<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: ENUM domain hijack an already unlawful wiretap?

  • To: Michael Haberler < >
  • From: James Seng < >
  • Date: Sun, 29 Feb 2004 19:47:45 +0800

are there problems/issues with enum/sip? yes.
do we want to discuss them? yes.
do we want to fix them? yes.
do we want to fix them by imposing regulation? i rather not.

wiretapping by diverting lines? hijacking domain names? privacy? sure, lets discuss them how we can prevent it.

regulation? erm, i rather not discuss it now.

james

Michael Haberler wrote:

At 00:05 29.02.2004, James Seng wrote:

Neither of case are wiretap. Incompetencies are not illegal (yet).

sorry if I was unclear: I assumed maliciious intent with both scenarios.

re case 2: There is one scenario I can think of where the old number holder knows who will be the new holder (e.g. in Austria it is cheaper to transfer a pots line including number to a new subscriber than to cancel+newly install one). E.g. after a divorce that isnt totally unlikely..

re: incompetence - violating a law and claiming you didnt know it traditionally doesnt help much in court.

Maybe it is enough to state in terms and conditions that "the right to use services based on derived communication parameters is void as soon as the right-to-use in the primary communication parameter expires. A failure to comply may be qualified as a breach of privacy of other persons."

Unfortunately, this collides with the implicit assumption what the nature of numbers allocated from blocks held by telcos are - it seems to me that the user has no responsibility other than to pay his bills and other than that may claim stupidity.

This is very different from direct end-user number allocation for service numbers where the user provably must have had knowledge about usage T&C, so incompetence may not be claimed. It's also not a problem with domain names, where it is very clear that the user (not ISP!) is liable if he violates the right of third parties. It took the justice system many years to understand the difference, but it is status quo for domains nowadays.

-Michael


Michael Haberler wrote:

Here's a strawman for you to to shoot down:
[snip]

Taking the "technology neutral" view, I'd say both are cases of an unlawful wiretap. For that legislation exists making the person responsible doing that, not the telco.
Now where's the difference? I wonder if we need any regulation against ENUM domain hijack at all.
Nevermind that case 2 is one of the more stupid forms of intentional wiretapping as it is in most cases hard to predict who's going to be tapped in the first place because that depends on the lucky draw of number reassignment, leave alone the unattractive timespan between intent and "success". But the case of "inadvertent wiretap by negligence" remains.






  • Post To The List:
<<< Chronological >>> Author    Subject <<< Threads >>>