Broad Bills to Protect 'Communications Services'

mttlg writes "According to Freedom to Tinker, MA, TX, SC, FL, GA, AK, TN, and CO have introduced similar bills that would make it illegal to possess, use, etc. "any communication device to receive ... any communication service without the express consent or express authorization of the communication service provider" or "to conceal ... from any communication service provider ... the existence or place of origin or destination of any communication." (Additional legalese removed for the sake of brevity.) This would seem to outlaw NAT, VPNs, and many other security measures. In other words, don't secure your communications, just sue if you don't like who receives them." The bills define 'communication service' as just about any sort of telecom service that is provided for a charge or fee. In effect, they would extend the already-extant laws relating to theft of cable TV services to any telecom service. For example, if your ISP charges per computer connected, using a router/NAT device would be illegal if these became law.

Earlier laws

[willpost]

There was also the cellular law enacted in the 80's. Instead of encrypting the cellphone signals, they made it unlawful to listen to the 800 Mhz radio spectrum and illegal to manufacture or import any radio capable of doing so.

Read these *drafts* more carefully

[Gudlyf]

The key words in these draft bills is that these are in regards to the user acting "with intent to defraud" and is written to imply that it is the use of technologies "to defraud" that is the crime, not simple possesion. The bigger risk is that this bill could be used to tack on additional charges to some other crime (e.g. if you submitted a fraudulent tax return via an encrypted channel). Unfortunately, some cable vendors have very restrictive usage agreements so it may be quite easy find yourself technially guilty of "fraud".

Massachusetts

[ravi_n]

According to this [state.ma.us] the MA proposed super-DMCA bill has been referred to the committee on criminal justice and there is a public hearing scheduled on April 2. Doesn't sound dead to me (as one other poster claimed).

Does anyone know how people can get into that meeting and testify? I'd hope some quick grass-roots opposition could kill this.

Re:Read these *drafts* more carefully

[Happy go Lucky]

The key words in these draft bills is that these are in regards to the user acting "with intent to defraud" and is written to imply that it is the use of technologies "to defraud" that is the crime, not simple possesion.

Not in the Colorado bill. In ours, "A person commits a violation under this section if he knowingly [commits a prohibited act, which would take me about ten pages to transcribe and does appear to include the operation of an otherwise legal VPN or IP-masq firewall.]

Colorado residents: This late in the session, it shouldn't be too hard to make sure this thing dies. Call your state rep and senator (it's been introduced in both houses: you can get the numbers through www.vote-smart.org if you know your own ZIP code.)

Right now, it's in the State House Information and Technology Committee, and the (god only knows why) Senate Veterans and Military Affairs Committee. You can gripe to their chairmen, Rep. Shawn Mitchell at 303-866-4667 and Senator Doug Lamborn at 303-866-4835. Sen. Lamborn is the bill's Senate sponsor, so I don't know how much good that particular phone call will do.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:When I say radio....

[Moofie]

Uh, please explain the difference between "light" and "radio" using something other than the concept of electromagnetic frequency (or wavelength).

Different words. Same thing.

Read these *drafts* more carefully - they are OK

[MyTwoCentsWorth]

The MA bill just says "Whoever, with intent to defraud, etc...". I guess our lawmakers are a tad more educated than Colorado's... Seriously speaking, using the technologies to defraud should be illegal - stop whining, it's not the technology, it's the way you use it. Have fun, Daniel

Re:When I say radio....

[Apaturia]

Any electromagnetic radiation consists of photons.

Re:Hey you knee jerks...

[TrevorDoom]

I have read them.
IANAL however I have friends who are...and have been educated in the ways of legalese...

These bills are written exceedingly ambiguously and could be applied to almost any manner of data communicaitons...
There are several key points (and subpoints of more restrictive points) which if read in the state of mind they are attempting to address, are rather fair and intellegent...
However, if you read these points with an open interpretation of what these laws are being applied to, they are ambiguous enough to potentially be applied to encryption, port forwarding, and many other privacy and security related means of data transmission... ...and all it will take is one lawyer to interpret these laws in the general mindset as opposed to the assumed mindset for these to be abused...

Re:Ouch

[Skjellifetti]

The problem though is that once the law is in the books, it's the letter of the law that matters.

That's too simple. While the letter of the law is clearly quite important, the legislative intent of the law is given a lot of weight when the law is interpreted by the courts.

ISPs

[Dark Fire]

The internet is just that, an inter-connected network of networks. The endpoint of one network is a network containing one or more devices. Phone service provides a phone line, and end point, you can hook as many phones up in your house as line current permits (more with special equipment). The primary value in the internet is the utility of it as general purpose network. All kinds of new services can be added. The cornucopia of possible services have different requirements, some need a lot of bandwidth, some need low latency, and some need both. ISPs have several areas in which to differentiate there services:

(1) Reliability of Service (how much down time will you accept?)
(2) Bandwidth (5GB/month, 10GB/month, upstream? downstream?)
(3) Latency (40ms, 80ms, 100ms)
(4) Consistency of Service (do you need a certain minimum transfer rate to always be available? do you need a certain minimum latency to always be available? how often?

Some other important items:

(1) When I hit my bandwidth cap, do you shutoff my connection or bill me the amount I went over. What if I pay for 5gb/month and then I am willing to pay for up 2gb/month over before the connection is shutoff?
(2) I need to be able to control all my account information via the web (and maybe a phone menu) and make adjustments as needed. If I want to know how much of my 5gb/month cap I used, I can just go to the web and find out easily.
(3) If I want lower latency or more bandwidth over my per monthly fee, make it easy for me to see the cost and buy it quickly if the price is right.
(4) Sell or lease VoIP equipment and local/long distance phone service via my connection. For this particular case, I pay a monthly fee for normal broadband and a fee for local service. Whenever I use VoIP, give that particular service low latency and bandwidth priority whenever I use it on my connection. That can be the value add of the VoIP service over just trying to do it over my normal broadband connection. Selling services that bundle a bandwidth or latency upgrade for just that service provide the value add.

The phone network will be used less and less frequently. If the internet doesn't kill it, the cellular networks will. The internet is a general purpose network and this fact will continue to devalue the current phone network. The value in the old phone network is in the part of it that cost the most $$$ to setup, the wiring and fiber that was run to all the homes and businesses. There is alot of opportunity for those who can accomplish the items listed above.

Re:what the bills actually say

[samdu]

Does a VPN "harm or defraud" an ISP? NO

It would depend on who the lawyer is. Seriously, though, an ISP could make an argument that a vpn does cause them harm because it is bandwidth intensive. Moreso than the average web surfing/emailing that most people do. Some ISPs even offer vpn service at an additional cost. To set up your own without going through your ISP could, again, if they have the right lawyers, be interpreted as causing harm to the ISP.

Re:Ouch

[queequeg1]

Generally, legislative intent is looked at only if the law itself is so ambiguous that a court cannot make heads or tails of what it should do (in many such cases (especially in a criminal setting), it would likely invalidate the law). In this case, the wording seems to be relatively clear. The problem with legislative intent is that there is rarely any single intent, mostly a variety of self-serving comments that support a huge variety of intents.

Re:Read these *drafts* more carefully

[rizzo420]

the problem with your argument is that your ISP does not have any revenue from you if you use VoIP from someone else. if you steal VoIP from your ISP, then you are both harming and defrauding them.

using too much bandwidth is not defrauding anyone, in fact, unless you are specifically altering hardware to "get more bandwidth" or stealing a connection from the ISP, you aren't doing anything wrong. they provide you with the internet connection, it's their decision as to how they limit your use (some ISP's block P2P connections). if they want to shutdown your service after you transfer "too much" information to or from the internet, they can, but it should be written in the terms of service.

running a NAT box or router so more than one computer can connect is not a violation unless it is specifically stated that your connection is only for one computer and you must pay for each additional computer connected. if, and only if, your ToS says that, then yes, you are defrauding or "harming" your ISP.

as for changing the ToS, i have never seen it change drastically without them notifying you. usually a change is something small like the way they word something.

and a final comment. when getting broadband, i had the option of going with SBC DSL or with AT&T cable (which is now comcast). we got DSL because AT&T said you could not run servers using your connection (servers being ftp, http, telnet, ssh, whatever, probably includes P2P applications as well). i didn't like that, so i went with SBC even though the upstream sucks. so read the ToS before you sign up for anything anyways. but if i had AT&T, and tried to run my ftp server or "share my bandwidth" with others (since that's what they called running a server, i would be "harming" them. the bill gives more legal rights to teh telecommunications companies, but i don't see any questions as to what harm means. i think in this sense it's meant almost the same way as defraud.

Dual use... I do it every day...

[CBravo]

Questionable? I never ever use telnet these days, for good reasons. Secondly, certain accounts I have only accept my home IP number... for security reasons.

I don't care about the abuse. It is dual use... I do it every day for the right reasons... I would say this is necessary for me.

Re:Ouch

[john.r.strohm]

Yes. What he said.

The guy who originally wrote the Racketeering in Corrupt Organizations (RICO) law deliberately wrote the bill as broadly as he could, despite warnings from colleagues, because he believed that prosecutors could be trusted to use reasonable discretion and judgement and only use the bill for the intended purpose, to wit, going after organized crime.

He reportedly has a great deal of difficulty sleeping at night these days, as he contemplates just how much carnage his baby has wrought. The prosecutors have had a field day using his tactical nuclear weapon as an all-purpose flyswatter.

Re:Ouch

[smasherbob]

And don't forget garage door openers, of all things.

Re:Ouch

[erc]

That's because you've never used ssh or PGP to encrypt your browser connection or your email, respectively. Lots of reasons why your private communication isn't anyone else's business - discussing or researching your spouse's medical condition, for example, or your own.