Home page logo
/

nanog logo nanog mailing list archives

Re: NANOG Digest, Vol 55, Issue 68
From: "Babak Pasdar" <bpasdar () batblue com>
Date: Wed, 22 Aug 2012 15:20:26 -0400

Sure -- Sounds good.

--
Babak Pasdar |  President & CEO | Certified Ethical Hacker   | Bat Blue Networks
(p) 212.461.3322 x3005 | (w) BatBlue.com | (t)  @bpasdar : @batblue

Learn About Cloud Security: Cloud Security Video | Cloud Network Video 

Bat Blue is The Official Provider for ESPN X Games
  _____  

From: nanog-request () nanog org
To: nanog () nanog org
Sent: Wed, 22 Aug 2012 15:13:50 -0500
Subject: NANOG Digest, Vol 55, Issue 68

Send NANOG mailing list submissions to
   nanog () nanog org
  
  To subscribe or unsubscribe via the World Wide Web, visit
   https://mailman.nanog.org/mailman/listinfo/nanog
  or, via email, send a message with subject or body 'help' to
   nanog-request () nanog org
  
  You can reach the person managing the list at
   nanog-owner () nanog org
  
  When replying, please edit your Subject line so it is more specific
  than "Re: Contents of NANOG digest..."
  
  
  Today's Topics:
  
     1. Fair Use Policy (Shahab Vahabzadeh)
     2. Re: Copyright infringement notice (Owen DeLong)
     3. Re: Fair Use Policy (Shahab Vahabzadeh)
     4. RE: Copyright infringement notice (Naslund, Steve)
     5. Re: Fair Use Policy (Shahab Vahabzadeh)
     6. Re: Copyright infringement notice (Robert Bonomi)
     7. Re: Fair Use Policy (Shahab Vahabzadeh)
  
  
  ----------------------------------------------------------------------
  
  Message: 1
  Date: Wed, 22 Aug 2012 23:10:34 +0430
  From: Shahab Vahabzadeh <sh.vahabzadeh () gmail com>
  To: nanog () nanog org
  Subject: Fair Use Policy
  Message-ID:
   <CAGqGmqb54GQL-yh4nwB8fsbTO6B+P4OVgUZxbqxSbcyDnAAHsQ () mail gmail com>
  Content-Type: text/plain; charset=ISO-8859-1
  
  Hello Everybody,
  Has any body any good and easy setup idea for "Fair Use Policy" service for
  my xdsl customers?!
  Can do this in the BRAS side and nothing done with accounting and radius?
  Thanks
  
  -- 
  Regards,
  Shahab Vahabzadeh, Network Engineer and System Administrator
  
  Cell Phone: +1 (415) 871 0742
  PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81  C2EE 76A2 46C2 5367 BF90
  
  
  ------------------------------
  
  Message: 2
  Date: Wed, 22 Aug 2012 11:42:31 -0700
  From: Owen DeLong <owen () delong com>
  To: "Anne P. Mitchell, Esq." <amitchell () isipp com>
  Cc: nanog () nanog org
  Subject: Re: Copyright infringement notice
  Message-ID: <6B54F6B0-94CD-47C9-B255-CC678F247E45 () delong com>
  Content-Type: text/plain; charset=us-ascii
  
  Of all the legal advice I've seen posted to NANOG, I think this might be the first time it's come from a lawyer.
  
  Great post, Anne. Thanks for the advice.
  
  Owen
  
  On Aug 22, 2012, at 11:17 , "Anne P. Mitchell, Esq." <amitchell () isipp com> wrote:
  
  > 
  >> On Thu, Aug 16, 2012 at 6:16 AM, groupstudytac groupstudytac
  >> <groupstudytac () gmail com> wrote:
  >>> I get copyright notices from companies like Irdeto , saying that one of my
  >>> customers IP is downloading unauthorized material using bittorent. I also
  >>> have processes in place to handle such notices .
  >>> 
  >>> Can anyone share how he handles such notices in his ISP environment , i am
  >>> ready to adapt some valid steps to improve the existing process.
  >>> 
  >>> Or should i just ignore such messages ?
  >> 
  >> If you're in the U.S., the process for handling these notices is
  >> prescribed by law, specifically the Digital Millennium Copyright Act
  >> (search: DMCA takedown notice). It details what the infringement
  >> notice must include in order to be actionable and what steps the ISP
  >> must take on receipt of an actionable notice. It also prescribes
  >> procedures for the alleged infringer to object and for the ISP to
  >> restore the material following an objection.
  >> 
  >> Follow the procedures described in the law to retain your immunity as
  >> an ISP. Consult a local lawyer if you don't find them sufficiently
  >> obvious.
  > 
  > The thing that muddies this is that, as I understand it, the notice was not for takedown (i.e. there is not an 
allegation that they are *hosting* infringing material) - it is a notice that one of their users *downloaded* 
copyrighted material (IP, do I have that right?)
  > 
  > This is part of the RIAA's "graduated response" program, to which several major ISPs, including AT&T, Verizon, and 
Comcast,  have agreed.
  > 
  > Basically, the accuser contacts the ISP, and the ISP sends a warning (a "copyright alert") to their user (without 
giving up the user to the accuser).
  > 
  > If the same user is accused subsequently, they get another, sterner warning.  In total there is a series of six 
warnings, with "mitigation measures" accompanying the fifth and sixth warning.
  > 
  > If I were counseling an ISP  - whether one that was part of the agreement, or not - I would say that the first 
order is to *put your policy around copyright alerts in writing* - asap - and make it as specific as possible - and 
then *ALWAYS FOLLOW IT EVERY SINGLE TIME*.    
  > 
  > It almost (I say almost) doesn't matter what the policy is so long as it's reasonable, but it matters that it be 
followed to the letter every time, no exceptions.
  > 
  > And, if you are an ISP that isn't part of the agreement with the RIAA, it's still not a bad idea to structure your 
policy to follow the six "copyright alert" structure, because there is some precedent there, and then you come off 
looking like you are trying to do the right thing, which will make you a less easy target.
  > 
  > These two articles give a pretty good explanation of the deal:
  > 
  > https://www.eff.org/deeplinks/2012/03/graduated-response-deal-steamrollers-towards-july-1-launch
  > 
  > http://arstechnica.com/tech-policy/2011/07/major-isps-agree-to-six-strikes-copyright-enforcement-plan/
  > 
  > Anne
  > 
  > Anne P. Mitchell, Esq
  > CEO/President
  > Institute for Social Internet Public Policy
  > http://www.ISIPP.com 
  > Member, Cal. Bar Cyberspace Law Committee
  > ISIPP Email Accreditation:  http://www.SuretyMail.com
  > 
  
  
  
  
  ------------------------------
  
  Message: 3
  Date: Wed, 22 Aug 2012 23:27:20 +0430
  From: Shahab Vahabzadeh <sh.vahabzadeh () gmail com>
  To: Owen DeLong <owen () delong com>
  Cc: nanog () nanog org
  Subject: Re: Fair Use Policy
  Message-ID:
   <CAGqGmqZsMHn6Ua+Y-EWyrScYxXc_o5sKd5TVZdkz-Ni6GKkNLQ () mail gmail com>
  Content-Type: text/plain; charset=ISO-8859-1
  
  Dear Owen,
  As you know in pick time of internet usage like midnight in which we have
  free-access times too, some users which really want to use internet for
  their daily usage and not downloading or using peer-to-peer services
  unfairly affecting this problem.
  Some companies are using some polices for users to solve this problem.
  Do you have any Idea?
  Thanks
  
  On Wed, Aug 22, 2012 at 11:22 PM, Owen DeLong <owen () delong com> wrote:
  
  > I think the first step would be to define what you mean by fair use.
  >
  > Are you talking in the DMCA sense of the term, the legal sense of the term
  > as applies
  > to IP in other areas, or something else?
  >
  > Owen
  >
  > On Aug 22, 2012, at 11:40 , Shahab Vahabzadeh <sh.vahabzadeh () gmail com>
  > wrote:
  >
  > > Hello Everybody,
  > > Has any body any good and easy setup idea for "Fair Use Policy" service
  > for
  > > my xdsl customers?!
  > > Can do this in the BRAS side and nothing done with accounting and radius?
  > > Thanks
  > >
  > > --
  > > Regards,
  > > Shahab Vahabzadeh, Network Engineer and System Administrator
  > >
  > > Cell Phone: +1 (415) 871 0742
  > > PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81  C2EE 76A2 46C2 5367 BF90
  >
  >
  
  
  -- 
  Regards,
  Shahab Vahabzadeh, Network Engineer and System Administrator
  
  Cell Phone: +1 (415) 871 0742
  PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81  C2EE 76A2 46C2 5367 BF90
  
  
  ------------------------------
  
  Message: 4
  Date: Wed, 22 Aug 2012 14:04:19 -0500
  From: "Naslund, Steve" <SNaslund () medline com>
  To: <nanog () nanog org>
  Subject: RE: Copyright infringement notice
  Message-ID:
   <2A76E400AC84B845AAC35AA19F8E7A5D0BE84281 () MUNEXBE1 medline com>
  Content-Type: text/plain; charset="US-ASCII"
  
  Now you did it Anne, prepare for the deluge of advice requests :)
  Seriously though, thanks for chiming in on this.
  
  Steven Naslund
  
  -----Original Message-----
  From: Owen DeLong [mailto:owen () delong com] 
  Sent: Wednesday, August 22, 2012 1:43 PM
  To: Anne P. Mitchell, Esq.
  Cc: nanog () nanog org
  Subject: Re: Copyright infringement notice
  
  Of all the legal advice I've seen posted to NANOG, I think this might be
  the first time it's come from a lawyer.
  
  Great post, Anne. Thanks for the advice.
  
  Owen
  
  On Aug 22, 2012, at 11:17 , "Anne P. Mitchell, Esq."
  <amitchell () isipp com> wrote:
  
  > 
  >> On Thu, Aug 16, 2012 at 6:16 AM, groupstudytac groupstudytac 
  >> <groupstudytac () gmail com> wrote:
  >>> I get copyright notices from companies like Irdeto , saying that one
  
  >>> of my customers IP is downloading unauthorized material using 
  >>> bittorent. I also have processes in place to handle such notices .
  >>> 
  >>> Can anyone share how he handles such notices in his ISP environment 
  >>> , i am ready to adapt some valid steps to improve the existing
  process.
  >>> 
  >>> Or should i just ignore such messages ?
  >> 
  >> If you're in the U.S., the process for handling these notices is 
  >> prescribed by law, specifically the Digital Millennium Copyright Act
  >> (search: DMCA takedown notice). It details what the infringement 
  >> notice must include in order to be actionable and what steps the ISP 
  >> must take on receipt of an actionable notice. It also prescribes 
  >> procedures for the alleged infringer to object and for the ISP to 
  >> restore the material following an objection.
  >> 
  >> Follow the procedures described in the law to retain your immunity as
  
  >> an ISP. Consult a local lawyer if you don't find them sufficiently 
  >> obvious.
  > 
  > The thing that muddies this is that, as I understand it, the notice 
  > was not for takedown (i.e. there is not an allegation that they are 
  > *hosting* infringing material) - it is a notice that one of their 
  > users *downloaded* copyrighted material (IP, do I have that right?)
  > 
  > This is part of the RIAA's "graduated response" program, to which
  several major ISPs, including AT&T, Verizon, and Comcast,  have agreed.
  > 
  > Basically, the accuser contacts the ISP, and the ISP sends a warning
  (a "copyright alert") to their user (without giving up the user to the
  accuser).
  > 
  > If the same user is accused subsequently, they get another, sterner
  warning.  In total there is a series of six warnings, with "mitigation
  measures" accompanying the fifth and sixth warning.
  > 
  > If I were counseling an ISP  - whether one that was part of the
  agreement, or not - I would say that the first order is to *put your
  policy around copyright alerts in writing* - asap - and make it as
  specific as possible - and then *ALWAYS FOLLOW IT EVERY SINGLE TIME*.
  
  > 
  > It almost (I say almost) doesn't matter what the policy is so long as
  it's reasonable, but it matters that it be followed to the letter every
  time, no exceptions.
  > 
  > And, if you are an ISP that isn't part of the agreement with the RIAA,
  it's still not a bad idea to structure your policy to follow the six
  "copyright alert" structure, because there is some precedent there, and
  then you come off looking like you are trying to do the right thing,
  which will make you a less easy target.
  > 
  > These two articles give a pretty good explanation of the deal:
  > 
  > https://www.eff.org/deeplinks/2012/03/graduated-response-deal-steamrol
  > lers-towards-july-1-launch
  > 
  > http://arstechnica.com/tech-policy/2011/07/major-isps-agree-to-six-str
  > ikes-copyright-enforcement-plan/
  > 
  > Anne
  > 
  > Anne P. Mitchell, Esq
  > CEO/President
  > Institute for Social Internet Public Policy http://www.ISIPP.com 
  > Member, Cal. Bar Cyberspace Law Committee ISIPP Email Accreditation:  
  > http://www.SuretyMail.com
  > 
  
  
  
  
  
  ------------------------------
  
  Message: 5
  Date: Wed, 22 Aug 2012 23:36:40 +0430
  From: Shahab Vahabzadeh <sh.vahabzadeh () gmail com>
  To: Owen DeLong <owen () delong com>
  Cc: nanog () nanog org
  Subject: Re: Fair Use Policy
  Message-ID:
   <CAGqGmqZAnoD=xf+9GR0wyQECH65VQv39X1CX56Kqv5WvB5HTcw () mail gmail com>
  Content-Type: text/plain; charset=ISO-8859-1
  
  What I am talking mostly is some services like COA, in which you can change
  users shape time-base and periodically without disconnecting them.
  
  On Wed, Aug 22, 2012 at 11:33 PM, Owen DeLong <owen () delong com> wrote:
  
  > If you want to control usage that way, sell a metered product. Bill the
  > heavy users more for their usage.
  >
  > Otherwise, price your services such that you can build adequate upstream
  > capacity to serve your users.
  >
  > I'm not a fan of using "rateshaping" (which is what you are describing) to
  > cover for inadequate facilities.
  >
  > Owen
  >
  > On Aug 22, 2012, at 11:57 , Shahab Vahabzadeh <sh.vahabzadeh () gmail com>
  > wrote:
  >
  > Dear Owen,
  > As you know in pick time of internet usage like midnight in which we have
  > free-access times too, some users which really want to use internet for
  > their daily usage and not downloading or using peer-to-peer services
  > unfairly affecting this problem.
  > Some companies are using some polices for users to solve this problem.
  > Do you have any Idea?
  > Thanks
  >
  > On Wed, Aug 22, 2012 at 11:22 PM, Owen DeLong <owen () delong com> wrote:
  >
  >> I think the first step would be to define what you mean by fair use.
  >>
  >> Are you talking in the DMCA sense of the term, the legal sense of the
  >> term as applies
  >> to IP in other areas, or something else?
  >>
  >> Owen
  >>
  >> On Aug 22, 2012, at 11:40 , Shahab Vahabzadeh <sh.vahabzadeh () gmail com>
  >> wrote:
  >>
  >> > Hello Everybody,
  >> > Has any body any good and easy setup idea for "Fair Use Policy" service
  >> for
  >> > my xdsl customers?!
  >> > Can do this in the BRAS side and nothing done with accounting and
  >> radius?
  >> > Thanks
  >> >
  >> > --
  >> > Regards,
  >> > Shahab Vahabzadeh, Network Engineer and System Administrator
  >> >
  >> > Cell Phone: +1 (415) 871 0742
  >> > PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81  C2EE 76A2 46C2 5367 BF90
  >>
  >>
  >
  >
  > --
  > Regards,
  > Shahab Vahabzadeh, Network Engineer and System Administrator
  >
  > Cell Phone: +1 (415) 871 0742
  > PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81  C2EE 76A2 46C2 5367 BF90
  >
  >
  >
  
  
  -- 
  Regards,
  Shahab Vahabzadeh, Network Engineer and System Administrator
  
  Cell Phone: +1 (415) 871 0742
  PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81  C2EE 76A2 46C2 5367 BF90
  
  
  ------------------------------
  
  Message: 6
  Date: Wed, 22 Aug 2012 14:07:43 -0500 (CDT)
  From: Robert Bonomi <bonomi () mail r-bonomi com>
  To: bill () herrin us, groupstudytac () gmail com
  Cc: nanog () nanog org
  Subject: Re: Copyright infringement notice
  Message-ID: <201208221907.q7MJ7huc063499 () mail r-bonomi com>
  
  > From nanog-bounces+bonomi=mail.r-bonomi.com () nanog org  Wed Aug 22 10:54:49 2012
  > From: William Herrin <bill () herrin us>
  > Date: Wed, 22 Aug 2012 11:54:00 -0400
  > Subject: Re: Copyright infringement notice
  > To: groupstudytac groupstudytac <groupstudytac () gmail com>
  > Cc: nanog () nanog org
  >
  > On Thu, Aug 16, 2012 at 6:16 AM, groupstudytac groupstudytac
  > <groupstudytac () gmail com> wrote:
  > > I get copyright notices from companies like Irdeto , saying that one of my
  > > customers IP is downloading unauthorized material using bittorent. I also
  > > have processes in place to handle such notices .
  > >
  > > Can anyone share how he handles such notices in his ISP environment , i am
  > > ready to adapt some valid steps to improve the existing process.
  > >
  > > Or should i just ignore such messages ?
  >
  > If you're in the U.S., the process for handling these notices is
  > prescribed by law, specifically the Digital Millennium Copyright Act
  > (search: DMCA takedown notice). It details what the infringement
  > notice must include in order to be actionable and what steps the ISP
  > must take on receipt of an actionable notice. It also prescribes
  > procedures for the alleged infringer to object and for the ISP to
  > restore the material following an objection.
  >
  > Follow the procedures described in the law to retain your immunity as
  > an ISP. Consult a local lawyer if you don't find them sufficiently
  > obvious.
  
  Note: the DMCA, and 'takedown notices' associated therewith apply to
  contet that an ISP customer is 'publishing' by public display on the
  Internet.
  
  The OP is getting notices that someone with an IP address in a netblock
  'belonging' to the ISP he operates is _downloading_ content that 'someone
  else' [more than one such entity, in all probability, given that it's
  bittorrent, and presumably exteral to the OP's netblock(s)] is doing the
  'publishing' addressed by the DMCA, and the 'safe harbor' provisions
  for ISPs.
  
  I'm NOT SURE whether the ISP has any potential liability in _this_ 
  situation -- there's nothing 'published' by their customer for them to
  'take down', etc.
  
  However, the *only* reasonable/rational recommedation that can be made
  to the OP is "consult competent professional legal counsel in *your*
  jurisdiction."  It is virtully a requirement to do this on a "paid",
  "commercial", "lawyer-client" basis, and to get the 'opinion' _in_writing_,
  so that *if* the advice received (and which was followed) turns out
  'after the fact' to be incorrect, one has recourse aginst the lawyer's
  malpractice insurance (to make one whole, as far as the 'detrimental
  reliance' on the opinion that was proven to be incorrect).
  
  
  *I* would be tempted to respond, *once*, to the issuer of such notices,
  to the effect that customemr info is disclosed only upon receipt of a
  valid court subpoena, and the 'records production' costs are $$/hr, with
  an $xx minimum. And, if they persited in the FUD notices, I would explicitly
  *block* the source (not 'discard', but actively block -- so that they have
  'actual notice' of non-delivery).
  
  I *WOULD*, however, take my own advice, and pay a competent lawyer for
  a consultation, BEFORE actually doing anything of the sort.  <grin>
  
  
  
  
  
  ------------------------------
  
  Message: 7
  Date: Wed, 22 Aug 2012 23:43:12 +0430
  From: Shahab Vahabzadeh <sh.vahabzadeh () gmail com>
  To: aj () sneep net
  Cc: nanog () nanog org
  Subject: Re: Fair Use Policy
  Message-ID:
   <CAGqGmqY1ea-oEYWU_wC+D+_ZJsz4KL3dz8iFAAOKJT-xg=E2jQ () mail gmail com>
  Content-Type: text/plain; charset=ISO-8859-1
  
  I am using Cisco 7206 VXR with NPE-G2 as my BRAS's.
  
  On Wed, Aug 22, 2012 at 11:40 PM, Alastair Johnson <aj () sneep net> wrote:
  
  > Depends on your BRAS. Some support time-of-day or other threshold based
  > policy changes.
  >
  > Generally speaking though you would be better going to an external policy
  > engine.
  >
  > -----Original Message-----
  > From: Shahab Vahabzadeh <sh.vahabzadeh () gmail com>
  > Date: Wed, 22 Aug 2012 23:36:40
  > To: Owen DeLong<owen () delong com>
  > Cc: <nanog () nanog org>
  > Subject: Re: Fair Use Policy
  >
  > What I am talking mostly is some services like COA, in which you can change
  > users shape time-base and periodically without disconnecting them.
  >
  > On Wed, Aug 22, 2012 at 11:33 PM, Owen DeLong <owen () delong com> wrote:
  >
  > > If you want to control usage that way, sell a metered product. Bill the
  > > heavy users more for their usage.
  > >
  > > Otherwise, price your services such that you can build adequate upstream
  > > capacity to serve your users.
  > >
  > > I'm not a fan of using "rateshaping" (which is what you are describing)
  > to
  > > cover for inadequate facilities.
  > >
  > > Owen
  > >
  > > On Aug 22, 2012, at 11:57 , Shahab Vahabzadeh <sh.vahabzadeh () gmail com>
  > > wrote:
  > >
  > > Dear Owen,
  > > As you know in pick time of internet usage like midnight in which we have
  > > free-access times too, some users which really want to use internet for
  > > their daily usage and not downloading or using peer-to-peer services
  > > unfairly affecting this problem.
  > > Some companies are using some polices for users to solve this problem.
  > > Do you have any Idea?
  > > Thanks
  > >
  > > On Wed, Aug 22, 2012 at 11:22 PM, Owen DeLong <owen () delong com> wrote:
  > >
  > >> I think the first step would be to define what you mean by fair use.
  > >>
  > >> Are you talking in the DMCA sense of the term, the legal sense of the
  > >> term as applies
  > >> to IP in other areas, or something else?
  > >>
  > >> Owen
  > >>
  > >> On Aug 22, 2012, at 11:40 , Shahab Vahabzadeh <sh.vahabzadeh () gmail com>
  > >> wrote:
  > >>
  > >> > Hello Everybody,
  > >> > Has any body any good and easy setup idea for "Fair Use Policy"
  > service
  > >> for
  > >> > my xdsl customers?!
  > >> > Can do this in the BRAS side and nothing done with accounting and
  > >> radius?
  > >> > Thanks
  > >> >
  > >> > --
  > >> > Regards,
  > >> > Shahab Vahabzadeh, Network Engineer and System Administrator
  > >> >
  > >> > Cell Phone: +1 (415) 871 0742
  > >> > PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81  C2EE 76A2 46C2 5367
  > BF90
  > >>
  > >>
  > >
  > >
  > > --
  > > Regards,
  > > Shahab Vahabzadeh, Network Engineer and System Administrator
  > >
  > > Cell Phone: +1 (415) 871 0742
  > > PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81  C2EE 76A2 46C2 5367 BF90
  > >
  > >
  > >
  >
  >
  > --
  > Regards,
  > Shahab Vahabzadeh, Network Engineer and System Administrator
  >
  > Cell Phone: +1 (415) 871 0742
  > PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81  C2EE 76A2 46C2 5367 BF90
  >
  
  
  
  -- 
  Regards,
  Shahab Vahabzadeh, Network Engineer and System Administrator
  
  Cell Phone: +1 (415) 871 0742
  PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81  C2EE 76A2 46C2 5367 BF90
  
  
  End of NANOG Digest, Vol 55, Issue 68
  *************************************
    


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault