Cyberlaw/Day 2: Difference between revisions

From Cyberlaw: Internet Points of Control Course Wiki
Jump to navigation Jump to search
No edit summary
Line 23: Line 23:
****Consider that ISPs assign IP addresses to people. Usually they know who those people are, and where they are.
****Consider that ISPs assign IP addresses to people. Usually they know who those people are, and where they are.


== Group 5, ISPs ==
== ISP group ==
*RESPONSE:
*RESPONSE:
** We don't want to pay the costs of compliance just because we're trying to be good. We would actually favor gov't regulation to a scheme of individual liability like this.
** We don't want to pay the costs of compliance just because we're trying to be good. We would actually favor gov't regulation to a scheme of individual liability like this.

Revision as of 17:41, 3 January 2008

  • Day 2 notes and questions:

Group 5, Texas Lawyers

  • General criteria for liability:
    • Those with deep pockets
    • Those likely to be found liable
    • BUT liability rule must not kill internet or other things people care about. Must be a sustainable rule.
  • Whom to sue?
    • OS makers, ISPs, SW makers, and antivirus makers.
    • Go after people who have some actual relation to the problem.
    • Custodians of hijacked computers.
    • HW manufacturers.
  • What are the standards of liability?
    • Tort
      • BUT hard to get tort liability for purely economic harm, if no accompanying physical harm. So if virus resulted in someone actually dying, can bring basic negligence case based on breach of duty.
    • Picker article: most states will honor disclaimer of MS's warranty; won't let you get around it through tort or contract.
  • To whom would it be most fair to apply liability?
    • ISPs, because they have greater ability to control.
    • Picker: you've got cyberterrorists, and cyber-fraudsters, and cyber-vandals. Make distinctions along this taxonomy.
      • So can look to intent of harm-dealer. But this is difficult because there are innovative new harms coming up every day.
    • Perhaps 'harm' = running 'rogue' code that in retrospect you wouldn't have wanted to have running.
      • Can ISPs do anything about the problem of rogue code? Can they distinguish 'rogue code' from everything else that they pass?
        • Consider that ISPs assign IP addresses to people. Usually they know who those people are, and where they are.

ISP group

  • RESPONSE:
    • We don't want to pay the costs of compliance just because we're trying to be good. We would actually favor gov't regulation to a scheme of individual liability like this.
  • We do, however, favor consumer-targeted schemes. "We'll watch your traffic" could be a selling point to the consumer, too. "If it looks like you're doing something suspicious, we'll say you can't do it!"
    • Cf. Picker's scheme: "if you go with AOL, we'll be ready to catch you if you fall."
  • What is the right level of efficiency?
Retrieved from "http://cyber.harvard.edu/ipc/?title=Cyberlaw/Day_2&oldid=1728"