Roland Perry - "is an ISP a 'Person'?"

Tue, 1 Oct 2002 23:34:39 +0100

Peter Fairbrother wrote:
>> Dave Howe wrote:
> (a) so modifies or interferes with the system, or its operation,
> (b) so monitors transmissions made by means of the system, or
> (c) so monitors transmissions made by wireless telegraphy to or from
> apparatus comprised in the system,
>     as to make some or all of the contents of the communication
> available, while being transmitted, to a person other than the sender
> or intended recipient of the communication. -}
Which of course is the crux. does virus scanning "make some or all of the
contents of the communication available, while being transmitted, to a
person other than the sender or intended recipient of the communication"?
I can see how it "monitors transmissions made by means of the system" but
that shouldn't matter if the final clause isn't met.

> It makes content available for the person who runs the machine to
> use, even if he doesn't read it. The words "see" and "read" do not
> appear in Ch1 of RIPA.
An automated virus scanner (one that deletes) could not under any
circumstances make content available; if anything, it removes content from
those who might legitimately expect to receive it...

> SEP, I think. The easy way would be to "ask" the webmail server to do
> it for you.
Indeed. not if the webmail server is in another juristiction though.

> No. Viral scanning is probably lawful in most cases, as is rejection
> based on size. Both are lawful interception. The lawfulness is based
> on the purpose for which the interception is done. Both are measures
> to protect the service.
>
> The test is if it's done "for purposes connected with the provision or
> operation of the service". If not, it's probably unlawful for ISP's
> to do it without a warrant. Remarkably sensible, for RIPA. This is
> about _Public_ ISP's.
>
> Incidently, on reflection(!), I was wrong about echo-cancelling, it's
> not interception - there is no act of modification, interference or
> monitoring "as to" (which I take to mean both "with the effect of"
> and "intended to") make content available.
but this is of course true of memiming and/or virus scanning. both modify
only the message stream - they do not redirect portions of it outside of
that stream to any third party, or store locally portions of that stream in
a manner that could "make them available" to an operator unless that storage
would take place anyhow. Quarantine (as normally set up) could well be
interception, but it would be borderline; ok, it involves storing for later
processing, but so does mail spooling (in cases of non-delivery).