Susan Crawford blog :: New affiliation and computer crime

This Month

Month Archive

May 2004
April 2004
March 2004
February 2004
January 2004

Year Archive

2007
2006
2005
2004
2003

Search Google

Previous:	Copyright Office and Gaming
Next:	Beryl Howell and Alan Davidson

New affiliation and computer crime

by Susan on Sat 27 Mar 2004 10:28 AM EST | Permanent Link

I'm delighted to say that I've been added to the roster of Fellows of The Information Society Project at Yale Law School. This means more trips to New Haven ("The Hub"), and, with luck, some engaging meetings in New York. Thanks.

I'm here in Room 127 of the Yale Law School for a cybercrime conference. So far, we had an excellent keynote from Dan Geer, and Tony Rutkowski (VP of Regulatory Affairs at VeriSign) is getting up to talk now.

But I'm distracted by a conversation I had with someone before the meeting began. He said that this whole game of ICANN and VOIP and lots of other worries is essentially over -- FCC plans to assert jurisdiction over the DNS as an IP-enabled service (and assert jurisdiction over email and any other application that uses IP). He pointed to an FCC NPRM (MC 04-36) in support of this assertion. He also said that the EC has issued a similar notice. These notices point to a limited set of obligations for providers. Game over, in this individual's view.

Back to Tony. He's pointing to the fact that there are very few content intercepts in the real world. Most requests are made for subscriber information. Law enforcement access is essential, and all we're talking about is what costs will be paid by whom. Anonymity is over. Key developments are happening in the private sector. In the public sector, we're talking about the cybercrime treaty (probably will come into effect this year), the UK data retention code, and the FCC CALEA proceeding. Europe cares only about data retention; they're way past CALEA.

He says re CALEA proceeding:

Coverage: Nothing really new here (real time access to data is a fact of life under state and federal law); we're just shifting costs to providers. And need capabilities in place in order to do this stuff. Law enforcement has a critical need for access in today's nomadic architecture environment. He says this is innovative.

Compliance: Creative, more flexible, adopts 15 month benchmark approach to enforcement.

Costs: Pass on implementation costs to subscribers; transparency is good; service bureaus make the costs minor; parity with other regulatory mandates (E911, Universal Service); costs are trivial compared to stored data production via subpoenas. (that's an interesting point, if true, and Tony seems to know what he's talking about.)

More when the next panel comes up.

Posted to:

Main Page