Firewall Wizards mailing list archives
RE: Legal question
From: "Crumrine, Gary L" <CrumrineGL () state gov>
Date: Thu, 20 Jan 2000 06:12:28 -0500
It is this blending of voice and data that is going to require a whole new look at how the law is interpreted, and how we build, test and certify networks. I see many challenges to case record in light of this, as we have created loopholes that did not exist before. The case cited in your reply applies to child pornography, but my concern is in the area of voice/data on the network. What if we stumble onto something questionable while testing a circuit? Are we obligated to report it? Can it be used as evidence in a court of law? Have we committed a crime by executing an illegal wire tap? I think the current wiretap laws deal with the voice only environment, and have not taken into consideration the new possibilities that voice/data brings to the table. And I do not think current rules would apply. I think we would be OK because or work would be in the realm of circuit testing, but you never know...
-----Original Message----- From: Larry Fitzpatrick [SMTP:lef () acm org] Sent: Tuesday, January 18, 2000 9:59 PM To: Crumrine, Gary L; firewall-wizards () nfr net Subject: Re: Legal question A bit more information. I hope Mr. Chabinsky (many thanks, and sorry for mis-spelling his name last time) doesn't mind my relaying more of his commentary. He says:Best always though to look straight to the source to capture all thedetails, so here are the federal law citations (available on-line, for free). For montoring content, see 18 U.S.C. 2511 () , and with respect to reporting child pornography you might look at ISP Child Abuse Reporting (). The trap and trace question is not easily answered on the face of the statute, and would be subject to judicial interpretation, because the statute when written did not anticipate network traffic, see 18 U.S.C. 3127() . 18 U.S.C. 2511 (http://law2.house.gov/uscode-cgi/fastweb.exe?getdoc+uscview+t17t20+1057+0 ++()%20%20AND%20((18)%20ADJ%20USC):CITE%20AND%20(USC%20w/1 0%20(2511)):CITE) ISP Child Abuse Reporting (http://www.usdoj.gov/criminal/ceos/report.htm) 18 U.S.C. 3127(http://law2.house.gov/uscode-cgi/fastweb.exe?getdoc+uscview+t17t20+11 64+0++()%20%20AND%20((18)%20ADJ%20USC):CITE%20AND%20(USC%2 0w/10%20(3127)):CITE) -----Original Message----- From: Larry Fitzpatrick <lef () acm org> To: Crumrine, Gary L <CrumrineGL () state gov>; firewall-wizards () nfr net <firewall-wizards () nfr net> Date: Monday, January 17, 2000 7:39 PM Subject: Re: Legal questionI asked this question this week of Steven Chabinski (the chief legaladvisor for the NIPC and assistant legal counsel for the FBI)at a DC-ISOC meeting on privacy. I don't have perfect recall, so anyerrors are totally mine. Here's what I heard him say:There are three conditions that allow a person to peer into the contentof network traffic. 1) the people who generate the traffichave been notified that the traffic is being monitored, 2) a lawenforcement organization has a court order to do a wire tap, 3) asysadmin is doing so to "protect his system". It doesn't matter whetherthe traffic is intra-corporate or internet traffic. Thereis clearly gray-ness in point 3. Additionally, if the inspector seesthat the content contains child pornography and the inspectoris an ISP, there is an obligation to report this to the FBI. From: Crumrine, Gary L <CrumrineGL () state gov>After wearing out my fingers during a heated conversation with another colleague over legalities of certain actions, a question came up in mymindconcerning sniffers and their usage. If a sniffer was placed on the outside of a given network, and was configured to sniff packets coming from that network only, does this constitute an illegal wire tap? And do the same rules apply to data astheydo voice? In some cases it transits the same copper wire... ouch I am getting a headache..
Current thread:
- Legal question Crumrine, Gary L (Jan 15)
- <Possible follow-ups>
- Re: Legal question Steven M. Bellovin (Jan 16)
- RE: Legal question Carl Friedberg (Jan 16)
- Re: Legal question Gregory Stark (Jan 17)
- Re: Legal question Paul Howell (Jan 17)
- Re: Legal question Larry Fitzpatrick (Jan 17)
- RE: Legal question Staggs, Michael (Jan 18)
- Re: Legal question Larry Fitzpatrick (Jan 19)
- RE: Legal question Crumrine, Gary L (Jan 20)
- Re: Legal question Steven M. Bellovin (Jan 21)