Cisco is following this case closely for obvious reasons.
The below is shared in arm-chair lawyer spirit as well as
I am neither a lawyer or spokesperson for Cisco.
The current interim advice I have been told internally (for
my customers offering public internet access in Council Libraries)
until this case progresses through to a settled conclusion and/or
the new Bill clarifies things is:
1) The liability lies with the line owner/renter if they are not
a licenced telco. Therefore hotspot services that go straight
into a telco's own line and infrastructure are not affected.
e.g. a BT Openzone straight onto a BT owned and paid for ADSL
line. If the traffic is on your own line or transits through
your line in separation, you're liable if you pay that line's
bill and don't otherwise have a Carrier Exemption for some
other purpose.
2) If you are liable, ensure that any Wi-Fi service is portalled,
with NATed IP addresses logged for later tracking, and that users
cannot self-serve without a categoric form of ID being presented
first allowing them access. That's the hard part, as it puts a
barrier in the way of providing free and ubiquitous wireless.
If the ID is stolen (e.g. credit card number on a chargeable
service) you're OK as you've done the best you can to track a
user. The problem is where no serious attempt has been made to
keep usage logs. Using 'best effort' in legal terms, not
technical terms, is usually accepted as proof you have been
responsible in offering a service - but is not guaranteed as
there is a serious lack of case law that is only going to get
worse when the new Bill passes if it goes through broadly
as it's (poorly) drafted at the moment.
It will certainly be interesting to see how this develops.
Regards,
Paul
> -----Original Message-----
> From: Wireless Issues in the JANET community [mailto:WIRELESS-
> [log in to unmask]] On Behalf Of Mike Richardson
> Sent: Monday, November 30, 2009 1:27 PM
> To: [log in to unmask]
> Subject: Re: Legal liability?
>
> On Mon, Nov 30, 2009 at 01:21:04PM +0000, Tim Chown wrote:
> > /armchair lawyer mode on
> >
> > This seems to be a pretty landmark case, but one that will surely be
> > contested/appealed?
>
> Our expectation as well.
>
> > The article implies that the pub owner was fined because he couldn't
> > identify individuals who were performing the illegal action when a
civil
> > case was brought against him by whoever the copyright owner was.
> > It doesn't say how that particular Cloud site made access available,
> > or why the individual wasn't accessable. It hints that NAT was to
> blame.
>
> We were discussing this at lunchtime. None of the articles seem to
have
> much
> detail as to how the connections were being made. Was the landlord
being
> an
> idiot and giving out one username and password to his customers? AFAIK
a
> normal Cloud user has a their own username so should be identifable.
How
> did
> the complainant identify the AP being used?
>
> > In the case of eduroam, it should be possible to link a specific
> activity
> > to a specific authenticated user? And any Tier 3 site will have one
> > global IP per user (and IPv6 available!).
>
> Sounds reasonable but reason seems to have taken a holiday with this
> story.
>
> Mike
> --
> Mike Richardson
> Networks
> IT Services, University of Manchester
> *Plain text only please - attachments stripped on arrival*
|