Differences between revisions 13 and 14

Proposed Mission

"The Policy Committee will recommend policies so that the Personal Telco Project, Inc. can protect itself from liability resulting from illegal, harmful or malicious use of its network or from activities related to installation and management of nodes." -TomOffermann

"The Policy Committee will be a Standing Committee of the Board, existing until 3/9/2005, to be chaired by TomOffermann and populated by at least 2 additional members." -DarrinEden

The Policy Committee will be populated by JerrittCollord, AndrewWoods, MichaelWeinberg and MusashiHybrid.

Initial Discussion

TomFitzgerald likes the idea, but is concerned about another committee bogging down folks time.

AndrewWoods, TomHiggins and JerrittCollord argue that the committee can free most PTP participants' time by handling policy issues that are currently being hashed out in general forums.

TomOffermann wants to focus on legal issues related to Ops Team operated nodes first, as they open PTP to the most liability.

MusashiHybrid offers to solicit opinions on CRIME list.

JerrittCollord prefers asking a trusted individual from the CRIME list, rather than advertising to the whole list.

Policy Links

We've started a list of relevant PolicyLinks.

Background Documentation

TomOffermann provided this proposal to the originally proposed members of the PolicyCommittee (AndrewWoods, JerrittCollord and MichaelWeinberg) via e-mail:

My main interest in helping to create policy is so that the PTP organization can protect itself from liability that results from illegal, harmful, or malicious use of its network, or from our installation and management of PTP nodes.

I also feel that a policy committee would be useful to consider questions about how node owners and node users could protect themselves as well. But, that should be a secondary focus of the Committee, I think.

The key questions I would like to discuss:

1) Does PTP need additional policies to protect itself? 2) If so, is a Policy Committee the best way to consider these questions? 3) What activities or scenarios put PTP at risk? 4) What policies (if any) can PTP put in place to mitigate those risks?

Below are my thoughts on these questions. If you won't be able to able to make tomorrow's meeting, please send feedback via email.

Thanks, Tom

PURPOSE OF POLICY COMMITTEE

As I see it, the purpose of the Policy Committee is not to decide PTP policy. Instead, our purpose should be to consider policies and make recommendations. All policy decisions should be made by the Board and by PTP Members.

FOCUS OF POLICY COMMITTEE

Because of the active involvement of the Ops Team on what I call "Ops Nodes", I feel that there is a much greater chance for PTP to be held liable for some kind of "bad activity" on Ops nodes, and so the policy committee should focus first on questions surrounding these nodes.

DEFINITIONS

"Ops Nodes": Nodes that have been installed, and are actively managed by the Ops Team. In the absence of any formal definition, I consider these nodes to include any PTP node with my public SSH key on it.

Private Nodes: Nodes that are official PTP nodes, but that are installed and managed by individual owners.

OPS NODE ISSUES

Installatiion of Ops Nodes

Licensing
- What are non-contractors allowed to do? What kind of work requires a contrator's license? Run cable? Mount equipment on walls? Mount antennas on rooftops? What are the relevant building/construction codes that PTP should be aware of?
Insurance
- Do PTP members need insurance for any installation activity? (Climbing on rooftops, etc.)
Injury
- What happens if a PTP member is injured during an install? How can we insure that PTP is not liable? How can we insure that the node owner is not liable?

Operation of Ops Nodes

For the following "bad" activities:
- 1) Spam 2) Pornography (especially Child Pornography) 3) Security breach of Node Owner network/computer.
  - What if the firewall for between the PTP access point and the Node Owner network is breached? Should PTP have a standard firewall policy when we are installing a node on a network that is also used for business?
  4) Violating the ISP's AUP
  - Should PTP insist that a node owner uses an ISP with an acceptable AUP? Should that be the node owner's decision? If so, how can PTP protect itself?
  5) Network is unreliable (Drew's "Bungled Stock Trade" example)
  - See http://www.personaltelco.net/index.cgi/LegalIssues
  6) Network is insecure (Drew's "VoIP Eavesdropping" example)
What are the possible consequences for the PTP organization?
What are the possible consequences for the node owner?
What can PTP do to protect itself?
- Possibilities include: Captive Portal, signed Node Owner Agreements between all node owners and PTP. Others?
What can the node owner do to protect itself?
- PTP should help node owners protect themselves.

Management of Ops Nodes

Monitoring of users
- Under the Patriot Act, could PTP be forced to install monitoring software on the Ops Nodes (without telling the users)? Can PTP organize itself, or structure it's network, to prevent that? Is that even an important goal?
Logging
- What kind of data should we log? Could PTP be compelled to turn over log files by court order? If so, does that change what we log?

PRIVATE NODE ISSUES

What advice can PTP give private node owners about protecting
- themselves, in terms of network security, legal protection, etc. Should PTP even give advice like this? What happens if PTP gives bad advice?
Is the PTP organization responsible/liable for any activity on
- private nodes?

TECHNOLOGY

How can PTP accommodate new technologies, while still protecting
- itself? For example, how can we enable VoIP phones to work on the PTP network, while still keeping any necessary protection in place for the PTP organization? Technology questions should NOT be decided by the Policy Committee, of course. But, we should recognize that all technology questions should also be considered in terms of their impact on PTP policies.

-  ← Revision 13 as of 2005-03-01 13:06:11 →
  Size: 9660
  Editor: pc125
  Comment:
+  ← Revision 14 as of 2005-03-01 13:06:32 →
  Size: 6496
  Editor: DarrinEden
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 1:
-!'''[http://phentermine1.chat.ru/ Buy phentermine]!'''!
+= Proposed Mission =
 Line 3:
-!'''[http://0nline-casin0.newmail.ru Online Casino] Win money fast!'''!
+"The Policy Committee will recommend policies so that the Personal Telco Project, Inc. can protect itself from liability resulting from illegal, harmful or malicious use of its network or from activities related to installation and management of nodes." -TomOffermann
 Line 5:
-!'''[http://united-airline.boom.ru/ United Airlines tickets] !'''!
+"The Policy Committee will be a Standing Committee of the Board, existing until 3/9/2005, to be chaired by TomOffermann and populated by at least 2 additional members." -DarrinEden
 Line 7:
-[http://online-degree.hotmail.ru/ Online degree]
+The Policy Committee will be populated by JerrittCollord, AndrewWoods, MichaelWeinberg and MusashiHybrid.
 Line 9:
-[http://online1degree.chat.ru/ Online degree]
+= Initial Discussion =



TomFitzgerald likes the idea, but is concerned about another committee bogging down folks time.



AndrewWoods, TomHiggins and JerrittCollord argue that the committee can free most PTP participants' time by handling policy issues that are currently being hashed out in general forums.



TomOffermann wants to focus on legal issues related to Ops Team operated nodes first, as they open PTP to the most liability.



MusashiHybrid offers to solicit opinions on CRIME list.



JerrittCollord prefers asking a trusted individual from the CRIME list, rather than advertising to the whole list.



= Policy Links =



We've started a list of relevant PolicyLinks.



= Background Documentation =



TomOffermann provided this proposal to the originally proposed members of the PolicyCommittee (AndrewWoods, JerrittCollord and MichaelWeinberg) via e-mail:



My main interest in helping to create policy is so that the PTP

organization can protect itself from liability that results from

illegal, harmful, or malicious use of its network, or from our

installation and management of PTP nodes.



I also feel that a policy committee would be useful to consider

questions about how node owners and node users could protect themselves

as well.  But, that should be a secondary focus of the Committee, I

think.



The key questions I would like to discuss:



  1) Does PTP need additional policies to protect itself?



  2) If so, is a Policy Committee the best way to consider these questions?



  3) What activities or scenarios put PTP at risk?



  4) What policies (if any) can PTP put in place to mitigate those risks?



Below are my thoughts on these questions.  If you won't be able to able

to make tomorrow's meeting, please send feedback via email.



Thanks,

Tom
-Line 12:
+Line 56:
-[http://chp-cigar.boom.ru/ cheap cigarettes]

[http://disc-cigar.boom.ru/ discount cigarettes]

[http://online-cigaret.hotmail.ru/ online cigarettes]

[http://marlb-cigar.boom.ru/ marlboro cigarettes]

[http://online-cigar.boom.ru/ online cigarettes]

[http://winst-cigar.boom.ru/ winston cigarettes]

[http://camel-cigar.boom.ru/ camel cigarettes]

[http://winst-cigaret.hotmail.ru/ Cheap winston cigarettes]
+PURPOSE OF POLICY COMMITTEE
-Line 21:
+Line 58:
-[http://kool-cig.boom.ru/ | kool cigarettes] 

[http://cigarettes-all.lbgo.com/ | cheap cigarettes] 

[http://discount-cig.boom.ru/ | discount cigarettes] 

[http://marlb-cig.boom.ru/ | marlboro cigarettes] 

[http://online-cig.boom.ru/ | online cigarettes] 

[http://camel-cig.boom.ru/ | camel cigarettes] 

[http://newport-cig.boom.ru/ | newport cigarettes] 

[http://marlb-ciga.boom.ru/ | marlboro cigarettes] 

[http://z100.boom.ru/ | marlboro cigarettes] 

[http://web100.boom.ru/ | marlboro cigarettes] 

[http://zt-marlb.boom.ru/ | discount cigarettes] 

[http://smoke-now.boom.ru/ | cheap cigarettes] 

[http://disc-ciga.boom.ru/ | cigarette discount] 

[http://chp-ciga.boom.ru/ | cheap cigarette]
+As I see it, the purpose of the Policy Committee is not to decide PTP

policy.  Instead, our purpose should be to consider policies and make

recommendations.  All policy decisions should be made by the Board and

by PTP Members.
-Line 36:
+Line 63:
+FOCUS OF POLICY COMMITTEE
-Line 37:
+Line 65:
-Best links: '''club month'''
+Because of the active involvement of the Ops Team on what I call "Ops

Nodes", I feel that there is a much greater chance for PTP to be held

liable for some kind of "bad activity" on Ops nodes, and so the policy

committee should focus first on questions surrounding these nodes.
-Line 39:
+Line 70:
+DEFINITIONS
-Line 40:
+Line 72:
+"Ops Nodes": Nodes that have been installed, and are actively managed by

the Ops Team.  In the absence of any formal definition, I consider these

nodes to include any PTP node with my public SSH key on it.
-Line 41:
+Line 76:
-[http://club-month.boom.ru/ | club month]
+Private Nodes: Nodes that are official PTP nodes, but that are installed

and managed by individual owners.
-Line 43:
+Line 79:
+OPS NODE ISSUES
-Line 44:
+Line 81:
-Best links: '''computer check'''
+Installatiion of Ops Nodes
-Line 46:
+Line 83:
+  * Licensing
-Line 47:
+Line 85:
+    What are non-contractors allowed to do?  What kind of work requires

    a contrator's license?  Run cable?  Mount equipment on walls?  Mount

    antennas on rooftops?
-Line 48:
+Line 89:
-[http://computer-check.nm.ru/ | computer check]
+    What are the relevant building/construction codes that PTP should be

    aware of?
-Line 50:
+Line 92:
+  * Insurance

  

    Do PTP members need insurance for any installation activity?

    (Climbing on rooftops, etc.)
-Line 51:
+Line 97:
-Best links: '''computer desk'''
+  * Injury
-Line 53:
+Line 99:
+    What happens if a PTP member is injured during an install?  How can

    we insure that PTP is not liable?  How can we insure that the node

    owner is not liable?
-Line 54:
+Line 103:
+Operation of Ops Nodes
-Line 55:
+Line 105:
-[http://computer-desk.newmail.ru/ | computer desk] 

[http://computer1-desk.boom.ru/ | computer desk] 

[http://computer1desk.chat.ru/ | computer desk]
+  For the following "bad" activities:
-Line 59:
+Line 107:
+) Spam
-Line 60:
+Line 109:
-Best links: '''counseling'''
+) Pornography (especially Child Pornography)
-Line 62:
+Line 111:
+) Security breach of Node Owner network/computer.
-Line 63:
+Line 113:
+       What if the firewall for between the PTP access point and the

       Node Owner network is breached?
-Line 64:
+Line 116:
-[http://credit-counseling.nm.ru/ | credit counseling]
+       Should PTP have a standard firewall policy when we are installing

       a node on a network that is also used for business?
-Line 66:
+Line 119:
+) Violating the ISP's AUP
-Line 67:
+Line 121:
-Best links: '''course'''
+       Should PTP insist that a node owner uses an ISP with an

       acceptable AUP?  Should that be the node owner's decision?  If

       so, how can PTP protect itself?
-Line 69:
+Line 125:
+) Network is unreliable (Drew's "Bungled Stock Trade" example)
-Line 70:
+Line 127:
+       See http://www.personaltelco.net/index.cgi/LegalIssues
-Line 71:
+Line 129:
-[http://online-course.nm.ru/ | online course]
+) Network is insecure (Drew's "VoIP Eavesdropping" example)
-Line 73:
+Line 131:
+  * What are the possible consequences for the PTP organization?
-Line 74:
+Line 133:
-Best links: '''credit counseling'''
+  * What are the possible consequences for the node owner?
-Line 76:
+Line 135:
+  * What can PTP do to protect itself?
-Line 77:
+Line 137:
+    Possibilities include: Captive Portal, signed Node Owner Agreements

    between all node owners and PTP.  Others?
-Line 78:
+Line 140:
-[http://credit1counselin.chat.ru/ | credit counseling] 

[http://credit-counseling.narod.ru/ | credit counseling]
+  * What can the node owner do to protect itself?
-Line 81:
+Line 142:
+    PTP should help node owners protect themselves.
-Line 82:
+Line 144:
-Best links: '''cruise'''
+Management of Ops Nodes
-Line 84:
+Line 146:
+  * Monitoring of users
-Line 85:
+Line 148:
+    Under the Patriot Act, could PTP be forced to install monitoring

    software on the Ops Nodes (without telling the users)?  Can PTP

    organize itself, or structure it's network, to prevent that?  Is

    that even an important goal?
-Line 86:
+Line 153:
-[http://norwegiancruisel.chat.ru/ | norwegian cruise line] 

[http://carnivalcruise.chat.ru/ | carnival cruise] 

[http://caribbeancruise.chat.ru/ | caribbean cruise] 

[http://pcruiseline.chat.ru/ | princess cruise line] 

[http://cruisetravel.chat.ru/ | cruise travel] 

[http://crystal1cruise.chat.ru/ | crystal cruise] 

[http://costacruises.chat.ru/ | costa cruises] 

[http://radissoncruise.chat.ru/ | radisson cruise] 

[http://medit1cruise.chat.ru/ | mediterranean cruise] 

[http://panama1cruise.chat.ru/ | panama canal cruise] 

[http://cruisedeal.chat.ru/ | cruise deal] 

[http://cruiseprincess.chat.ru/ | cruise princess] 

[http://norwegiancruise.chat.ru/ | norwegian cruise] 

[http://cruiseline.chat.ru/ | cruise line] 

[http://cruiseship.chat.ru/ | cruise ship] 

[http://discountcruises.chat.ru/ | discount cruises] 

[http://honeymooncruise.chat.ru/ | honeymoon cruise] 

[http://cruiseeuropean.chat.ru/ | cruise european] 

[http://celebritycruise.chat.ru/ | celebrity cruise] 

[http://lastminutecruise.chat.ru/ | last minute cruise] 

[http://cruisespecial.chat.ru/ | cruise special] 

[http://alaskacruise.chat.ru/ | alaska cruise] 

[http://carnivalcruises.chat.ru/ | carnival cruise ship] 

[http://newyorkcruises.chat.ru/ | new york cruises] 

[http://cheapcruise.chat.ru/ | cheap cruise] 

[http://hawaiicruises.chat.ru/ | hawaii cruise] 

[http://cruisevacation.chat.ru/ | cruise vacation] 

[http://disneycruise.chat.ru/ | disney cruise] 

[http://hamericacruises.chat.ru/ | holland america cruises] 

[http://familycruises.chat.ru/ | family cruises] 

[http://bahamascruise.chat.ru/ | bahamas cruise] 

[http://mexicocruise.chat.ru/ | mexico cruise] 

[http://bermudacruise.chat.ru/ | bermuda cruise] 

[http://europecruise.chat.ru/ | europe cruise] 

[http://caribbeancruisel.chat.ru/ | caribbean cruise line] 

[http://cruisepackage.chat.ru/ | cruise package] 

[http://cruisereview.chat.ru/ | cruise review] 

[http://carnivalcruisel.chat.ru/ | carnival cruise line] 

[http://disneycruisel.chat.ru/ | disney cruise line] 

[http://nilecruises.chat.ru/ | nile cruises] 

[http://luxurycruise.chat.ru/ | luxury cruise] 

[http://neworleanscruise.chat.ru/ | new orleans cruises] 

[http://celebritycruisel.chat.ru/ | celebrity cruise line] 

[http://galvestoncruises.chat.ru/ | galveston cruises] 

[http://starcruise.chat.ru/ | star cruise] 

[http://cruiseholiday.chat.ru/ | cruise holiday] 

[http://honeymooncruise.boom.ru/ | honeymoon cruise] 

[http://caribbeancruisel.boom.ru/ | caribbean cruise line] 

[http://ccruise-ship.boom.ru/ | carnival cruise ship] 

[http://europe-cruise.boom.ru/ | europe cruise] 

[http://cruise-package.boom.ru/ | cruise package] 

[http://cruise-european.boom.ru/ | cruise european] 

[http://bermuda-cruise.boom.ru/ | bermuda cruise] 

[http://bahamas-cruise.boom.ru/ | bahamas cruise] 

[http://mexico-cruise.boom.ru/ | mexico cruise] 

[http://cruise-review.boom.ru/ | cruise review] 

[http://cruise-special.boom.ru/ | cruise special] 

[http://disney-cruisel.boom.ru/ | disney cruise line] 

[http://norwegian-cruise.boom.ru/ | norwegian cruise] 

[http://lminute-cruise.boom.ru/ | last minute cruise] 

[http://italy-cruise.boom.ru/ | italy cruise] 

[http://p-cruise-line.boom.ru/ | princess cruise line] 

[http://hawaii-cruise.boom.ru/ | hawaii cruise] 

[http://mediterranean.boom.ru/ | mediterranean cruise] 

[http://carnival-cruisel.boom.ru/ | carnival cruise line] 

[http://luxury-cruise.boom.ru/ | luxury cruise] 

[http://cruise-deal.boom.ru/ | cruise deal] 

[http://cruise-line.boom.ru/ | cruise line] 

[http://n-cruise-line.boom.ru/ | norwegian cruise line] 

[http://carnival-cruise.boom.ru/ | carnival cruise] 

[http://caribbeancruise.boom.ru/ | caribbean cruise] 

[http://crystal-cruise.nm.ru/ | crystal cruise] 

[http://crystal--cruise.boom.ru/ | crystal cruise] 

[http://cruise.hotmail.ru/ | cruise] 

[http://cruise1.boom.ru/ | cruise] 

[http://cruise1.chat.ru/ | cruise]
+  * Logging
-Line 163:
+Line 155:
+    What kind of data should we log?  Could PTP be compelled to turn

    over log files by court order?  If so, does that change what we log?

    

PRIVATE NODE ISSUES
-Line 164:
+Line 160:
-Best links: '''cruise line'''
+  * What advice can PTP give private node owners about protecting

    themselves, in terms of network security, legal protection, etc.
-Line 166:
+Line 163:
+    Should PTP even give advice like this?  What happens if PTP gives

    bad advice?
-Line 167:
+Line 166:
+  * Is the PTP organization responsible/liable for any activity on

    private nodes?
-Line 168:
+Line 169:
-[http://cruiseline.boom.ru/ | cruise line]
+TECHNOLOGY
-Line 170:
+Line 171:
+  * How can PTP accommodate new technologies, while still protecting

    itself?  For example, how can we enable VoIP phones to work on the

    PTP network, while still keeping any necessary protection in place

    for the PTP organization?
-Line 171:
+Line 176:
-Best links: '''cruises'''







[http://crystal-cruise.boom.ru/ | crystal cruise] 

[http://cruise2crystal.chat.ru/ | crystal cruise] 

[http://honeymoon-crs.boom.ru/ | honeymoon cruise] 

[http://honeymoon1cruise.chat.ru/ | honeymoon cruise] 

[http://panama-cruise.boom.ru/ | panama canal cruise] 

[http://cruise2panama.chat.ru/ | panama cruises] 

[http://cruise2caribbean.chat.ru/ | caribbean cruise] 

[http://hawaiian-cruise.boom.ru/ | hawaiian cruise] 

[http://hawaiian1cruise.chat.ru/ | hawaii cruise] 

[http://celebrcruiseline.chat.ru/ | celebrity cruise line] 

[http://celebrcruiseline.boom.ru/ | celebrity cruise line] 

[http://celebrity-cruise-lin.hotmail.ru/ | celebrity cruise line] 

[http://cruise-line.hotmail.ru/ | cruise line] 

[http://cruise1line.chat.ru/ | cruise line] 

[http://hawaii-cruise.hotmail.ru/ | hawaii cruise] 

[http://hawaiicruise.boom.ru/ | hawaii cruise] 

[http://hawaiicruise.chat.ru/ | hawaii cruise] 

[http://radisson-cruise.hotmail.ru/ | radisson cruise] 

[http://radisson-cruise.boom.ru/ | radisson cruise] 

[http://radisson4cruise.chat.ru/ | radisson cruise] 

[http://norwegian-cruise-lin.hotmail.ru/ | norwegian cruise line] 

[http://norwegcruiselin.boom.ru/ | norwegian cruise line] 

[http://luxury-cruise.hotmail.ru/ | luxury cruise] 

[http://luxury2cruise.boom.ru/ | luxury cruise] 

[http://luxury2cruise.chat.ru/ | luxury cruise] 

[http://disney-cruise.hotmail.ru/ | disney cruise] 

[http://disney2cruise.chat.ru/ | disney cruise] 

[http://discount-cruises.hotmail.ru/ | discount cruises] 

[http://discount2cruises.chat.ru/ | discount cruises] 

[http://cruise2travel.chat.ru/ | cruise travel] 

[http://cruise-travel.hotmail.ru/ | cruise travel] 

[http://cruiseship.hotmail.ru/ | cruise ship] 

[http://cruise2ship.chat.ru/ | cruise ship] 

[http://cruisedeal.boom.ru/ | cruise deal] 

[http://cruise1deal.chat.ru/ | cruise deal] 

[http://cruise-deal.hotmail.ru/ | cruise deal] 

[http://caribbeancruise.hotmail.ru/ | caribbean cruise] 

[http://caribbean2cruise.boom.ru/ | caribbean cruise] 

[http://caribbean2cruise.chat.ru/ | caribbean cruise] 

[http://cruise-vacation.hotmail.ru/ | cruise vacation] 

[http://cruise4vacation.chat.ru/ | cruise vacation] 

[http://asia-cruise.hotmail.ru/ | asia cruise] 

[http://asia-cruise.boom.ru/ | asia cruise] 

[http://asiacruise.chat.ru/ | asia cruise] 

[http://princescruiselin.hotmail.ru/ | princess cruise line] 

[http://princescruiselin.boom.ru/ | princess cruise line] 

[http://princescruiselin.chat.ru/ | princess cruise line] 

[http://italy-cruise.hotmail.ru/ | italy cruise] 

[http://italy2cruise.boom.ru/ | italy cruise] 

[http://tom-cruise.boom.ru/ | tom cruise] 

[http://tom4cruise.chat.ru/ | tom cruise] 

[http://tom-cruise.hotmail.ru/ | tom cruise] 

[http://bermuda2cruise.boom.ru/ | bermuda cruise] 

[http://bermuda4cruise.chat.ru/ | bermuda cruise] 

[http://bermuda-cruise.hotmail.ru/ | bermuda cruise] 

[http://disneycruiseline.hotmail.ru/ | disney cruise line] 

[http://disneycruiseline.boom.ru/ | disney cruise line] 

[http://disneycruiseline.chat.ru/ | disney cruise line] 

[http://lastminutcruises.chat.ru/ | last minute cruises] 

[http://last-min-cruises.hotmail.ru/ | last minute cruises] 

[http://european-cruise.hotmail.ru/ | european cruise] 

[http://european-cruise.boom.ru/ | european cruise] 

[http://europeancruise.chat.ru/ | european cruise]
+    Technology questions should NOT be decided by the Policy Committee,

    of course.  But, we should recognize that all technology questions

    should also be considered in terms of their impact on PTP policies.