy Act of 1986. 18 U.S.C. 2510, et. seq. This section
asserts that there is "anecdotal evidence" that carriers have refused to
comply with law enforcement requests for wiretapping where there is
confusion as to the validity of court orders. As a result, the FBI has called
on the Commission to limit the ability of carriers to question the lawfulness
of requests for interception by various law enforcement entities. Similarly,
paragraph 47 states that "[c]arriers are the implementers, not the enforcers,
of lawful intercept orders or certifications under the electronic surveillance
laws."

We strongly disagree with that conclusion. Carriers have an
affirmative obligation under ECPA to ensure that they are not wrongfully
disclosing information to the government or third parties. The failure of
carriers to exercise good faith judgment and carefully scrutinize such
requests for information may expose them to criminal and civil liability
under ECPA. 18 U.S.C. 2520 (d). We believe that a Commission ruling
providing that carrier's lack the ability to scrutinize the validity of
warrants
would require them to abrogate their statutory good faith obligations. In
addition, the Commission lacks authority to limit the rights of carriers to
review such orders and such a requirement would not comport with other
federal and state requirements.

Paragraph 46 of the FBI comments broadly states that carriers may
not question law enforcement authority to conduct wiretapping
investigations where one party has consented to interception. The FBI
broadly states that "[i]n such cases, the electronic surveillance statutes
clearly indicate that no court order is required."

We similarly disagree with this conclusion. Currently, at least 12
states do not permit "one party consent" to interceptions of communications.
Thus, we believe that a Commission rule limiting carrier discretion would
certainly create pre-emption questions where there is no Congressional basis
and where the request comes from state law enforcement.

Conclusion

Congress envisioned CALEA's implementation as an open process
that would ensure accountability and prevent the development of
unprecedented surveillance capabilities. The expanded capabilities sought by
the FBI, along with their non-compliance with CALEA's Public Notice of
Capacity Requirements warrant serious Commission and Congressional
response.

Our organizations believe that given the FBI's failure to meet public
accountability provisions, the Commission must indefinitely delay the
implementation of CALEA and report to the Congress on the serious
obstacles that have thwarted its implementation to date. We also ask that the
Commission require the FBI provide comment on the public record
explaining its failure to meet it unambiguous statutory obligations under
CALEA.

Respectfully Submitted,

_____________________________________
Laura W. Murphy, Director
Greg Nojeim, Legislative Counsel
A. Cassidy Sehgal, William J. Brennan Fellow
American Civil Liberties Union
Washington National Office
122 Maryland Ave, NE
Washington, D.C. 20002
(202) 544-1681

Marc Rotenberg, Director Barry Steinhardt, President
David L. Sobel, Legal Counsel Electronic Frontier Foundation
David Banisar, Staff Counsel 1550 Bryant Street, Suite 725

Electronic Privacy Information Center San Francisco CA 94103
666 Pennsylvania Ave., SE, Suite 301 (415) 436-9333
Washington, D.C. 20003
(202) 544-9240

Computer Professionals for
Social Responsibility
CPSR, P.O. Box 717,
Palo Alto, CA 94302
(650) 322-3778

cc:
Rep. Bob Barr
Sen. Orrin Hatch
Sen. Patrick Leahy
Rep. Henry Hyde
Sen. Ashcroft
Sen. Edward McCain
Sen. Arlen Spector
Rep. Billy Tauzin
Rep. McCollum
Rep. Charles Schumer

The Communications Assistance for Law Enforcement Act, Pub. L. No.
103-414, 108 Stat. 4279 (1994)
(codified as amended in sections of 18 U.S.C. and 47 U.S.C.)

Statement of the AT&T Corporation Before the House Subcommittee on Civil
and Constitutional Rights
and Senate Subcommittee on Technology and Law, reprinted, in Schneier and
Banisar: The Electronic
Privacy Papers, Wiley and Sons, 1997.

See generally, EPIC letter to The Telecommunications Industry Liason
Unit, November 13, 1995,
reprinted in 1996 Electronic Privacy and Information Center, Cryptography
and Privacy Sourcebook, 1996,
discussing the failure of the Initial FBI Notification of Law Enforcement
Capacity Requirements to meet
CALEA's obligations.

---------------------------------------------------------
POLITECH -- the moderated mailing list of politics and technology
To subscribe: send a message to [email protected] with this text:
subscribe politech
More information is at http://www.well.com/~declan/politech/

------------------------------

Date: Sat, 14 Feb 1998 13:09:56 -0500 (EST)
From: [email protected]
Subject: File 2--SLAC Bulletin, February 14, 1998

SLAC Bulletin, February 14, 1998
---------------------------------

The SLAC Bulletin is a low-volume mailer (1-5 messages per month)
on Internet freedom of speech issues from Jonathan Wallace,
co-author of Sex, Laws and Cyberspace (Henry Holt 1996) and
publisher of The Ethical Spectacle (http://www.spectacle.org). To
add or delete yourself:
http://www.greenspun.com/spam/home.tcl?domain=SLAC

NO GATEKEEPERS

Jonathan Wallace [email protected]

Our president's latest scandal was broken by Internet columnist
Matt Drudge, who reported that Newsweek had spiked a story about
Monica Lewinsky.

Some people see that as a black eye for the print media and a
victory for the Internet. Not First Lady Hilary Clinton, who was
asked about the Net's role in dissemination of news at a press
conference on February 11.

"As exciting as these new developments are.... there are a number
of serious issues without any kind of editing function or
gate-keeping function. What does it mean to have the right to
defend your reputation, or to respond to what someone says?

"There used to be this old saying that the lie can be
halfway around the world before the truth gets its boots on.
Well, today, the lie can be twice around the world before the
truth gets out of bed to find its boots. I mean, it is just
beyond imagination what can be disseminated."

Clinton was asked whether she favored regulation of the Net. She
said she didn't yet know, but commented:

"Anytime an individual or an institution or an invention leaps
so far out ahead of that balance [contemplated by the Founders]
and throws a system, whatever it might be --political, economic,
technological --out of balance, you've got a problem, because
then it can lead to the oppression of people's rights, it can
lead to the manipulation of information, it can lead to all kinds
of bad outcomes which we have seen historically. So we're going
to have to deal with that."

These are among the most scary words ever said about Net
regulation. Contrast them to the rhetoric we're used to, about
the Net as a hydra-headed pornmonger reaching into your child's
bedroom. Censorship advocates like former Senator Exon at least
have the decency to pretend that all they care about is
"decency." Mrs. Clinton goes a huge step further: she's worried
about information. Not just falsehood. Information. Obviously,
for her the right result was Newsweek's decision to spike the
story, not Drudge's to run it.

We're already far enough along in the Lewinsky scandal to know
something happened. The President and Mrs. Clinton have endured a
lot of falsehood on the Net. I don't remember either of them
calling for Net regulation because of Usenet postings or Web
pages claiming that the military shot down flight 800, or that
Ron Brown or Vincent Foster were assassinated. It took the truth,
not a lie, to make Hilary Clinton say the Net is dangerous.

This recalls the early days of the republic, when laws banning
"seditious libel" were in force. Back then, there were greater
penalties for telling the truth than for lying. People might
disbelieve a lie. The truth was more damaging.

Preserve us from gatekeepers. Their function is highly
overrated. Yes, they filter out some falsehoods, but they also
print some, while blocking some truths. Their sense of what
interests the public is notoriously faulty and unrepresentative.
Most of the time, if I really want to drill down into an issue
and get to to the truth, I get my information from the Net.

I didn't see Hilary Clinton's comments above reported in the
print media; I got them from a posting by Declan McCullagh to his
fight-censorship list. For three years, I've written whatever I
wanted, whenever I felt like, in The Ethical Spectacle and to my
mailing lists. A gatekeeper of any kind would have spiked most of
of the stories I wrote about. An editor might have made some
little contribution to my grammar or, on occasion, my spelling.
In the balance, I've done much better without gatekeepers than I
have with them.

Contrast the experience I've had writing for others. In the past
three years, I've had articles killed by print media, or edited
beyond recognition. Language I never wrote expressing ideas that
aren't mine has been introduced. I even saw scores of
typographical errors crop up in the hardcover of Sex, Laws and
Cyberspace during the editing process. More people read The
Ethical Spectacle in a month than have read that book in the two
years it has been out.

People like Hilary Clinton want gatekeepers for the Net not to
screen for falsehood but to keep the truth within acceptable
parameters. Government censorship isn't necessary when the media
censors itself. Mrs. Clinton appears to hold the "Don't make me
come over there" theory of government.

A much better opinion of the value of a medium without
gatekeepers was expressed by Judge Stewart Dalzell in his opinion
in ACLU v. Reno, invalidating the Communications Decency Act.
Judge Dalzell appreciated the Net's "low barriers to entry",
"astoundingly diverse content" and "relative parity among
speakers." His fascinating conclusion was that the Net is
superior to print media as a "speech-enhancing medium" precisely
because of the lack of gatekeepers:

"It is no exaggeration to conclude that the Internet has
achieved, and continues to achieve, the most participatory
marketplace of mass speech that this country -- and indeed the
world -- has yet seen.... Indeed, the Government's asserted
'failure' of the Internet rests on the implicit premise that too
much speech occurs in that medium, and that speech there is too
available to the participants."

He noted that, if the government were permitted to impose
gatekeepers on the Net, the "Internet would ultimately come to
mirror broadcasting and print, with messages tailored to a
mainstream society" where "economic power has become relatively
coterminous with influence."

Judge Dalzell praised "the autonomy" that the Net "confers to
ordinary people as well as media magnates." This autonomy is
precisely what frightens Hilary Clinton.

------------------------------

Date: Tue, 24 Feb 1998 09:20:53 -0600
From: Richard MacKinnon <[email protected]>
Subject: File 3--Thoughts on the Coaltion of ISPs and the Usenet Blockade

The Usenet Blockade
The Usenet Death Penalty (UDP) is a misnomer because it is not a form of
virtual capital punishment--at least not in the short-term. It is more akin
to a blockade or a seige. A Usenet Blockade may be an effective means of
coercing the Netcom leadership to better address the antisocial activities
originating from the base camp of spammers located within its borders.
Primarily an economic attack, blockades have been used throughout history to
help meatspace governments align their priorities with their neighbors.
Since Usenet consists of several sovereignties, it can be useful to apply
much of what we know about international relations, that is, the theories
relating to national actors interacting in an ungoverned space. As an
ungoverned space, Usenet is learning how to self-govern by way of coalitions
which is the primary way actors move out of the state of nature into
relative civilization.

Competing Illiberalisms
There is no doubt that spam is a major annoyance for the Usenet world, and
for some there is a real economic cost. As a result, users have turned to
their leaders for solutions. These solutions range from personal defense
systems (filtering software), to isolationism (closed systems), to blockades
(the Usenet death penality). Unfortunately, all three categories of
solutions pose serious challenges to the concept of free speech and the free
movement of information--arguably an ideology foundational to Usenet. The
challenge is to determine which solution is less illiberal and to determine
who ought to make this determination.

Analysis of the Competition: Defense systems may be end-user based,
ISP-based, or network-based.

End-User based

1. In the event of bombing (Usenet "spamming" in this example), end-users
may purchase among the many competing brands of poor, mediocre, and barely
satisfactory personal filtering systems on the open market. A functioning,
Reaganesque "Star Wars Defense" system has not yet appeared in the
state-of-the-art efforts--not only do the defense systems screen out
incoming missiles, they often screen out rain, sunlight, and other useful
things causing the otherwise vivacious virtual environment to wilt, dry up,
and become dull.

2. Frustratingly, they also fail in their primary mission and let a lot of
missiles through with varying degrees of casualties reputedly ranging from
exposing children to naked adults and exposing adults to naked children.
This is something that software may never be able to dress/address.

3. There is a lot of political controversy over these inadequacies. Leaders
of various end-user communities have met with representatives of the
moral-military-industrial complex in an attempt to either make better
personal defense systems or eliminate their use altogether. As Bruce
Sterling in Austin observed at last week's Conference on Computers, Freedom
and Privacy, the resolution seemingly lies beyond the grasp of even the
White House Office of Science and Technology which finds it simpler to
tackle the problems posed by theoretical physics and space exploration.
Needless to say, the resolution is out there--way, way, out there--creating
a vacuum of indecision and an opportunity for ad hocractic power.

ISP-based

4. Some ISPs in the past have attempted to close their borders and restrict
the flow of traffic in and out. This has also been frowned upon by many of
the same leaders of end-user communities. Fundamentally, isolationism is an
ostrich approach to making "foreign policy" among CISPs. The Usenet world
continues to spin and the people with their heads in holes just end up
missing out on lots of interesting events.

5. As a result, lots of disgruntled netizens flee from closed systems to
freer systems. Geo-economics has forced many "virtual countries" to loosen
up their border controls. Naturally, this makes them susceptible to bombing
attacks.

Network-based

6. Virtual countries which are loathe to close their borders because that
policy is inherently illiberal are forced to choose between establishing
network-level blockades or placing the burden of defense on the end-users by
way of personal filtering systems--most of which have also been considered
illiberal.

7. Blockading, fundamentally an ad hoc economic attack, has been identified
as a means of coercing a virtual country into policing the activities within
its borders so that its national digital output (NDO) falls within the
bounds of systemically acceptable end-user behavior. The Leviathan rears
its ugly head.

Who decides?
Should Usenet "global" policy be set by individuals, their virtual
communities, isolated ISPs, coalitions of ISPs (CISP), or national
governments? The logic of collective action in Usenet is governed by a set
of social laws which are elusive but as reliable as many physical laws when
properly understood. As a board member of Electronic Frontiers-Texas
(formerly EFF-Austin), I have been participating in the drafting our
position statement on the Usenet Death Penalty and Netcom. My understanding
of the social laws of ungoverned interaction is that any policy
recommendation to the coalition of ISPs requires as strong an element of
coercion if it is going to get their attention. Otherwise, the ad hoc UDP
CISP will continue to pursue its interest and what it perceives is the
interest of its constituents. The coalition wielding the most coercive
power has the most influence over the ungoverned decisionmaking process.

Who decides?
Should Usenet "global" policy be set by individuals, their virtual
communities, isolated ISPs, coalitions of ISPs (CISP), or national
governments? The logic of collective action in Usenet is governed by a set
of social laws which are elusive but as reliable as many physical laws when
properly understood. As a board member of Electronic Frontiers-Texas
(formerly EFF-Austin), I have been participating in the drafting our
position statement on the Usenet Death Penalty and Netcom. My understanding
of the social laws of ungoverned interaction is that any policy
recommendation to the coalition of ISPs requires as strong an element of
coercion if it is going to get their attention. Otherwise, the ad hoc UDP
CISP will continue to pursue its interest and what it perceives is the
interest of its constituents. The coalition wielding the most coercive
power has the most influence over the ungoverned decisionmaking process.

1. The weakest statement:

"We the people of <insert your organization here> deplore the use of the
Usenet Death Penalty" on Netcom because it infringes on the liberties of
Netcom's end-users--liberties and rights which we hold dear and inalienable.
What happens to Netcom today could happen to us tomorrow."

I like and support this statement, but my understanding of the social
physics is that it is anemic and although it may get some media play, it
will have little actual influence on the play of events. It's an example of
critique without action.

2. One might write a statement as follows:

"We the people of <insert your organization here> deplore the use of the
Usenet Death Penalty" on Netcom because it infringes on the liberties of the
Netcom end-users--liberties and rights which we hold dear and inalienable.
What happens to Netcom today could happen to us tomorrow." Therefore, we
are calling for a general strike against all ISPs which intend to
participate in this egregious and illiberal curtailment of free speech. On
February XX, we are encouraging everyone to close their accounts on these
systems and move to ISPs who refuse to participate in the UDP."

I like this statement better because it uses the logic of the blockade
(economic coercion) against the CISP and it carries the satisfaction of
praxis--theory plus action.

3. Or one could write a statement like this:

"We the people of <insert your organization here> deplore the use of the
Usenet Death Penalty" on Netcom because it infringes on the liberties of the
Netcom end-users--liberties and rights which we hold dear and inalienable.
What happens to Netcom today could happen to us tomorrow." Therefore, we
are calling for a general strike against all ISPs which intend to
participate in this egregious and illiberal curtailment of free speech. On
February XX, we are encouraging everyone to close their accounts on these
systems and move to Netcom in an act of solidarity."

This is the strongest statement because it shows conviction. While most of
us have privately condemned Netcom for permitting the spamming, this
statement underlies our belief that the classification of what is spam and
what it isn't is a dangerous and suspect activity. Further, it shows that
we are willing to give up our own access to Usenet in the fight to guarantee
access to everyone. A long roll-call of voluntary conversions would get the
attention and action need to have an effect. In other words, the statement
should be accompanied with a list that looks something like this:

[email protected], formerly [email protected]
[email protected], formerly [email protected]
[email protected], formerly [email protected]
[email protected], formerly [email protected]
..and thousands of others formerly from everywhere.anywhere

This third statement accompanied by such a list, when presented to the CISP
will carry the political and moral weight necessary to work with the laws of
social physics, not against them.

--Richard MacKinnon (http://www.actlab.utexas.edu/~spartan), author of
"Searching for the Leviathan in Usenet" and "Punishing the Persona:
Correctional Strategies for the Virtual Offender." His views are not
necessarily the views of Electronic Frontiers-Texas or the Advanced
Communication Technologies Laboratory.

-------------------------------------------------------------
Richard MacKinnon http://www.actlab.utexas.edu/~spartan
Government Department mailto:[email protected]
Advanced Communication Technologies Laboratory (ACTLAB)
The University of Texas at Austin

------------------------------

Date: Thu, 7 May 1997 22:51:01 CST
From: CuD Moderators <[email protected]>
Subject: File 4--Cu Digest Header Info (unchanged since 7 May, 1997)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send post with this in the "Subject:: line:

SUBSCRIBE CU-DIGEST
Send the message to: [email protected]

DO NOT SEND SUBSCRIPTIONS TO THE MODERATORS.

The editors may be contacted by voice (815-753-6436), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

To UNSUB, send a one-line message: UNSUB CU-DIGEST
Send it to [email protected]
(NOTE: The address you unsub must correspond to your From: line)

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on internet);
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.

In ITALY: ZERO! BBS: +39-11-6507540

UNITED STATES: ftp.etext.org (206.252.8.100) in /pub/CuD/CuD
Web-accessible from: http://www.etext.org/CuD/CuD/
ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
EUROPE: nic.funet.fi in pub/doc/CuD/CuD/ (Finland)
ftp.warwick.ac.uk in pub/cud/ (United Kingdom)

The most recent issues of CuD can be obtained from the
Cu Digest WWW site at:
URL: http://www.soci.niu.edu/~cudigest/

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.

------------------------------

End of Computer Underground Digest #10.15
************************************