Broad Bills to Protect 'Communications Services'

mttlg writes "According to Freedom to Tinker, MA, TX, SC, FL, GA, AK, TN, and CO have introduced similar bills that would make it illegal to possess, use, etc. "any communication device to receive ... any communication service without the express consent or express authorization of the communication service provider" or "to conceal ... from any communication service provider ... the existence or place of origin or destination of any communication." (Additional legalese removed for the sake of brevity.) This would seem to outlaw NAT, VPNs, and many other security measures. In other words, don't secure your communications, just sue if you don't like who receives them." The bills define 'communication service' as just about any sort of telecom service that is provided for a charge or fee. In effect, they would extend the already-extant laws relating to theft of cable TV services to any telecom service. For example, if your ISP charges per computer connected, using a router/NAT device would be illegal if these became law.

Ouch

[DeadSea]

This law would make it illegal to do several things that I currently do:

1. Run a proxy server at home and connect to it via ssl so that my employer can't tell what web pages I visit at work.
2. SSH chaining - Use ssh to log into a remote computer and use ssh to log into another computer since this makes both endpoints unaware of the address of the other.
3. Use a remailer as a whistleblower. A remailer stips all headers off a message before sending it out to a new specified sender. This provides anonymous mail which is important for people who are afraid of retribution if the note could be traced back.
4. Post to slashdot anonymously.

Glad I don't live in those states!

[Anonymous Coward]

And, goog thing laws never jump from state to state!

This is frightening

[joebagodonuts]

"In effect, they would extend the already-extant laws relating to theft of cable TV services to any telecom service."

It does more than that. The language of the bills uses the word "harm" instead of "fraud". The language is vague enough that it could be twisted to be used against anyone. Just having a firewall that does nat translation is a violation of these bills.

All brought to us by the friendly folks at the MPAA. Jerks

Where is your Freedom going?

[ShwAsasin]

Is it just me, or are these new laws being passed over the last couple years seem to really deprive the average citizen of regular rights and freedoms?

With a country that seems to tout freedom at every corner, it's unfortunate that many rights and freedoms are being destroyed by people who have no clue about the general consequences of their actions.

Yeah, but the cow's already out of the barn...

[Bonker]

While not having quite the range of people using services in violation of these statutes as say, people downloading mp3's, there are already so many people doing these things, and profiting on them, that it will be pointless to try to enforce this law.

Imagine for a second Bestbuy's reaction to the fact that it's popular cable-modem routers and wireless access points have all become illegal. I don't exactly see them pulling millions of dollars of hardware off the shelves without a legal fight. Nor do I see the manufacturers of those devices just giving up either.

I NAT and I'm proud of it!

I Am Not Sure How To React

[Jerk City Troll]

It seems to me that the likelihood of these bills getting passed is next to nothing (of course, one can never be so sure). They were clearly introduced by technology-clueless law makers, but once they are subject to a vote, their silliness should become obvious. So I am not entirely afraid that they will succeed. If they do pass, other states are likely to pick up and follow the trail.

What is really scary to me is that, even though these bills were introduced by the ignorant, the fact that lots of legislators had the mind to introduce them in the first place is shocking. Particularly on the note of encryption, this is largely unconstitutional and hopefully, if ever passed, these bills will be challenged by (financially) enabled individuals.

How can such a thing even hold up when it not only criminalizes most existing telecom infrastructure, violates the 4th Amendment by tangent? Of course, we do live in a DMCA-cursed USA...

Double ouch

[pupsterCA]

And guess who's [mpaa.org]out front waving the flag of support [freedom-to-tinker.com] for this?

Re:Ouch

[Carbonite]

While I can certainly see legitimate uses of each of those things, they do seem rather questionable. Even if you're using these methods for the right reasons, I'd suspect that many people aren't. The real debate is whether a law prohibiting these activities is necessary. I believe that in virtually all cases, the answer is no.

DMCA?

[Limburgher]

Wouldn't it be illegal for ISP's to bust SSL users?

Depends on Definition

[PhxBlue]

From the article:

If you have a home DSL router, or if you use the "Internet Connection Sharing" feature of your favorite operating system product, you're in violation because these connection sharing technologies use NAT. Most operating system products (including every version of Windows introduced in the last five years, and virtually all versions of Linux) would also apparently be banned, because they support connection sharing via NAT.

I'm not concealing the origin or destination of communication, in any of these cases. If I'm using a router to share my network connection, the origin/destination of my ISP's communications is whatever box is doing the routing. After that, if my router routes a copy of the data from my ISP to another PC in my home, that's okay: the transmission between my router and my ISP is complete, and the new transmission is between my router and one or more PCs on my network.

I've always held that, as far as ISPs are concerned, they're responsible for supporting their network until it reaches the access point of my network--whether that's a single PC, a PC that shares its internet connection, a router, whatever. After that, I can accept the liability of supporting my own equipment. This should be handled the same way.

Actually, better yet, it should be shot down outright. But that's more optimistic than I tend to be about such things.

This is intended for Radio....

[wowbagger]

This bill is intended for radio, and is to prevent you from having a scanner.

However, unless they change the current law, having an Amateur Radio Operator's license trumps this - being a ham I can have a scanner, due to hams' role in emergency communications.

However, this is just like the Electronic Communications Privacy Act of 1987 - it may be illegal to eavesdrop on cellular communications, but it did'nt really stop anybody from doing it. Going from an insecure system (AMPS) to more secure systems (GSM, CDMA) did that.

However, the point of the /. post is valid - the law of unintended consequences comes to play - VPN, NAT, proxies all could be banned by wording that broad. Perhaps that is a good thing - overbroad wording might just get it thown out.

Yeah, and moderators on /. will grow a clue. Time to start adding comms gear to my armory.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:NAT

[AmigaAvenger]

my linux pc IS a single PC... it routes traffic to other machines internally, but that is my own business and no one elses. I only have one machine connected to the internet, but have 6 more connected to that machine.

fear causes pussies to bitch

[diablobynight]

You see all the pussies that can't get over the fact that our towers came down. Are using there fear as an excuse to pass thousands of laws, that don't affect them because there non-technical ninnies, and sadly the rest of America is dumb enough to let this crap happen under the guise of patriotism I bet it was patriotic to kill a jew in Germany during world war II, patriotism isn't always a good thing.

No violations

[gr8_phk]

The endpoints of a connection are specified by IP addresses. If NAT is illegal because the "source" is disguised, they're really dictating what software you can use and what you can do with it - the source is obviously the machine doing NAT. They need to understand that they operate at the packet level - they sure don't offer any higher level capabilities that I care about. If they want to regulate what's in your packet, then they can be responsible for kiddy Pr0n and any other illegal activities taking place over "their" network.

I used to work for a small ISP/Telco, and my boss always liked the Common Carrier status because it exempted them from liability. Apparently big ISPs don't understand this yet. If you monitor it, you're taking some responsibility for what's in it.

Reducing Security and Utility == Profit & Just

[HeelToe]

Geez.

This is really bad.

I hope the states where I run networks aren't next.

This allows companies to make more money off us by the threat of lawsuits or report to the authorities. If someone sells me internet access at a specific bandwidth, they should expect I can and may use up to that allotted bandwidth. They are selling me bandwidth, not individual ethernet ports.

Things like ssh-tunneling to hide IM and WWW traffic while I'm at work, as well as improving the security of my networks by hiding the endpoints of my ipsec tunnels behind nat boxes also becomes illegal.

So, in summary, we're trading utility (let's face it, a lot of these vpn/nat apps make things easier to handle - voip tunneling, smtp tunneling, very nice stuff handled with both vpns and nat), AND security (why should all my network devices sit exposed?) so that companies can make more profits, and we can be hauled to jail for making it harder to snoop our communications?

This is ludicrous. Where will the fascism stop?

Re:I Am Not Sure How To React

[jonabbey]

Wow, is the weather very nice on your planet?

This kind of legislation could easily pass. If something like this is proposed in your state, you need to write your legislators and let them know that this language could potentially criminalize a lot of straight-forward Internet gear, if a communications provider decides to require a per-CPU charge, or the like.

Re:Ouch

[diablobynight]

I think this bill is probably not so much directed at us, IP geeks, as much as it is directed at people stealing sattelite TV, and people stealing cell phones

What about Freenet?

[Lockle]

to conceal ... from any communication service provider ... the existence or place of origin or destination of any communication.

I believe that this item is probably not intended to go after NAT'd computers, but to try to cut back on spammers using broadband connections.

If this is the reason, they should be applauded for trying something new. This law WOULD make forged headers illegal.

One problem is that this also constrains anonymous peer-to-peer systems such as Freenet. One of it's strengths is that when you receive a request for a file from an IP, you don't know if that IP origionated the request. If you don't have it, you pass on the request and the node you pass it onto doesn't know if you requested it.

This does make it impossible for a "communications service provider" to determine the origin or destination of the file or information request.

If this is the intended outcome, it is a major violation of a civil liverty we have been appreciating lately.

Re:This is intended for Radio....

[Telastyn]

This also seems alot like something to prevent people from stealing satelite TV. People that broadcast TV realised there's no way to charge for that so they found alternative revenue in commercials. People that broadcast radio realised there's no way to charge for that so they found alternative revenue in commercials. People that boardcast satellite TV realised there's no way to charge for that, so they did it anyways and manipulated the government into policing it for them.

Re:Makes no difference to me...

[jandrese]

Just because your ISP is stuck in the 90's doesn't mean you need to drag everybody else down with you. Personal servers are what make the internet great, not giant media conglomorates feeding you exactly what their advertisers want. You'll note that the most useful webpages are usually the ones put up by some devoted guy on some particular topic in his spare time, not the multi-million dollar popup/flash/trendy keyword extravaganzas that big companies bought into.

of course you can just run your server on your ISP's website (if they offer one), but that's usually rather limited if you have a large number of infrequenty accessed files or dynamic content, and lord help you if your website needs a database backend to keep everything convienent yet manageable.

Sorry about the rant, but I just hate when people get suckered into thinking they're nothing more than "consumers" that aren't allowed to contribute to the public good.

When they outlaw firewalls...

[MsGeek]

...only outlaws will have firewalls. If this bullshit spreads to California, damn straight I will keep my ipfw/nat firewall up!

Time to make this a very uncomfortable time for your state assemblypersons and senators if you live in the affected states. Geek power stopped the Berman Bill, geek power is forcing the feds to revisit the DMCA, geek power is a pretty amazing thing when unleashed.

The one thing that makes the least sense about these bills is that firewalling+nat is one of the tools needed to combat worms and exploits. Everyone is so damn interested in "protecting our Internet infrastructure from exploits, worms and viruses" yet these same clowns are taking away a very important tool that real people can use to make a real difference against these problems.

And what if you are still running Windows NT4, for whatever reason? The workaround Microsoft gives people for the recent RPC vulnerability is to keep the server in the private IP space and firewall off the ports in the 13x range! You can't do that without a NAT!!!

Time to fight this and fight it hard. Whatever you think about whatever other issues are going on around us, this is serious shit.

Wardriving

[Chester K]

In effect, they would extend the already-extant laws relating to theft of cable TV services to any telecom service.

You didn't really think wardriving would stay in the gray "no laws" area for long, did you?

At the risk of sounding level-headed in what's sure to be a discussion filled with reactionary "how can they do this?!" sorts of comments, I guess I don't really see the problem with this law. You have to take a pretty loose interpretation of it to apply it to NAT and other legitamite sorts of technologies -- unless of course you're using it on an ISP that specifically forbids NAT, or wants you to pay extra for multiple computers on the same line; but in that case you're at least ethically bound to pay what they're asking, or find another ISP.

Re:NAT

[emag]

The way I always read the ToS for various cablemodem ISPs I used before ditching them for service I could *use* was they always specified one computer connected to their cablemodem. Fine, I did that. I had exactly 1 computer connected to it. The fact that there was another NIC in it, connected to another network entirely, was immaterial.

True, it likely violated the "spirit" of the ToS, but quite frankly, having every useful port blocked, and then being dinged for actually *using* the bandwidth they advertised on TV and radio and the "always on" capabilities they keep hawking, well....I was able to sleep at night.

It would seem

[SuperJ]

I haven't read the bill, and I'm not a lawyer, but from the description, it sounds like NAT and VPN would be ok. It says you cannot conceal the transmission of the "communication" to the "communication service provider", nor can you receive a "communication" without the permission of the "communication service provider."

Now that sounds to me like if I pay for broadband, I'm paying for IP communication. My provider is selling me IP communication. So if I'm somehow tapping into Verizon's network, somehow stealing an IP connection, that's banned. But anything above the IP layer (VPN, tunneling, whatever) is ok. I guess NAT might be disallowed under this.

what the bills actually say

[dAzED1]

Does anyone actually read things anymore?
From the texas bill [state.tx.us]

(a) A person commits an offense if, with the intent to harm or defraud a communication service provider, the person:

(1) obtains or uses a communication service without:

(A) obtaining the authorization of the provider; or

(B) making a payment to the provider in the
amount normally charged by the provider for the service; or

[(3)] tampers with, modifies, or maintains a
modification to a communication device provided by or installed by the provider

That is the entirity of the definition of a bad guy in this bill, as it is currently proposed as of the time I'm writing this.

So, you have to, with "intent to harm or defraud," "[use] a communication service without""obtaining the authorization of the provider; or making a payment to the provider in the amount normally charged by the provider for the service; or tampers with, modifies, or maintains a modification to a communication device provided by or installed by the provider." I put it all together for ye who don't want to link.

So, to be even MORE clear, this only effects people who are trying to harm or defraud an ISP, etc, by using service without authorization.

Does a VPN "harm or defraud" an ISP? NO

Does ssh "harm or defraud" an ISP? NO

Does posting anonymously anywhere, or any of the other things being complained about, "harm or defraud" an ISP? NO

I don't have the time to quote and translate each and every bill out there, but I do certainly recommed actually reading them before deciding the bills will make it illegal to brush your teeth. Knee-jerk, anyone? Know what you're having an opinion about, before forming that opinion.

For the record

[Anonymous Coward]

Mods - I cannot speak officially so I have to do this anonymously. Please mod this up.

I am a chief engineer for SBC's ISP, and believe it or not, we oppose these sorts of laws. We really don't care what someone does with their IP, and in most cases actually encourage the use of NAT devices.

Most of this cruft comes from the cable companies, who are still stuck in the pay-per-jack mentality.

Re:I'll clue you in on something...

[Anonymous Coward]

Choice! I criticize religion for basically doing what they all do best... damn anyone who doesn't follow them. You did exactly that. "you're gonna be fucked without God."

Sorry but I would rather think on my own than be told what to believe and forced to follow it.

Re:Ouch

[jgerman]

It doesn't matter who it's directed AT. What matters is that it can be used against anyone that it covers. Which include people doing the things the poster suggested. Things that should not be legislatable (matbe I just made that word up). I contantly ssh from box to box in what may be a long chain of ssh sessions. This bill is ridiculous and has no business even being up for a vote. It's nother example of how current lawmakers get involved in things they have absolutely no comprehension of.

Re:Ouch

[warmcat]

The DMCA wasn't aimed at printer cartridges. But there it is.

Re:Yeah, but the cow's already out of the barn...

[SpaceLifeForm]

Not to mention that SBC *provides* routers for home DSL users that have multiple computers.

I also NAT as do many others. The PTB still don't have a fsck'n clue when it comes to home networking. For some reason they believe that home networks are costing Large Corps money, when in fact, most people doing NAT at home probably have a clue and actually reduce problems (ex: CodeRed) due to firewalling.

A proud member of the NAT terrorist group!

Re:Watch out end users

[WaxParadigm]

"It seems like this would give ISPs recourse against their end users."

They already have recourse - it's called a contract, terms of service, and civil court (if it comes to that).

This isn't recourse, it's the ability to have the government do the dirty work for them AND make the penalties MUCH higher (criminal record, jail time, etc - instead of fine or termination of service, etc).

SCARY

Re:Ouch

[B1]

I think this bill is probably not so much directed at us, IP geeks, as much as it is directed at people stealing sattelite TV, and people stealing cell phones

It may not be directed at IP geeks--maybe the spirit of the bill is that it's supposed to go after satellite TV pirates and cellular fraud.

The problem though is that once the law is in the books, it's the letter of the law that matters. And right now, the wording of the bill leaves it open to potential abuse.

The law may not target IP geeks, but if some ISP wanted to go after NAT users, they would now have a broken law on their side. As with the DMCA, the road to hell is paved with good intentions.

Re:fear causes pussies to bitch

[Anonymous Cow herd]

That's really pertinent to this discussion, seeing as how the laws in question are state laws and all.

So? They're just jumping on the bandwagon as well, it appears. Or is it somehow fine if the states invade my privacy, but if the federal government does it, it's bad?

Re:I Am Not Sure How To React

[regen]

What is really scary to me is that, even though these bills were introduced by the ignorant, the fact that lots of legislators had the mind to introduce them in the first place is shocking.

The fact that these bills are being introduced in multiple states at the same time, indicates that it was probably crafted by a lobbyist.

The question you should be asking is who wants this legislation? Who hired the lobbyist?

How quickly we forget...

[mabhatter654]

Why we broke up AT&T in the first place!

The public already decided once that the "Common Carriers" provided wires not services when they broke up AT&T and deregulated the Baby Bells. Why does it seem that there's a purposefull effort to undo all that effort? Could it be that the media companies that needed deregulation to get off the ground now don't want to play with the same rules that let them get in the game in the first place?

What's needed is a real person in charge of the FCC [Lessing anyone!] To streamline the processes and remove some of the contradictions [i.e. ATT banned from local phone but owning cable w/o sharing, etc.]

That Dog Won't Hunt

[blunte]

Ignoring any issues of stupidity regarding this proposal, there is one practical point that cannot be ignored.

The IP address space isn't big enough for all the nodes on the internet. NAT alleviates this problem by "sharing" IP addresses. Remove NAT, and you're going to have to disconnect most computers from the internet.

Try shaking your head in disgust

[87C751]

introduced by technology-clueless law makers

You mean there's another kind?

What is really scary to me is that, even though these bills were introduced by the ignorant, the fact that lots of legislators had the mind to introduce them in the first place is shocking. Particularly on the note of encryption, this is largely unconstitutional and hopefully, if ever passed, these bills will be challenged by (financially) enabled individuals.

Don't look now, but that pesky Constitution is on its way out. As soon as we see a few retaliatory terrorist actions inside our borders, the threat level [threat-advisory.com] will go to Red and the Feds will punch the panic buttons. All of them. By the time the dust settles on that little imbroglio, you're going to wish that encryption and NAT were all that were illegal.

Interesting times, indeed.

Re:Makes no difference to me...

[EricWright]

You are a prime example of what's wrong with this country. It doesn't affect me, so why should I give a shit. Me me me me me... The world doesn't revolve around you. These laws (were they to become laws) would affect a lot of people, and in an adverse way.

My ISP doesn't give a fat rat's ass if I run an email server. I don't allow open relays, so it deals with about 5 emails a day. Big whoop...

I'm kind of surprised they haven't bitched about my 1-2 GB/day Usenet habit, though...

Re:Wardriving

[jedidiah]

You speak as if corporations and governments don't routinely indulge in "pretty loose" legal interpretations when it suits them.

Can you really be that naieve?

The DMCA has already given us rather recent glaring examples of how an abiguously worded law can run amok.

Best buy won't help and you NEED HELP.

[Erris]

Imagine for a second Bestbuy's reaction to the fact that it's popular cable-modem routers and wireless access points have all become illegal.

The device won't be outlawed, using it without a fee will be. BestBuy sells cable modems too.

The problem is that this outlaws anything not explcitly alowed by your telcom. While doing some things has already got people Raided by the FBI [slashdot.org], this will extend things considerably. It essentially redefines the alrady broken definition of "common carrier" to the point where you can't do squat. Instant messaging, VoIP, secure shells and more will all be outlawed or provided as a $ervice open to your provider's clerks. Looks like we won't have to worry about the internet making a real free press or helping people protect their fourth amendment rights.

The smarter you make the internet, the less you can do.

Re:Read these *drafts* more carefully

[Specter]

"Wait, there are yet more words here..."

The specific phrase actually says:

"with the intent to harm or defraud a communication service"

What's left unspecified is the definition of "harm." Is it harmful to a broadband ISP who offers a VoIP phone service if I choose to use another VoIP service vendor? Economically speaking, I think it's rather apparent that the my use of an alternate IP telephony company results in lost revenue for my ISP. That's harm; does it rise to a level prosecutable by this law?

Am I attempting to defraud my ISP if I use intentionally use "too much" bandwidth?

Is the mere posession of a wireless access point (where the possibility exists that someone outside of my household might be able to use it) enough to imply intent to harm or defraud? What if my WAP is running on one of those Linux boxes all those evil terrorist h4x0rs use?

And to your point about Terms of Service from your ISP; those are often changed without any notice to you. Does that open you to "intent to defraud" if yesterday P2P was ok, but today it's not and you inexplicably weren't rereading your ToS daily?

The problem with this is that, as usual, the reason for writing the bill (stop people from stealing things) got completely lost in the authoring process.

Jared

intent

[Genjurosan]

And exactly who is going to determine "intent to harm or defraud"???

Do they charge you first with a crime, then force you to defend yourself?

Also, if they decrypt your transmissions, doesn't that violate the DMCA?

Re:Ouch

[Elwood P Dowd]

Wide-open WIFI would also be illegal.

Umm... No, it doesn't.

[MultisSanguinisFluit]

Allow me to rip this article a new one...

Both bills would flatly ban the possession, sale, or use of technologies that "conceal from a communication service provider ... the existence or place of origin or destination of any communication".

1. A home user is likely NOT modifying the hardware address on the cable modem. Thus, the origin of the communication is always known to the ISP, even if the source IP is spoofed.
2. The destination IP must be known to the ISP, or else how can the communication be routed? Even if said destination is, say, some privacy-protecting proxy server, then that is the destination of the communication as far as the ISP is concerned.

I mean, how far up the OSI model does the article's author think this bill can reach? What if my unencrypted e-mail said, simply, "Please give this message to 'you-know-who'?" Am I concealing the destination of the communication? Hardly.

I suppose a liberal interpretation of the bills might allow for prosecution for people using NATs, but unless your agreement with your ISP prohibits it, you are clearly not doing any "unauthorized reception."

MSF out.

Re:Reducing Security and Utility == Profit & J

[Gonarat]

This is ludicrous. Where will the fascism stop?

This stupidity won't stop under they kill the Goose that lays Golden Eggs (tm). Seriously, if I can't run a VPN, do P2P, ssh-tunneling, or run a server, why then spend the money for high-speed internet? If all I can (legally) do is browse the web and get e-mail, 56K dial-up is fine.

What all the *AA's and other big companies forget is that most people only have a limited amount of income to spend for entertainment and other "extras" -- they can make all the laws they want and charge all they want, but there's only so many dollars per month in the budget. If the cost of ISDN or cable internet cannot be justified, then it will not sell. No sale, no money in the Corporate coffers, and this law will end up costing them money. Only when the bottom line suffers will the fascism stop )or at least change.)

Re:Depends on Definition

[teeker]

the transmission between my router and my ISP is complete, and the new transmission is between my router and one or more PCs on my network.

If only that were the case. The thing is that your router is considered an intermediary device- the final destination/source of the communication *is* your PC at your desk. The router is *not* the source of the communication, it's merely the point where the communication (which originiated at your PC) finds entry to your ISP and the internet. There may be a dozen routers between your router and the final destination of that communication that perform the same function your router does, but clearly, none of those are endpoints either. By that logic, a cellphone tower, your ISP, a TDD/voice relay service or the phone company itself could all be considered endpoints, which is clearly not the case.

While I do agree that what is behind your router is your business, the case that your router *is* the source or destination of the activity within your network is flawed.

Re:what the bills actually say

[bourne]

Does a VPN "harm or defraud" an ISP? NO

Many Cable Modem/DSL providers exclude VPN use from their "Residential" service. That usage is covered by their "Commercial" service, which generally costs 3 times as much.

If you are not "making a payment to the provider in the amount normally chargd by the provider for the" Commercial "service," then you are harming and defauding the ISP.

Some cable companies have a similar rule about multiple machines - they have standard access (one machine) and "home network" access (often 3 machines). There have been limited attempts to use this to restrain use of NAT for home networks. I would hate to see such attempts with a law like this behind them.

Another more legitimate target of this would be people freely sharing their connection via Wireless.

Re:Happy.

[MImeKillEr]

Road Runner in my market (Austin, Texas-area) charges an additional $14.95/mo for additional PCs on their network.

Damned straight I'm using a NAT box and have two additional (for now, soon to be three) PCs on their network. RR knows I have a NAT box and has been made aware of the additional PCs (one at least) on the network. No one's dinged me for this (yet) and I imagine that if/when this is passed in Texas, I'll either be forced to pay the additional fees or find another ISP.

For the record, one of the PCs is my son's (he's not even 3 yet, only goes to PBSkids.org) and the other is my wife's. She only uses it for email/browsing, so its not like my additional systems are consuming 500GB/mo in bandwidth.

TWC Austin's charge of essentially $15/mo for additional PCs is above what other markets apparently pay over what others are paying. TWC NYC users are only charged $4.95/mo [twcnyc.com] for additional PCs.

Defense?

[Qzukk]

For example, if your ISP charges per computer connected, using a router/NAT device would be illegal if these became law.

Its obvious common sense that if you have a router/NAT device plugged into the ISP, you have one device plugged into the ISP. The remainder are plugged into your NAT device. If anyone is charged under this situation, they could easily show nothing was stolen, since you don't take extra IPs, and you cannot take any more bandwidth than the capped amount you paid for, regardless of the number of computers connected to the NAT device.

Re:Ouch

[kableh]

The real debate is if this will stop real criminals, as opposed to those of us who have work to get done, from doing any of these things. I believe that in all cases, the answer is no.

Um...this is already illegal

[guacamolefoo]

In effect, they would extend the already-extant laws relating to theft of cable TV services to any telecom service. For example, if your ISP charges per computer connected, using a router/NAT device would be illegal if these became law.

If your ISP charges per machine and you circumvent it, it is already theft of services and it is already illegal. Congress is, as usual, piling on when existing laws are sufficient.

The reason that you don't see many prosecutions is probably that police are doing things like, you know, arresting rapists and murderers. Snaking $5 from your ISP is hardly grand theft, and I don't think that federalizing the crime is really going to help out society much.

It is too bad that legislators too frequently look to the quantity of work as a benchmark of how "well" they are doing rather than looking to the quantity. Before too long, our society is going to need a law angioplasty to clear out all the crap that is clogging the arteries of discourse, commerce, and general life.

Coming from a lawyer,
GF.

Re:Ouch

[Creep73]

If an ISP can regulate the amount of computers I have hooked up to that ISP's pipe can the water company charge for the amount of faucets installed in my house? Can the electric company charge me for the amount of electrical sockets installed in my home? Can the phone company charge me per phone? The logic used in coming up with these policies is flawed to the core. I thank the companies for this and the gullible lawmakers we have in this country. Instead of making money by creating and proving viable services they will make their current services and products make them more money through bad legislation. Unfortunately it is the current trend. Just ask Disney's Mickey.

they're not OK

[Anonymous Coward]

Are you on at NATed network downloading music on Kazaa? You've just defrauded the RIAA bunch.

IAAL (I Am A Layperson)

[poot_rootbeer]

What's left unspecified is the definition of "harm."

Lawyers and lawmakers understand specific connotations of the word 'harm' as it relates to commerce, even if we laypeople don't.

I think it's rather apparent that the my use of an alternate IP telephony company results in lost revenue for my ISP.

That's lost potential revenue. You're not depriving the ISP of anything they would have otherwise had an inalienable claim to.

Re:No violations

[Bull SR]

I agree with gr8_phk here, one cannot look at the level 7 and above stuff here, because no carrier knows the endpoints of that stuff "really" even when you throw out all the NAT and SSH technical issues. (Hell, I've printed out email only to fax it to the recipient the sender was trying to reach!) One can only reasonably look at the proposed legislation at the network level, NAT does not in any way obfuscate what the endpoints are on the carrier's network. Neither does SSH tunneling or VPNs or firewalls. However, forging source addresses seems to be caught in this trap. I got no problem with that!

Re:Should lawmakers just do nothing?

[minard]

I disagree very strongly.

The argument of "it's ok, because they won't care about your little NAT box" is absolutely, positively, definitely, not good enough. If you're ok with being made a criminal just as long as nobody comes after you, fine. But it's sure as hell not good enough for me.

As you say, this kind of law should only apply when actions are performed "with intent to defraud". But that isn't what it says (and yes, I did read the bill. Suggest you do the same). The article written by Prof Felten points to the relevant clause, which says none of that. Possession of equipment which conceals the intended origin or destination of a communication from the communication service provided is proposed to be made an offense. Period.

What is seems to me is, this law looks like a classic trojan horse: there's stuff about preventing theft of service, yadda yadda, with intent to defraud, all of which looks perfectly reasonable. But then there's this other, mostly unrelated and egregious stuff buried in it.

Suggestion to ISPs: if you're really concerned about theft of service by people "splitting the bill" start charging by the megabyte actually transferred. Then it works the other way around. The more bandwidth people (or their neighbors) use, the more they pay. If people want to open up a Wi-Fi access point to passers by, ok. All good. More revenue to the ISP whenever anybody actually uses it.

The law works both ways

[Anonymous Coward]

The MA bill defines a communications service as

'(2) "Communication service. " Any service lawfully provided for a charge or compensation to facilitate the lawful origination, transmission, emission or reception of [any kind of data transmission]'

So if I recieve any compensation for using the internet (possibly including working at home, but IANAL), then I am providing a communications service.

The bill defines a communications service provider as
'(ii) any person or entity owning or operating any fiber optic, photo-optical, electromagnetic, photoelectronic, cable television, satellite, Internet-based, telephone, wireless, microwave, data transmission or radio distribution system, network or facility;'

which includes anyone that connects a computer to the internet. This means that I am a communications service provider.

The section on offenses says:
'Any person commits an offense if he knowingly: [uses] any communication device:

(i) for the commission of a theft of a communication service or to receive, intercept, disrupt, transmit, re-transmits, decrypt, acquire or facilitate the receipt, interception, disruption, transmission, re-transmission, decryption or acquisition of any communication service without the express consent or express authorization of the communication service provider;'

So if I am recieving any compensation for using the internet to send data, nobody is lawfully allowed to intercept it without my express permission. I have an agreement with my ISP which probably allows them to snoop on my traffic, but I don't have any agreements with their ISP, or with my friends' ISPs. So if my friend's ISP snoops on my traffic (sent to my friend), they are in violation of the law. I wonder how far this could actually make it in court.

Questioning authority is helpful.

[jbn-o]

If you're not attempting to cheat your ISP (running 6 machines for the price of one if the ISP you use charges per machine or something) you should have no problem. If you do want to run your 6 machines just pay the extra or switch ISPs.

At what point do you begin to question your ISP's policies? If there's no technical reason to need more than one WAN-side IP address (such as using NAT), what's the point of paying for additional IP addresses? Why shouldn't the ISP change their business model to charge for bandwidth used or limit the bandwidth any user can use so they can't use more than the user's service fee can pay for?

Re:IAAL (I Am A Layperson)

[mpe]

That's lost potential revenue. You're not depriving the ISP of anything they would have otherwise had an inalienable claim to.

It the RIAA and MPAA can make the argument that loss of potential revenue equates to "harm" then any other corporate entity can probably claim the same kind of thing.