PacketStream is the first of its kind peer-to-peer proxy network. Packeters are compensated for sharing bandwidth on the PacketStream network and allowing users all over the world have access to content on the internet through our secure network. Customers can purchase bandwidth and browse the web from residential IPs to protect their browsing privacy.
The PacketStream network routes customer traffic through PacketStream users allowing for increased privacy and access to geo-restricted content while browsing the web. Packeters on the PacketStream network share their bandwidth with PacketStream customers. The website/service receiving HTTP requests sees requests coming from real residential IPs and allows access to content that would otherwise be blocked if it had been requested from traditional datacenter VPNs or proxy networks."
How can this not be a violation of the ToS of just about every major provider?
Anne
Anne P. Mitchell,
Attorney at Law
GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Legislative Consultant
CEO/President, Institute for Social Internet Public Policy
Board of Directors, Denver Internet Exchange
Board of Directors, Asilomar Microcomputer Workshop
Legal Counsel: The CyberGreen Institute
Legal Counsel: The Earth Law Center
California Bar Association
Cal. Bar Cyberspace Law Committee
Colorado Cyber Committee
Ret. Professor of Law, Lincoln Law School of San Jose
Ret. Chair, Asilomar Microcomputer Workshop
How can this not be a violation of the ToS of just about every major provider?
Can you perhaps cite ToS excerpts from one or more major providers to
support your assertion?
Anne P. Mitchell,
Attorney at Law
GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Legislative Consultant
CEO/President, Institute for Social Internet Public Policy
Board of Directors, Denver Internet Exchange
Board of Directors, Asilomar Microcomputer Workshop
Legal Counsel: The CyberGreen Institute
Legal Counsel: The Earth Law Center
California Bar Association
Cal. Bar Cyberspace Law Committee
Colorado Cyber Committee
Ret. Professor of Law, Lincoln Law School of San Jose
Ret. Chair, Asilomar Microcomputer Workshop
Are you listing all the above because you are presenting a formal
position supported by all these organisations about ToS? Can you for
instance clarify how signing of as a director for the Denver Internet
Exchange shapes the context of your ToS message?
Or, perhaps you are listing the above for some kind of self-marketing
purposes? If that is the case, please note that it is fairly uncommon to
use the NANOG mailing list to distribute resumes. I know numerous
websites dedicated to the dissemination of work histories, perhaps you
can use those instead of operational mailling list?
Obviously violates every standard “don’t resell the service” clause. ( But these are also the same TOSes that tell me I can’t VPN into the office , so they can pound sand. )
Doing this makes about as much sense as running a TOR exit node to me. Too much exposure to someone doing something dumb through you that you’d be left holding the bag for.
feeling cranky, are we, job? (accusing an antispam expert of spamming on a mailing list by having too long a .sig?)
but it’s true! anne runs the internet, and the rest of us (except for ICANN GAC representatives) all accept that.
to actually try to make a more substantial point, i am quite curious how the AUPs of carriers try to disallow bandwidth resale while permitting
• cybercafe operations and other “free wifi" (where internet service might be provided for patrons in a hotel or cafe)
• wireless access point schemes where you make money or get credit for allowing use of your bandwidth (e.g. Fon)
• other proxy services that use bandwidth such as tor exit nodes and openvpn gateways
i suppose they could just try to disallow resale or allow on-premises use even if revenue is received. the Fon business model seems pretty comparable to me.
Sounds like a "paid" TOR. Is TOR a ToS violation too -- the EFF would probably like to hear of it if so. Or just the aspect of reselling one's service?
In article <af762f22-9431-4137-b87e-2444a62bdd87@Spark> you write:
-=-=-=-=-=-
feeling cranky, are we, job? (accusing an antispam expert of spamming on a mailing list by having too long a .sig?)
but it’s true! anne runs the internet, and the rest of us (except for ICANN GAC representatives) all accept that.
to actually try to make a more substantial point, i am quite curious how the AUPs of carriers try to disallow
bandwidth resale while permitting
• cybercafe operations and other “free wifi" (where internet service might be provided for patrons in a
hotel or cafe)
• wireless access point schemes where you make money or get credit for allowing use of your bandwidth (e.g. Fon)
• other proxy services that use bandwidth such as tor exit nodes and openvpn gateways
To belabor the fairly obvious, residential and business service are
different even if the technology is the same. For example, Comcast's
residential TOS says:
You agree that the Service(s) and the Xfinity Equipment will be used
only for personal, residential, non-commercial purposes, unless
otherwise specifically authorized by us in writing. You are prohibited
from reselling or permitting another to resell the Service(s) in whole
or in part, ... [ long list of other forbidden things ]
Their business TOS is different. It says no third party use unless
your agreement permits it, so I presume they have a coffee shop plan.
(The agreements don't seem to be on their web site.) I'd also observe
that coffee shop wifi isn't "resale" since it's free, it's an amenity.
As to how do these guys think they'll get away with it, my guess is
that they heard that "disruption" means ignoring laws and contracts
and someone told them that is a good thing.
It seems like just another example of liability shifting/shielding. I’ll defer to Actual Lawyers obviously, but the way I see it, Packetstream doesn’t have any contractual or business relationship with my ISP. I do. If I sell them my bandwidth, and my ISP decides to take action, they come after me, not Packetstream. I can plead all I want about how I was just running “someone else’s software” , but that isn’t gonna hold up, since I am responsible for what is running on my home network, knowingly or unknowingly.
These guys likely just wrote a custom TOR client and a billing backend, and are banking on the fact that most people running as the exit aren’t going to get caught by their provider. Ingenious, although shady. I do like they have the classic pyramid scheme going for “income off referrals”, just so make sure you KNOW they’re shady if you might have suspected otherwise.
It seems like just another example of liability shifting/shielding. I'll defer to Actual Lawyers obviously, but the way I see it, Packetstream doesn't have any contractual or business relationship with my ISP. I do. If I sell them my bandwidth, and my ISP decides to take action, they come after me, not Packetstream. I can plead all I want about how I was just running "someone else's software" , but that isn't gonna hold up, since I am responsible for what is running on my home network, knowingly or unknowingly.
And *that* is *exactly* my concern. Because those users...('you' in this example)...they have *no idea* it is causing them to violate their ToS/AUP with their provider.
And this in part, is my reason for bringing it up here in NANOG - because (at least some of) those big providers are here. And those big providers are in the best position to stamp this out (if they think that it needs stamping out).
And:
As to how do these guys think they'll get away with it, my guess is
that they heard that "disruption" means ignoring laws and contracts
and someone told them that is a good thing.
I would have appreciated a C&C warning on that.
Anne
Anne P. Mitchell,
Attorney at Law
GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Legislative Consultant
CEO/President, Institute for Social Internet Public Policy
Board of Directors, Denver Internet Exchange
Board of Directors, Asilomar Microcomputer Workshop
Legal Counsel: The CyberGreen Institute
Former Counsel: Mail Abuse Prevention System (MAPS)
California Bar Association
Cal. Bar Cyberspace Law Committee
Colorado Cyber Committee
Ret. Professor of Law, Lincoln Law School of San Jose
Ret. Chair, Asilomar Microcomputer Workshop
particularly "interesting" when someone downloads CP (or, as it now seems to be called, CSAM) using their ipaddr and causes them to become a Person of Interest.
Anne P. Mitchell, Esq.
Sent: Thursday, April 25, 2019 9:06 PM
>
> It seems like just another example of liability shifting/shielding. I'll
defer to
Actual Lawyers obviously, but the way I see it, Packetstream doesn't have
any contractual or business relationship with my ISP. I do. If I sell
them my
bandwidth, and my ISP decides to take action, they come after me, not
Packetstream. I can plead all I want about how I was just running "someone
else's software" , but that isn't gonna hold up, since I am responsible
for
what is running on my home network, knowingly or unknowingly.
And *that* is *exactly* my concern. Because those users...('you' in this
example)...they have *no idea* it is causing them to violate their ToS/AUP
with their provider.
But isn't there a law in US that protects oblivious or outright simple-mined
population from falling for these type of "easy money" schemes by
prohibiting these types of business?
I believe there's something like that in EU (rendering pyramid schemes or
lending money with extreme interests illegal for example).
Although I appreciate that in this particular case the exact formulation
would be rather cumbersome to define.
It seems like just another example of liability shifting/shielding. I’ll defer to Actual Lawyers obviously, but the way I see it, Packetstream doesn’t have any contractual or business relationship with my ISP. I do. If I sell them my bandwidth, and my ISP decides to take action, they come after me, not Packetstream. I can plead all I want about how I was just running “someone else’s software” , but that isn’t gonna hold up, since I am responsible for what is running on my home network, knowingly or unknowingly.
And that is exactly my concern. Because those users…(‘you’ in this example)…they have no idea it is causing them to violate their ToS/AUP with their provider.
And this in part, is my reason for bringing it up here in NANOG - because (at least some of) those big providers are here. And those big providers are in the best position to stamp this out (if they think that it needs stamping out).
So providers should stamp this out (because it is “bad”) and support customers who are running TOR nodes (because those are “good”). Did I get that right?
And that is the conundrum here I think. It’s very difficult (for me) to reconcile “NET NEUTRALITY!! PROVIDERS SHOULD BE DUMB PIPES!” with “Hey providers, this company is trying to do something sketchy, you should take action to stop it from working.”
Reselling bandwidth/access to your residential internet connection isn’t (to my knowledge) breaking any criminal LAWS. It’s only violating the ToS between you and your provider, to which they have a remedy of canceling your account if they decide to. (Maybe there’s civil action there? I dunno.) So for anything not violating laws I’m not sure I want ISPs interfering with traffic at all.
On the flip side, maybe ISPs can be pragmatic about this, and send warnings to people who may start using this…“service”. Give them a heads up that they appear to be doing something that is in violation of the ToS, and if they continue, their account might be canceled. Be a nicer method than just 0 to canceled in one go.
If that is how you see it, then it's right for you. At no time did I mention TOR, nor will I get dragged into that discussion.
Anne
Attorney at Law
GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Legislative Consultant
CEO/President, Institute for Social Internet Public Policy
Board of Directors, Denver Internet Exchange
Board of Directors, Asilomar Microcomputer Workshop
Legal Counsel: The CyberGreen Institute
Former Counsel: Mail Abuse Prevention System (MAPS
California Bar Association
Cal. Bar Cyberspace Law Committee
Colorado Cyber Committee
Ret. Professor of Law, Lincoln Law School of San Jose
With all due respect, you haven’t yet cited an example of an ISP TOS at “every provider” that this new company’s product violates. I’m not asking you to critique TORs, I’m asking that you tell us the TOS restriction that you believe is so obvious to everyone? Because it’s not obvious to me, and I own an ISP.
You are prohibited from reselling or permitting another to resell the Service(s) in whole or in part, or using or permitting another to use the Xfinity Equipment or the Service(s), directly or indirectly, for any unlawful purpose, including, but not limited to, in violation of any policy we post applicable to the Service(s).
As a lawyer, I’m sure you realize those overly broad policies are unenforceable on their face. Phrases such as “resell...directly or indirectly” could just as easily be interpreted to mean you can’t perform paid consulting work by email over a residential link — something patently ridiculous.
Can you cite any case law where these restrictions have been enforced? I believe if a case every cane to court, the defense would have an excellent argument that the plain meaning of these restrictions is to prevent others from buying direct Internet access from another communications channel (e.g., WiFi) from the residence, not passing data through the residence.
)
