Motion for a new POST NSF AUP

John Curran and I are in total agreement on John's premise that any
Post NSF AUP is either a) unenforceable or b) subject to abuse. I suggest
that for the moment, that we agree with John that any AUP is both:

a) Unenforceable;
b) Subject to abuse; and
c) Virtually impossible to authenticate.

Giving the above, the question still remains and the original motion is still
valid for this reason.

If we define a Post NSF AUP, then at least everyone who uses the Internet
will have had the opportunity to have read and understood what the current
Internet AUP describes.

It is possible that having a clearly defined AUP will not stop spam and
other unacceptable uses of the net, and clearly an AUP is not enforceable
( and for IP security reasons should not be enforced without absolute
authentication as John correctly points out).

On the other hand, having a clearly defined AUP may discourage potential
spammers and child pornographers, etc. (not that we consider spammers
and child pornography peddlers in the same vein..). Also, having a
clearly defined Internet AUP will send a signal to the news media and
government officials that the providers of Internet services are
capable of formulating policy in an area that, without self-regulation,
has a strong potential to continue degenerating.

Is a self-formulated Post NSF AUP, without enforcement, still a good idea?

The answer, I suggest, is not obvious, but a debate on the subject
does have considerable merit, given the events of the past week or so.


For my two cents:

I also agree with John. I think the current system where 'civic-saviors'
protest spams to the spammers' provider works fairly well. It works as a
pressure to resist spamming. The only thing I don't like about it are the
militant-son-of-spams. If the current unstructured system stays, I think
there should be a simple addition to govern son-of-spammers to prevent the
kind of frontier justice used on those lawyers. I myself will usually
forward the complaint on to the spammers. After 2 complaints I add that
they need to stop the activity, but sometimes it's simply a lag-time or
long time-to-live on a spam that keeps complaints coming in long
afterward. ...

---------------- Brian Curnow --------------

The only question that I have is what does this do to your position as a
"common carrier like" organization? It weakens it horrendously. I wish
that it didn't, and when I start my ISP up, Jan 1st (as opposed to the
one I am working for now), I will have an AUP, but just be aware, it
/does/ weaken your position as a "common carrier like" organization. It
is at that point that you should start to seriously consider removing
binaries groups and other things, and finding a way to act immediately on
things like someone saying that one of your users violated a copyright
law or the like. I am not advocating one way or the other, just saying
that you should stand to one side of the road or the other, not the middle.

I plan to stand on the side where I can have an AUP, and plan to have my
lawyer make a fair number of decisions on things like what do I do when
someone tells me a user has violated copyright, etc etc. I also plan to
purchase news services from someone else in the beginning so that I am
not a news distributor, I am only giving people a way to view it (News
will never be stored on my systems). Maybe when the water gets a little
less rocky I'll start using my own news server. Those decisions are
mine, not yours, you can of course make your own. I made mine after
hours of consultation with my lawyer, as well as talking to several other
lawyers. You should do the same.