Re: Packetstream - how does this not violate just about every provider's ToS?

[Christian Kujau]

On Wed, 24 Apr 2019, Anne P. Mitchell, Esq. wrote:
> How can this not be a violation of the ToS of just about every major 
> provider? 

 https://packetstream.io/support#q33
 > Customers should ensure that their use case does not violate the ToS of 
 > the service they are using.

So, I guess it's up the the customer caring about that...

C.
-- 
BOFH excuse #107:

The keyboard isn't plugged in

Re: Packetstream - how does this not violate just about every provider's ToS?

[Mike Hammett]

Welcome to the Internet. 




- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

- Original Message -

From: "Rich Kulawiec"  
To: nanog@nanog.org 
Sent: Saturday, April 27, 2019 10:34:44 AM 
Subject: Re: Packetstream - how does this not violate just about every 
provider's ToS? 

On Fri, Apr 26, 2019 at 06:31:08PM -0700, William Herrin wrote: 
> On Fri, Apr 26, 2019 at 6:06 PM John Levine  wrote: 
> 
> > I assumed that something this sleazy would be offshore, but their 
> > terms of service say they're in Los Angeles. 
> > 
> 
> They tricked you. [snip] 

Also, unless I'm misreading their site, they expect users to download/run 
an application program of unknown provenance and function, from an operation 
that has gone to great lengths to conceal its location and principals. 
What could possibly go wrong? 

---rsk 

Re: Packetstream - how does this not violate just about every provider's ToS?

[Rich Kulawiec]

On Fri, Apr 26, 2019 at 06:31:08PM -0700, William Herrin wrote:
> On Fri, Apr 26, 2019 at 6:06 PM John Levine  wrote:
> 
> > I assumed that something this sleazy would be offshore, but their
> > terms of service say they're in Los Angeles.
> >
> 
> They tricked you. [snip]

Also, unless I'm misreading their site, they expect users to download/run
an application program of unknown provenance and function, from an operation
that has gone to great lengths to conceal its location and principals.
What could possibly go wrong?

---rsk

Re: My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

[TJ Trout]

Your sig is fine, anyone who says otherwise needs to obtain gainful
employment to occupy more free time

On Fri, Apr 26, 2019 at 8:36 PM James R Cutler 
wrote:

> --- amitch...@isipp.com wrote:
> From: "Anne P. Mitchell, Esq." 
>
> [This .sig space open to suggestions.]
>
> Just to continue this clearly trivial discussion:
>
> I enjoy your signature. It always leaves no question regarding the posting
> identity.
>
> James R. Cutler
> james.cut...@consultant.com
> GPG keys: hkps://hkps.pool.sks-keyservers.net
>
>
>
>

My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

[James R Cutler]

--- amitch...@isipp.com  wrote:
From: "Anne P. Mitchell, Esq." mailto:amitch...@isipp.com>>

[This .sig space open to suggestions.]

Just to continue this clearly trivial discussion:

I enjoy your signature. It always leaves no question regarding the posting 
identity.

James R. Cutler
james.cut...@consultant.com
GPG keys: hkps://hkps.pool.sks-keyservers.net

Re: Packetstream - how does this not violate just about every provider's ToS?

[Owen DeLong]

> On Apr 25, 2019, at 09:10 , Mark Seiden  wrote:
> 
> feeling cranky, are we, job?   (accusing an antispam expert of spamming on a 
> mailing list by having too long a .sig?)
> but it’s true!  anne runs the internet, and the rest of us (except for ICANN 
> GAC representatives) all accept that. 
> 
> to actually try to make a more substantial point, i am quite curious how the 
> AUPs of carriers try to disallow bandwidth resale while permitting
> cybercafe operations and other “free wifi" (where internet service might be 
> provided for patrons in a hotel or cafe)

Business internet contracts usually don’t prohibit resale, or, they place 
different limits on it. Residential contracts usually flat out prohibit it.
At least in theory, I would expect most cybercafe and other such operations to 
have a business class of service from the ISP.
> wireless access point schemes where you make money or get credit for allowing 
> use of your bandwidth (e.g. Fon)
For residential end users, it probably does violate the ToS, but it’s unlikely 
such violation would be easily detected or enforced.
> other proxy services that use bandwidth such as tor exit nodes and openvpn 
> gateways
Unless you’re doing something illegal or making money selling your bandwidth, 
most things like this probably aren’t technically violations of the ToS.
> i suppose they could just try to disallow resale or allow on-premises use 
> even if revenue is received.  the Fon business model seems pretty comparable 
> to me.

I agree — I’m pretty sure that both the Fon model and the packetstream model 
are probably ToS violations for most residential services.

Fon is unlikely to get noticed by most ISPs.

Packetstream seems a lot more risky, IMHO.

Owen

> On Apr 24, 2019, 10:51 PM -0700, Job Snijders , wrote:
>> Dear Anne,
>> 
>> On Wed, Apr 24, 2019 at 11:07:51PM -0600, Anne P. Mitchell, Esq. wrote:
>>> How can this not be a violation of the ToS of just about every major 
>>> provider?
>> 
>> Can you perhaps cite ToS excerpts from one or more major providers to
>> support your assertion?
>> 
>>> Anne P. Mitchell,
>>> Attorney at Law
>>> GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
>>> Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
>>> Legislative Consultant
>>> CEO/President, Institute for Social Internet Public Policy
>>> Board of Directors, Denver Internet Exchange
>>> Board of Directors, Asilomar Microcomputer Workshop
>>> Legal Counsel: The CyberGreen Institute
>>> Legal Counsel: The Earth Law Center
>>> California Bar Association
>>> Cal. Bar Cyberspace Law Committee
>>> Colorado Cyber Committee
>>> Ret. Professor of Law, Lincoln Law School of San Jose
>>> Ret. Chair, Asilomar Microcomputer Workshop
>> 
>> Are you listing all the above because you are presenting a formal
>> position supported by all these organisations about ToS? Can you for
>> instance clarify how signing of as a director for the Denver Internet
>> Exchange shapes the context of your ToS message?
>> 
>> Or, perhaps you are listing the above for some kind of self-marketing
>> purposes? If that is the case, please note that it is fairly uncommon to
>> use the NANOG mailing list to distribute resumes. I know numerous
>> websites dedicated to the dissemination of work histories, perhaps you
>> can use those instead of operational mailling list?
>> 
>> Regards,
>> 
>> Job
>> 
>> ps. RFC 3676 section 4.3

Re: Packetstream - how does this not violate just about every provider's ToS?

[William Herrin]

On Fri, Apr 26, 2019 at 6:06 PM John Levine  wrote:

> I assumed that something this sleazy would be offshore, but their
> terms of service say they're in Los Angeles.
>

They tricked you.

https://packetstream.io/legal/privacy

PacketStream
8605 Santa Monica Blvd
Los Angeles, CA, 90069
supp...@packetstream.io

https://www.earthclassmail.com/addresses/ca/west-hollywood

"Get a real West Hollywood address at 8605 Santa Monica Blvd, West
Hollywood, CA 90069-4109, US for your business, then get your mail online -
as easy as..."

Regards,
Bill Herrin

-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Dirtside Systems . Web: 

Re: Packetstream - how does this not violate just about every provider's ToS?

[John Levine]

In article <003d01d4fc27$ba0bb300$2e231900$@netconsultings.com> you write:
>But isn't there a law in US that protects oblivious or outright simple-mined
>population from falling for these type of "easy money" schemes by
>prohibiting these types of business? 

If it became popular enough to be annoying I expect that the large
cable or phone providers could claim tortious interference by inducing
their customers to violate their contracts.

I assumed that something this sleazy would be offshore, but their
terms of service say they're in Los Angeles.

Re: Packetstream - how does this not violate just about every provider's ToS?

[John Levine]

In article <44a32613-a255-44eb-a094-cee68b6d088a@Spark> you write:
>-=-=-=-=-=-
>
>particularly "interesting" when someone downloads CP (or, as it now seems to 
>be called, CSAM) using their
>ipaddr and causes them to become a Person of Interest.

I was thinking the same thing, that'll do it.  Or maybe videos showing
how to behead members of religious or cultural groups against whom
someone holds a grudge.

Re: My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

[Scott Weeks]

--- amitch...@isipp.com wrote:
From: "Anne P. Mitchell, Esq." 

[This .sig space open to suggestions.]
---


I don't really care about your .sig, but in general...

%s/\[This .sig space open to suggestions.\]//g

scott

Re: My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

[Tom Beecher]

I respect the viewpoints of those who made comments about your sig, but I
do not agree.

There are many things to be annoyed about. I don’t think your email
signature is one of them.

On Fri, Apr 26, 2019 at 17:16 Ross Tajvar  wrote:

> I want to clarify that while I didn't say anything (since it wasn't
> on-topic in the other thread), I also found the long signature annoying. I
> did not read it beyond the first 1-2 lines. I expect many more than the few
> people who spoke up share this opinion.
>
> While I don't feel it's appropriate for people to complain about something
> so trivial as an email signature in a pseudo-professional
> setting, apparently we're doing it today.
>
> I don't like email signatures in general, but since you asked for
> suggestions, I suggest using your name and one title that seems most
> relevant/important.
>
> On another note: I don't think you need credentials to be taken seriously
> here as long as you present a respectful and coherent argument. I would not
> have questioned your background if you had posted this without credentials,
> or if anyone else had posted it. I don't recognize the names of most of the
> "top talkers" or know their credentials, other than my assumption that they
> are network operators of some sort.
>
> I'm sorry that you've had negative experiences re: your background.
> Ultimately, it is up to each individual whether they choose to respect
> others and for what reasons. There is little we can do to influence that.
>
> On Fri, Apr 26, 2019 at 5:01 PM Anne P. Mitchell, Esq. <
> amitch...@isipp.com> wrote:
>
>> Oops..sorry to follow up on myself (and before anybody says anything
>> about this, sorry/not sorry for top-posting - it's on myself after
>> all)..but I'd meant to include this:
>>
>>
>> Case in point:  This very (original) thread, about Packetstream - if I
>> had just posted the original thread, about how it's inducing users to
>> violate their providers' ToS, how that's a breach of contract, etc... how
>> many here would have a) not given a second thought, writing it off as the
>> rantings of at best someone who doesn't know anything, and at worst a
>> troll, or b) would have challenged me to explain my credentials - which
>> would have take up far more space than my .sig :-(
>>
>> Anne
>>
>> > On Apr 26, 2019, at 2:55 PM, Anne P. Mitchell, Esq. <
>> amitch...@isipp.com> wrote:
>> >
>> > Apparently, after many, many years of using essentially the same .sig
>> here, it is now an issue of contention.  (Well, 3 people probably does not
>> contention make, but still...).
>> >
>> > However, as one person decided I was trying to market myself, let me
>> address why I have all of that info in there:
>> >
>> > Primarily I leave in all of my background because people (at least
>> those here in the states) tend to a) assume that attorneys are all just
>> "corporate suits" with no understanding of or experience with deep Internet
>> issues, and b) attorneys are generally disliked. ;-)  Over the years I've
>> found that it's best to include my chops right up front, so folks can be
>> reassured that I'm not only on the right (white hat) side of things, but
>> that I actually do know what I'm talking about.
>> >
>> > I can tell you absolutely that the pushback I get from people in our
>> industries who *don't* know my background, when I provide information based
>> on that background and my expertise, is far greater, and bordering at times
>> on abusive (come to think of it, not unlike some of the pushback I got when
>> I first arrived at MAPS, from a certain volunteer  ;-)).
>> >
>> > I'm open to suggestions (other than the suggestion to sod off).
>> >
>> > Anne
>> >
>> > [This .sig space open to suggestions.]
>> >
>>
>>

Re: My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

[Ross Tajvar]

I want to clarify that while I didn't say anything (since it wasn't
on-topic in the other thread), I also found the long signature annoying. I
did not read it beyond the first 1-2 lines. I expect many more than the few
people who spoke up share this opinion.

While I don't feel it's appropriate for people to complain about something
so trivial as an email signature in a pseudo-professional
setting, apparently we're doing it today.

I don't like email signatures in general, but since you asked for
suggestions, I suggest using your name and one title that seems most
relevant/important.

On another note: I don't think you need credentials to be taken seriously
here as long as you present a respectful and coherent argument. I would not
have questioned your background if you had posted this without credentials,
or if anyone else had posted it. I don't recognize the names of most of the
"top talkers" or know their credentials, other than my assumption that they
are network operators of some sort.

I'm sorry that you've had negative experiences re: your background.
Ultimately, it is up to each individual whether they choose to respect
others and for what reasons. There is little we can do to influence that.

On Fri, Apr 26, 2019 at 5:01 PM Anne P. Mitchell, Esq. 
wrote:

> Oops..sorry to follow up on myself (and before anybody says anything about
> this, sorry/not sorry for top-posting - it's on myself after all)..but I'd
> meant to include this:
>
>
> Case in point:  This very (original) thread, about Packetstream - if I had
> just posted the original thread, about how it's inducing users to violate
> their providers' ToS, how that's a breach of contract, etc... how many here
> would have a) not given a second thought, writing it off as the rantings of
> at best someone who doesn't know anything, and at worst a troll, or b)
> would have challenged me to explain my credentials - which would have take
> up far more space than my .sig :-(
>
> Anne
>
> > On Apr 26, 2019, at 2:55 PM, Anne P. Mitchell, Esq. 
> wrote:
> >
> > Apparently, after many, many years of using essentially the same .sig
> here, it is now an issue of contention.  (Well, 3 people probably does not
> contention make, but still...).
> >
> > However, as one person decided I was trying to market myself, let me
> address why I have all of that info in there:
> >
> > Primarily I leave in all of my background because people (at least those
> here in the states) tend to a) assume that attorneys are all just
> "corporate suits" with no understanding of or experience with deep Internet
> issues, and b) attorneys are generally disliked. ;-)  Over the years I've
> found that it's best to include my chops right up front, so folks can be
> reassured that I'm not only on the right (white hat) side of things, but
> that I actually do know what I'm talking about.
> >
> > I can tell you absolutely that the pushback I get from people in our
> industries who *don't* know my background, when I provide information based
> on that background and my expertise, is far greater, and bordering at times
> on abusive (come to think of it, not unlike some of the pushback I got when
> I first arrived at MAPS, from a certain volunteer  ;-)).
> >
> > I'm open to suggestions (other than the suggestion to sod off).
> >
> > Anne
> >
> > [This .sig space open to suggestions.]
> >
>
>

Re: My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

[Anne P. Mitchell, Esq.]

Oops..sorry to follow up on myself (and before anybody says anything about 
this, sorry/not sorry for top-posting - it's on myself after all)..but I'd 
meant to include this:


Case in point:  This very (original) thread, about Packetstream - if I had just 
posted the original thread, about how it's inducing users to violate their 
providers' ToS, how that's a breach of contract, etc... how many here would 
have a) not given a second thought, writing it off as the rantings of at best 
someone who doesn't know anything, and at worst a troll, or b) would have 
challenged me to explain my credentials - which would have take up far more 
space than my .sig :-(

Anne

> On Apr 26, 2019, at 2:55 PM, Anne P. Mitchell, Esq.  
> wrote:
> 
> Apparently, after many, many years of using essentially the same .sig here, 
> it is now an issue of contention.  (Well, 3 people probably does not 
> contention make, but still...).
> 
> However, as one person decided I was trying to market myself, let me address 
> why I have all of that info in there:
> 
> Primarily I leave in all of my background because people (at least those here 
> in the states) tend to a) assume that attorneys are all just "corporate 
> suits" with no understanding of or experience with deep Internet issues, and 
> b) attorneys are generally disliked. ;-)  Over the years I've found that it's 
> best to include my chops right up front, so folks can be reassured that I'm 
> not only on the right (white hat) side of things, but that I actually do know 
> what I'm talking about.
> 
> I can tell you absolutely that the pushback I get from people in our 
> industries who *don't* know my background, when I provide information based 
> on that background and my expertise, is far greater, and bordering at times 
> on abusive (come to think of it, not unlike some of the pushback I got when I 
> first arrived at MAPS, from a certain volunteer  ;-)).
> 
> I'm open to suggestions (other than the suggestion to sod off).
> 
> Anne
> 
> [This .sig space open to suggestions.]
> 

My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

[Anne P. Mitchell, Esq.]

Apparently, after many, many years of using essentially the same .sig here, it 
is now an issue of contention.  (Well, 3 people probably does not contention 
make, but still...).

However, as one person decided I was trying to market myself, let me address 
why I have all of that info in there:

Primarily I leave in all of my background because people (at least those here 
in the states) tend to a) assume that attorneys are all just "corporate suits" 
with no understanding of or experience with deep Internet issues, and b) 
attorneys are generally disliked. ;-)  Over the years I've found that it's best 
to include my chops right up front, so folks can be reassured that I'm not only 
on the right (white hat) side of things, but that I actually do know what I'm 
talking about.

I can tell you absolutely that the pushback I get from people in our industries 
who *don't* know my background, when I provide information based on that 
background and my expertise, is far greater, and bordering at times on abusive 
(come to think of it, not unlike some of the pushback I got when I first 
arrived at MAPS, from a certain volunteer  ;-)).

I'm open to suggestions (other than the suggestion to sod off).

Anne

[This .sig space open to suggestions.]

Re: Packetstream - how does this not violate just about every provider's ToS?

[William Herrin]

On Thu, Apr 25, 2019 at 1:06 PM Anne P. Mitchell, Esq. 
wrote:
> > On Apr 25, 2019, at 1:41 PM, Tom Beecher  wrote:
> >
> > It seems like just another example of liability shifting/shielding.
I'll defer to Actual Lawyers obviously, but the way I see it, Packetstream
doesn't have any contractual or business relationship with my ISP.  I do.
If I sell them my bandwidth, and my ISP decides to take action, they come
after me, not Packetstream. I can plead all I want about how I was just
running "someone else's software" , but that isn't gonna hold up, since I
am responsible for what is running on my home network, knowingly or
unknowingly.
>
> And *that* is *exactly* my concern.  Because those users...('you' in this
example)...they have *no idea* it is causing them to violate their ToS/AUP
with their provider.

If you put your apartment on airbnb without knowing whether subletting is
against the terms of your lease... well, there's just no cure for stupid.


> Anne P. Mitchell,
> Attorney at Law
> GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
> Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
> Legislative Consultant
> CEO/President, Institute for Social Internet Public Policy
> Board of Directors, Denver Internet Exchange
> Board of Directors, Asilomar Microcomputer Workshop
> Legal Counsel: The CyberGreen Institute
> Former Counsel: Mail Abuse Prevention System (MAPS)
> California Bar Association
> Cal. Bar Cyberspace Law Committee
> Colorado Cyber Committee
> Ret. Professor of Law, Lincoln Law School of San Jose
> Ret. Chair, Asilomar Microcomputer Workshop

That is an obnoxious signature block. Just sayin'.

Regards,
Bill Herrin

-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Dirtside Systems . Web: 

Re: Packetstream - how does this not violate just about every provider's ToS?

[Anne P. Mitchell, Esq.]

> On Apr 26, 2019, at 11:57 AM, Mel Beckman  wrote:
> 
> Anne,
> 
> As a lawyer, I’m sure you realize those overly broad policies are 
> unenforceable on their face. Phrases such as “resell...directly or 
> indirectly” could just as easily be interpreted to mean you can’t perform 
> paid consulting work by email over a residential link — something patently 
> ridiculous. 
> 
> Can you cite any case law where these restrictions have been enforced? I 
> believe if a case every cane to court, the defense would have an excellent 
> argument that the plain meaning of these restrictions is to prevent others 
> from buying direct Internet access from another communications channel (e.g., 
> WiFi) from the residence, not passing data through the residence. 

Mel, we will have to agree to disagree.  I know that if I were representing any 
of these providers, I know what arguments I'd make, and we would almost 
certainly win.

Courts don't look kindly on breach of contract (nor on inducing breach of 
contract, as Packetstream is), and the ToSs very clearly state you cannot 
*resell* your residential bandwidth, which is precisely what is going on here 
(there is no legal theory of which I am aware under which that could be 
interpreted to mean "can’t perform paid consulting work by email over a 
residential link", novel though your theory is.  Performing paid consulting 
work is *not* 'reselling bandwidth").

Anne

Attorney at Law
GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Legislative Consultant
CEO/President, Institute for Social Internet Public Policy
Board of Directors, Denver Internet Exchange
Board of Directors, Asilomar Microcomputer Workshop
Legal Counsel: The CyberGreen Institute
Former Counsel: Mail Abuse Prevention System (MAPS
California Bar Association
Cal. Bar Cyberspace Law Committee
Colorado Cyber Committee
Ret. Professor of Law, Lincoln Law School of San Jose

Re: Packetstream - how does this not violate just about every provider's ToS?

[Mel Beckman]

Anne,

As a lawyer, I’m sure you realize those overly broad policies are unenforceable 
on their face. Phrases such as “resell...directly or indirectly” could just as 
easily be interpreted to mean you can’t perform paid consulting work by email 
over a residential link — something patently ridiculous. 

Can you cite any case law where these restrictions have been enforced? I 
believe if a case every cane to court, the defense would have an excellent 
argument that the plain meaning of these restrictions is to prevent others from 
buying direct Internet access from another communications channel (e.g., WiFi) 
from the residence, not passing data through the residence. 

-mel via cell

> On Apr 26, 2019, at 8:48 AM, Anne P. Mitchell, Esq.  
> wrote:
> 
> 
> 
>> On Apr 26, 2019, at 9:24 AM, Mel Beckman  wrote:
>> 
>> With all due respect, you haven’t yet cited an example of an ISP TOS at 
>> “every provider” that this new company’s product violates. I’m not asking 
>> you to critique TORs, I’m asking that you tell us the TOS restriction that 
>> you believe is so obvious to everyone? Because it’s not obvious to me, and I 
>> own an ISP. 
> 
> A few examples:
> 
> Comcast:
> 
> You are prohibited from reselling or permitting another to resell the 
> Service(s) in whole or in part, or using or permitting another to use the 
> Xfinity Equipment or the Service(s), directly or indirectly, for any unlawful 
> purpose, including, but not limited to, in violation of any policy we post 
> applicable to the Service(s).
> 
> https://www.xfinity.com/Corporate/Customers/Policies/SubscriberAgreement
> 
> ---
> 
> CenturyLink:
> 
> Also, you agree not to use the Service for high volume or excessive use, in a 
> business or for any commercial purpose if your Service is a residential 
> service, or in a way that impacts CenturyLink network resources or 
> CenturyLink’s ability to provide services. You agree not to: (i) offer public 
> information services (unlimited usage or otherwise), or (ii) permit more than 
> one high-speed Internet log-on session to be active at one time, except if 
> using a roaming account when traveling, in which case 2 sessions may be 
> active. A log-on session represents an active connection to your Internet 
> access provider. The active session may be shared to connect multiple 
> computers/devices within a single home or office location or within a single 
> unit within a multiple dwelling unit (e.g., single apartment or office within 
> an apartment complex) to your modem and/or router to access the Service 
> (including the establishment of a wireless fidelity (“WiFi”) hotspot), but 
> the Service may only be used at the single home or office location or single 
> unit within a multiple dwelling unit for which Service is provisioned by 
> CenturyLink.
> 
> http://www.centurylink.com/legal/en/highspeedinternetsubscriberagreement_LQ.html
> 
> ---
> 
> Google:
> 
> you agree not to use or allow third parties to use the Services provided to 
> you for any of the following purposes:
> 
> ...
> 
>• To make the Services available to anyone outside the property to which 
> the Services are delivered, to resell the Services directly or indirectly, 
> except as explicitly approved by Google Fiber in writing, or to create 
> substitute or related services through the use of or access to the Services 
> (for example, to provide Wi-Fi services to third parties outside of your 
> residence).
> 
> https://fiber.google.com/legal/accepteduse/residential/
> 
> ---
> 
> Anne
> 
> Attorney at Law
> GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
> Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
> Legislative Consultant
> CEO/President, Institute for Social Internet Public Policy
> Board of Directors, Denver Internet Exchange
> Board of Directors, Asilomar Microcomputer Workshop
> Legal Counsel: The CyberGreen Institute
> Former Counsel: Mail Abuse Prevention System (MAPS
> California Bar Association
> Cal. Bar Cyberspace Law Committee
> Colorado Cyber Committee
> Ret. Professor of Law, Lincoln Law School of San Jose
> 
> 
> 
> 

Re: Packetstream - how does this not violate just about every provider's ToS?

[Alan Buxey]

hi,

> Just ran into packetstream.io:


Had a quick look but doesn't seem to mention Blockchain at all -
therefore it can't be that good! ;-)

alan

Re: Packetstream - how does this not violate just about every provider's ToS?

[Anne P. Mitchell, Esq.]

> On Apr 26, 2019, at 9:24 AM, Mel Beckman  wrote:
> 
> With all due respect, you haven’t yet cited an example of an ISP TOS at 
> “every provider” that this new company’s product violates. I’m not asking you 
> to critique TORs, I’m asking that you tell us the TOS restriction that you 
> believe is so obvious to everyone? Because it’s not obvious to me, and I own 
> an ISP. 

A few examples:

Comcast:

You are prohibited from reselling or permitting another to resell the 
Service(s) in whole or in part, or using or permitting another to use the 
Xfinity Equipment or the Service(s), directly or indirectly, for any unlawful 
purpose, including, but not limited to, in violation of any policy we post 
applicable to the Service(s).

https://www.xfinity.com/Corporate/Customers/Policies/SubscriberAgreement

---

CenturyLink:

Also, you agree not to use the Service for high volume or excessive use, in a 
business or for any commercial purpose if your Service is a residential 
service, or in a way that impacts CenturyLink network resources or 
CenturyLink’s ability to provide services. You agree not to: (i) offer public 
information services (unlimited usage or otherwise), or (ii) permit more than 
one high-speed Internet log-on session to be active at one time, except if 
using a roaming account when traveling, in which case 2 sessions may be active. 
A log-on session represents an active connection to your Internet access 
provider. The active session may be shared to connect multiple 
computers/devices within a single home or office location or within a single 
unit within a multiple dwelling unit (e.g., single apartment or office within 
an apartment complex) to your modem and/or router to access the Service 
(including the establishment of a wireless fidelity (“WiFi”) hotspot), but the 
Service may only be used at the single home or office location or single unit 
within a multiple dwelling unit for which Service is provisioned by CenturyLink.

http://www.centurylink.com/legal/en/highspeedinternetsubscriberagreement_LQ.html

---

Google:

you agree not to use or allow third parties to use the Services provided to you 
for any of the following purposes:

...

• To make the Services available to anyone outside the property to 
which the Services are delivered, to resell the Services directly or 
indirectly, except as explicitly approved by Google Fiber in writing, or to 
create substitute or related services through the use of or access to the 
Services (for example, to provide Wi-Fi services to third parties outside of 
your residence).

https://fiber.google.com/legal/accepteduse/residential/

---

Anne

Attorney at Law
GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Legislative Consultant
CEO/President, Institute for Social Internet Public Policy
Board of Directors, Denver Internet Exchange
Board of Directors, Asilomar Microcomputer Workshop
Legal Counsel: The CyberGreen Institute
Former Counsel: Mail Abuse Prevention System (MAPS
California Bar Association
Cal. Bar Cyberspace Law Committee
Colorado Cyber Committee
Ret. Professor of Law, Lincoln Law School of San Jose

Re: Packetstream - how does this not violate just about every provider's ToS?

[Mel Beckman]

Anne,

With all due respect, you haven’t yet cited an example of an ISP TOS at “every 
provider” that this new company’s product violates. I’m not asking you to 
critique TORs, I’m asking that you tell us the TOS restriction that you believe 
is so obvious to everyone? Because it’s not obvious to me, and I own an ISP. 

-mel via cell

> On Apr 26, 2019, at 7:41 AM, Anne P. Mitchell, Esq.  
> wrote:
> 
> 
> 
>> On Apr 26, 2019, at 6:10 AM, Matthew Kaufman  wrote:
>> 
>> So providers should stamp this out (because it is “bad”) and support 
>> customers who are running TOR nodes (because those are “good”). Did I get 
>> that right?
> 
> If that is how you see it, then it's right for you.  At no time did I mention 
> TOR, nor will I get dragged into that discussion.
> 
> Anne
> 
> Attorney at Law
> GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
> Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
> Legislative Consultant
> CEO/President, Institute for Social Internet Public Policy
> Board of Directors, Denver Internet Exchange
> Board of Directors, Asilomar Microcomputer Workshop
> Legal Counsel: The CyberGreen Institute
> Former Counsel: Mail Abuse Prevention System (MAPS
> California Bar Association
> Cal. Bar Cyberspace Law Committee
> Colorado Cyber Committee
> Ret. Professor of Law, Lincoln Law School of San Jose
> 
> 

Re: Packetstream - how does this not violate just about every provider's ToS?

[Anne P. Mitchell, Esq.]

> On Apr 26, 2019, at 6:10 AM, Matthew Kaufman  wrote:
> 
> So providers should stamp this out (because it is “bad”) and support 
> customers who are running TOR nodes (because those are “good”). Did I get 
> that right?

If that is how you see it, then it's right for you.  At no time did I mention 
TOR, nor will I get dragged into that discussion.

Anne

Attorney at Law
GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Legislative Consultant
CEO/President, Institute for Social Internet Public Policy
Board of Directors, Denver Internet Exchange
Board of Directors, Asilomar Microcomputer Workshop
Legal Counsel: The CyberGreen Institute
Former Counsel: Mail Abuse Prevention System (MAPS
California Bar Association
Cal. Bar Cyberspace Law Committee
Colorado Cyber Committee
Ret. Professor of Law, Lincoln Law School of San Jose

Re: Packetstream - how does this not violate just about every provider's ToS?

[Mike Hammett]

Great... someone brought up Net Neutrality. I guess it's time to unsubscribe 
from the list for a few days until the shit show disappears. 




- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

- Original Message -

From: "Tom Beecher"  
To: "Matthew Kaufman"  
Cc: "J. Hellenthal via NANOG"  
Sent: Friday, April 26, 2019 8:44:29 AM 
Subject: Re: Packetstream - how does this not violate just about every 
provider's ToS? 


And that is the conundrum here I think. It's very difficult (for me) to 
reconcile "NET NEUTRALITY!! PROVIDERS SHOULD BE DUMB PIPES!" with "Hey 
providers, this company is trying to do something sketchy, you should take 
action to stop it from working." 


Reselling bandwidth/access to your residential internet connection isn't (to my 
knowledge) breaking any criminal LAWS. It's only violating the ToS between you 
and your provider, to which they have a remedy of canceling your account if 
they decide to. (Maybe there's civil action there? I dunno.) So for anything 
not violating laws I'm not sure I want ISPs interfering with traffic at all. 


On the flip side, maybe ISPs can be pragmatic about this, and send warnings to 
people who may start using this..."service". Give them a heads up that they 
appear to be doing something that is in violation of the ToS, and if they 
continue, their account might be canceled. Be a nicer method than just 0 to 
canceled in one go. 


On Fri, Apr 26, 2019 at 8:12 AM Matthew Kaufman < matt...@matthew.at > wrote: 








On Thu, Apr 25, 2019 at 1:09 PM Anne P. Mitchell, Esq. < amitch...@isipp.com > 
wrote: 




> On Apr 25, 2019, at 1:41 PM, Tom Beecher  wrote: 
> 
> It seems like just another example of liability shifting/shielding. I'll 
> defer to Actual Lawyers obviously, but the way I see it, Packetstream doesn't 
> have any contractual or business relationship with my ISP. I do. If I sell 
> them my bandwidth, and my ISP decides to take action, they come after me, not 
> Packetstream. I can plead all I want about how I was just running "someone 
> else's software" , but that isn't gonna hold up, since I am responsible for 
> what is running on my home network, knowingly or unknowingly. 

And *that* is *exactly* my concern. Because those users...('you' in this 
example)...they have *no idea* it is causing them to violate their ToS/AUP with 
their provider. 

And this in part, is my reason for bringing it up here in NANOG - because (at 
least some of) those big providers are here. And those big providers are in the 
best position to stamp this out (if they think that it needs stamping out). 








So providers should stamp this out (because it is “bad”) and support customers 
who are running TOR nodes (because those are “good”). Did I get that right? 


Matthew Kaufman 

Re: Packetstream - how does this not violate just about every provider's ToS?

[Tom Beecher]

And that is the conundrum here I think. It's very difficult (for me) to
reconcile "NET NEUTRALITY!! PROVIDERS SHOULD BE DUMB PIPES!" with "Hey
providers, this company is trying to do something sketchy, you should take
action to stop it from working."

Reselling bandwidth/access to your residential internet connection isn't
(to my knowledge) breaking any criminal LAWS. It's only violating the ToS
between you and your provider, to which they have a remedy of canceling
your account if they decide to. (Maybe there's civil action there? I
dunno.) So for anything not violating laws I'm not sure I want ISPs
interfering with traffic at all.

On the flip side, maybe ISPs can be pragmatic about this, and send warnings
to people who may start using this..."service". Give them a heads up that
they appear to be doing something that is in violation of the ToS, and if
they continue, their account might be canceled. Be a nicer method than just
0 to canceled in one go.

On Fri, Apr 26, 2019 at 8:12 AM Matthew Kaufman  wrote:

>
>
> On Thu, Apr 25, 2019 at 1:09 PM Anne P. Mitchell, Esq. <
> amitch...@isipp.com> wrote:
>
>>
>>
>> > On Apr 25, 2019, at 1:41 PM, Tom Beecher  wrote:
>> >
>> > It seems like just another example of liability shifting/shielding.
>> I'll defer to Actual Lawyers obviously, but the way I see it, Packetstream
>> doesn't have any contractual or business relationship with my ISP.  I do.
>> If I sell them my bandwidth, and my ISP decides to take action, they come
>> after me, not Packetstream. I can plead all I want about how I was just
>> running "someone else's software" , but that isn't gonna hold up, since I
>> am responsible for what is running on my home network, knowingly or
>> unknowingly.
>>
>> And *that* is *exactly* my concern.  Because those users...('you' in this
>> example)...they have *no idea* it is causing them to violate their ToS/AUP
>> with their provider.
>>
>> And this in part, is my reason for bringing it up here in NANOG - because
>> (at least some of) those big providers are here.  And those big providers
>> are in the best position to stamp this out (if they think that it needs
>> stamping out).
>
>
> So providers should stamp this out (because it is “bad”) and support
> customers who are running TOR nodes (because those are “good”). Did I get
> that right?
>
> Matthew Kaufman
>
>>
>>

Re: Packetstream - how does this not violate just about every provider's ToS?

[Matthew Kaufman]

On Thu, Apr 25, 2019 at 1:09 PM Anne P. Mitchell, Esq. 
wrote:

>
>
> > On Apr 25, 2019, at 1:41 PM, Tom Beecher  wrote:
> >
> > It seems like just another example of liability shifting/shielding. I'll
> defer to Actual Lawyers obviously, but the way I see it, Packetstream
> doesn't have any contractual or business relationship with my ISP.  I do.
> If I sell them my bandwidth, and my ISP decides to take action, they come
> after me, not Packetstream. I can plead all I want about how I was just
> running "someone else's software" , but that isn't gonna hold up, since I
> am responsible for what is running on my home network, knowingly or
> unknowingly.
>
> And *that* is *exactly* my concern.  Because those users...('you' in this
> example)...they have *no idea* it is causing them to violate their ToS/AUP
> with their provider.
>
> And this in part, is my reason for bringing it up here in NANOG - because
> (at least some of) those big providers are here.  And those big providers
> are in the best position to stamp this out (if they think that it needs
> stamping out).


So providers should stamp this out (because it is “bad”) and support
customers who are running TOR nodes (because those are “good”). Did I get
that right?

Matthew Kaufman

>
>

RE: Packetstream - how does this not violate just about every provider's ToS?

[adamv0025]

> Anne P. Mitchell, Esq.
> Sent: Thursday, April 25, 2019 9:06 PM
> 
> 
> > On Apr 25, 2019, at 1:41 PM, Tom Beecher  wrote:
> >
> > It seems like just another example of liability shifting/shielding. I'll
defer to
> Actual Lawyers obviously, but the way I see it, Packetstream doesn't have
> any contractual or business relationship with my ISP.  I do. If I sell
them my
> bandwidth, and my ISP decides to take action, they come after me, not
> Packetstream. I can plead all I want about how I was just running "someone
> else's software" , but that isn't gonna hold up, since I am responsible
for
> what is running on my home network, knowingly or unknowingly.
> 
> And *that* is *exactly* my concern.  Because those users...('you' in this
> example)...they have *no idea* it is causing them to violate their ToS/AUP
> with their provider.
> 
But isn't there a law in US that protects oblivious or outright simple-mined
population from falling for these type of "easy money" schemes by
prohibiting these types of business? 
I believe there's something like that in EU (rendering pyramid schemes or
lending money with extreme interests illegal for example).
Although I appreciate that in this particular case the exact formulation
would be rather cumbersome to define. 

adam

Re: Packetstream - how does this not violate just about every provider's ToS?

[Mark Seiden]

particularly "interesting" when someone downloads CP (or, as it now seems to be 
called, CSAM) using their ipaddr and causes them to become a Person of Interest.

On Apr 25, 2019, 12:43 PM -0700, Tom Beecher , wrote:
> It seems like just another example of liability shifting/shielding. I'll 
> defer to Actual Lawyers obviously, but the way I see it, Packetstream doesn't 
> have any contractual or business relationship with my ISP.  I do. If I sell 
> them my bandwidth, and my ISP decides to take action, they come after me, not 
> Packetstream. I can plead all I want about how I was just running "someone 
> else's software" , but that isn't gonna hold up, since I am responsible for 
> what is running on my home network, knowingly or unknowingly.
>
> These guys likely just wrote a custom TOR client and a billing backend, and 
> are banking on the fact that most people running as the exit aren't going to 
> get caught by their provider. Ingenious, although shady.  I do like they have 
> the classic pyramid scheme going for "income off referrals", just so make 
> sure you KNOW they're shady if you might have suspected otherwise. :)
>
> > On Thu, Apr 25, 2019 at 3:28 PM K. Scott Helms  
> > wrote:
> > > After all, it worked for Napster
> > >
> > >
> > > Scott Helms
> > >
> > >
> > >
> > > > On Thu, Apr 25, 2019 at 3:23 PM John Levine  wrote:
> > > > > In article  you write:
> > > > > >-=-=-=-=-=-
> > > > > >
> > > > > >feeling cranky, are we, job?   (accusing an antispam expert of 
> > > > > >spamming on a mailing list by having too long a .sig?)
> > > > > >but it’s true!  anne runs the internet, and the rest of us (except 
> > > > > >for ICANN GAC representatives) all accept that.
> > > > > >
> > > > > >to actually try to make a more substantial point, i am quite curious 
> > > > > >how the AUPs of carriers try to disallow
> > > > > >bandwidth resale while permitting
> > > > > >
> > > > > >• cybercafe operations and other “free wifi" (where internet service 
> > > > > >might be provided for patrons in a
> > > > > >hotel or cafe)
> > > > > >• wireless access point schemes where you make money or get credit 
> > > > > >for allowing use of your bandwidth (e.g. Fon)
> > > > > >• other proxy services that use bandwidth such as tor exit nodes and 
> > > > > >openvpn gateways
> > > > >
> > > > > To belabor the fairly obvious, residential and business service are
> > > > > different even if the technology is the same.  For example, Comcast's
> > > > > residential TOS says:
> > > > >
> > > > >   You agree that the Service(s) and the Xfinity Equipment will be used
> > > > >   only for personal, residential, non-commercial purposes, unless
> > > > >   otherwise specifically authorized by us in writing. You are 
> > > > > prohibited
> > > > >   from reselling or permitting another to resell the Service(s) in 
> > > > > whole
> > > > >   or in part, ... [ long list of other forbidden things ]
> > > > >
> > > > > Their business TOS is different.  It says no third party use unless
> > > > > your agreement permits it, so I presume they have a coffee shop plan.
> > > > > (The agreements don't seem to be on their web site.)  I'd also observe
> > > > > that coffee shop wifi isn't "resale" since it's free, it's an amenity.
> > > > >
> > > > > As to how do these guys think they'll get away with it, my guess is
> > > > > that they heard that "disruption" means ignoring laws and contracts
> > > > > and someone told them that is a good thing.
> > > > >
> > > > > R's,
> > > > > John

Re: Packetstream - how does this not violate just about every provider's ToS?

[Anne P. Mitchell, Esq.]

> On Apr 25, 2019, at 1:41 PM, Tom Beecher  wrote:
> 
> It seems like just another example of liability shifting/shielding. I'll 
> defer to Actual Lawyers obviously, but the way I see it, Packetstream doesn't 
> have any contractual or business relationship with my ISP.  I do. If I sell 
> them my bandwidth, and my ISP decides to take action, they come after me, not 
> Packetstream. I can plead all I want about how I was just running "someone 
> else's software" , but that isn't gonna hold up, since I am responsible for 
> what is running on my home network, knowingly or unknowingly. 

And *that* is *exactly* my concern.  Because those users...('you' in this 
example)...they have *no idea* it is causing them to violate their ToS/AUP with 
their provider.

And this in part, is my reason for bringing it up here in NANOG - because (at 
least some of) those big providers are here.  And those big providers are in 
the best position to stamp this out (if they think that it needs stamping out).

And:

> On Apr 25, 2019, at 1:21 PM, John Levine  wrote:
> 

> As to how do these guys think they'll get away with it, my guess is
> that they heard that "disruption" means ignoring laws and contracts
> and someone told them that is a good thing.

I would have appreciated a C warning on that. :-)

Anne

Anne P. Mitchell, 
Attorney at Law
GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Legislative Consultant
CEO/President, Institute for Social Internet Public Policy
Board of Directors, Denver Internet Exchange
Board of Directors, Asilomar Microcomputer Workshop
Legal Counsel: The CyberGreen Institute
Former Counsel: Mail Abuse Prevention System (MAPS)
California Bar Association
Cal. Bar Cyberspace Law Committee
Colorado Cyber Committee
Ret. Professor of Law, Lincoln Law School of San Jose
Ret. Chair, Asilomar Microcomputer Workshop

Re: Packetstream - how does this not violate just about every provider's ToS?

[Tom Beecher]

It seems like just another example of liability shifting/shielding. I'll
defer to Actual Lawyers obviously, but the way I see it, Packetstream
doesn't have any contractual or business relationship with my ISP.  I do.
If I sell them my bandwidth, and my ISP decides to take action, they come
after me, not Packetstream. I can plead all I want about how I was just
running "someone else's software" , but that isn't gonna hold up, since I
am responsible for what is running on my home network, knowingly or
unknowingly.

These guys likely just wrote a custom TOR client and a billing backend, and
are banking on the fact that most people running as the exit aren't going
to get caught by their provider. Ingenious, although shady.  I do like they
have the classic pyramid scheme going for "income off referrals", just so
make sure you KNOW they're shady if you might have suspected otherwise. :)

On Thu, Apr 25, 2019 at 3:28 PM K. Scott Helms 
wrote:

> After all, it worked for Napster
>
>
> Scott Helms
>
>
>
> On Thu, Apr 25, 2019 at 3:23 PM John Levine  wrote:
>
>> In article  you write:
>> >-=-=-=-=-=-
>> >
>> >feeling cranky, are we, job?   (accusing an antispam expert of spamming
>> on a mailing list by having too long a .sig?)
>> >but it’s true!  anne runs the internet, and the rest of us (except for
>> ICANN GAC representatives) all accept that.
>> >
>> >to actually try to make a more substantial point, i am quite curious how
>> the AUPs of carriers try to disallow
>> >bandwidth resale while permitting
>> >
>> >• cybercafe operations and other “free wifi" (where internet service
>> might be provided for patrons in a
>> >hotel or cafe)
>> >• wireless access point schemes where you make money or get credit for
>> allowing use of your bandwidth (e.g. Fon)
>> >• other proxy services that use bandwidth such as tor exit nodes and
>> openvpn gateways
>>
>> To belabor the fairly obvious, residential and business service are
>> different even if the technology is the same.  For example, Comcast's
>> residential TOS says:
>>
>>   You agree that the Service(s) and the Xfinity Equipment will be used
>>   only for personal, residential, non-commercial purposes, unless
>>   otherwise specifically authorized by us in writing. You are prohibited
>>   from reselling or permitting another to resell the Service(s) in whole
>>   or in part, ... [ long list of other forbidden things ]
>>
>> Their business TOS is different.  It says no third party use unless
>> your agreement permits it, so I presume they have a coffee shop plan.
>> (The agreements don't seem to be on their web site.)  I'd also observe
>> that coffee shop wifi isn't "resale" since it's free, it's an amenity.
>>
>> As to how do these guys think they'll get away with it, my guess is
>> that they heard that "disruption" means ignoring laws and contracts
>> and someone told them that is a good thing.
>>
>> R's,
>> John
>>
>

Re: Packetstream - how does this not violate just about every provider's ToS?

[K. Scott Helms]

After all, it worked for Napster


Scott Helms



On Thu, Apr 25, 2019 at 3:23 PM John Levine  wrote:

> In article  you write:
> >-=-=-=-=-=-
> >
> >feeling cranky, are we, job?   (accusing an antispam expert of spamming
> on a mailing list by having too long a .sig?)
> >but it’s true!  anne runs the internet, and the rest of us (except for
> ICANN GAC representatives) all accept that.
> >
> >to actually try to make a more substantial point, i am quite curious how
> the AUPs of carriers try to disallow
> >bandwidth resale while permitting
> >
> >• cybercafe operations and other “free wifi" (where internet service
> might be provided for patrons in a
> >hotel or cafe)
> >• wireless access point schemes where you make money or get credit for
> allowing use of your bandwidth (e.g. Fon)
> >• other proxy services that use bandwidth such as tor exit nodes and
> openvpn gateways
>
> To belabor the fairly obvious, residential and business service are
> different even if the technology is the same.  For example, Comcast's
> residential TOS says:
>
>   You agree that the Service(s) and the Xfinity Equipment will be used
>   only for personal, residential, non-commercial purposes, unless
>   otherwise specifically authorized by us in writing. You are prohibited
>   from reselling or permitting another to resell the Service(s) in whole
>   or in part, ... [ long list of other forbidden things ]
>
> Their business TOS is different.  It says no third party use unless
> your agreement permits it, so I presume they have a coffee shop plan.
> (The agreements don't seem to be on their web site.)  I'd also observe
> that coffee shop wifi isn't "resale" since it's free, it's an amenity.
>
> As to how do these guys think they'll get away with it, my guess is
> that they heard that "disruption" means ignoring laws and contracts
> and someone told them that is a good thing.
>
> R's,
> John
>

Re: Packetstream - how does this not violate just about every provider's ToS?

[John Levine]

In article  you write:
>-=-=-=-=-=-
>
>feeling cranky, are we, job?   (accusing an antispam expert of spamming on a 
>mailing list by having too long a .sig?)
>but it’s true!  anne runs the internet, and the rest of us (except for ICANN 
>GAC representatives) all accept that.
>
>to actually try to make a more substantial point, i am quite curious how the 
>AUPs of carriers try to disallow
>bandwidth resale while permitting
>
>• cybercafe operations and other “free wifi" (where internet service might be 
>provided for patrons in a
>hotel or cafe)
>• wireless access point schemes where you make money or get credit for 
>allowing use of your bandwidth (e.g. Fon)
>• other proxy services that use bandwidth such as tor exit nodes and openvpn 
>gateways

To belabor the fairly obvious, residential and business service are
different even if the technology is the same.  For example, Comcast's
residential TOS says:

  You agree that the Service(s) and the Xfinity Equipment will be used
  only for personal, residential, non-commercial purposes, unless
  otherwise specifically authorized by us in writing. You are prohibited
  from reselling or permitting another to resell the Service(s) in whole
  or in part, ... [ long list of other forbidden things ]

Their business TOS is different.  It says no third party use unless
your agreement permits it, so I presume they have a coffee shop plan.
(The agreements don't seem to be on their web site.)  I'd also observe
that coffee shop wifi isn't "resale" since it's free, it's an amenity.

As to how do these guys think they'll get away with it, my guess is
that they heard that "disruption" means ignoring laws and contracts
and someone told them that is a good thing.

R's,
John

Re: Packetstream - how does this not violate just about every provider's ToS?

[Mark Milhollan]

On Wed, 24 Apr 2019, Anne P. Mitchell, Esq. wrote:


Just ran into packetstream.io:



How can this not be a violation of the ToS of just about every major provider?


Sounds like a "paid" TOR.  Is TOR a ToS violation too -- the EFF would 
probably like to hear of it if so.  Or just the aspect of reselling 
one's service?



/mark

Re: Packetstream - how does this not violate just about every provider's ToS?

[Mark Seiden]

feeling cranky, are we, job?   (accusing an antispam expert of spamming on a 
mailing list by having too long a .sig?)
but it’s true!  anne runs the internet, and the rest of us (except for ICANN 
GAC representatives) all accept that.

to actually try to make a more substantial point, i am quite curious how the 
AUPs of carriers try to disallow bandwidth resale while permitting

• cybercafe operations and other “free wifi" (where internet service might be 
provided for patrons in a hotel or cafe)
• wireless access point schemes where you make money or get credit for allowing 
use of your bandwidth (e.g. Fon)
• other proxy services that use bandwidth such as tor exit nodes and openvpn 
gateways

i suppose they could just try to disallow resale or allow on-premises use even 
if revenue is received.  the Fon business model seems pretty comparable to me.
On Apr 24, 2019, 10:51 PM -0700, Job Snijders , wrote:
> Dear Anne,
>
> On Wed, Apr 24, 2019 at 11:07:51PM -0600, Anne P. Mitchell, Esq. wrote:
> > How can this not be a violation of the ToS of just about every major 
> > provider?
>
> Can you perhaps cite ToS excerpts from one or more major providers to
> support your assertion?
>
> > Anne P. Mitchell,
> > Attorney at Law
> > GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
> > Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
> > Legislative Consultant
> > CEO/President, Institute for Social Internet Public Policy
> > Board of Directors, Denver Internet Exchange
> > Board of Directors, Asilomar Microcomputer Workshop
> > Legal Counsel: The CyberGreen Institute
> > Legal Counsel: The Earth Law Center
> > California Bar Association
> > Cal. Bar Cyberspace Law Committee
> > Colorado Cyber Committee
> > Ret. Professor of Law, Lincoln Law School of San Jose
> > Ret. Chair, Asilomar Microcomputer Workshop
>
> Are you listing all the above because you are presenting a formal
> position supported by all these organisations about ToS? Can you for
> instance clarify how signing of as a director for the Denver Internet
> Exchange shapes the context of your ToS message?
>
> Or, perhaps you are listing the above for some kind of self-marketing
> purposes? If that is the case, please note that it is fairly uncommon to
> use the NANOG mailing list to distribute resumes. I know numerous
> websites dedicated to the dissemination of work histories, perhaps you
> can use those instead of operational mailling list?
>
> Regards,
>
> Job
>
> ps. RFC 3676 section 4.3

Re: Packetstream - how does this not violate just about every provider's ToS?

[Tom Beecher]

Obviously violates every standard “don’t resell the service” clause. ( But
these are also the same TOSes that tell me I can’t VPN into the office , so
they can pound sand. :p )

Doing this makes about as much sense as running a TOR exit node to me. Too
much exposure to someone doing something dumb through you that you’d be
left holding the bag for.

On Thu, Apr 25, 2019 at 01:10 Anne P. Mitchell, Esq. 
wrote:

> Just ran into packetstream.io:
>
> "Sell Your Unused Bandwidth
>
> Earn passive income while you sleep
>
> PacketStream is the first of its kind peer-to-peer proxy network.
> Packeters are compensated for sharing bandwidth on the PacketStream network
> and allowing users all over the world have access to content on  the
> internet through our secure network. Customers can purchase bandwidth and
> browse the web from residential IPs to protect their browsing privacy.
>
> The PacketStream network routes customer traffic through PacketStream
> users allowing for increased privacy and access to geo-restricted content
> while browsing the web. Packeters on the PacketStream network share their
> bandwidth with PacketStream customers. The website/service receiving HTTP
> requests sees requests coming from real residential IPs and allows access
> to content that would otherwise be blocked if it had been requested from
> traditional datacenter VPNs or proxy networks."
>
> How can this not be a violation of the ToS of just about every major
> provider?
>
> Anne
>
> Anne P. Mitchell,
> Attorney at Law
> GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
> Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
> Legislative Consultant
> CEO/President, Institute for Social Internet Public Policy
> Board of Directors, Denver Internet Exchange
> Board of Directors, Asilomar Microcomputer Workshop
> Legal Counsel: The CyberGreen Institute
> Legal Counsel: The Earth Law Center
> California Bar Association
> Cal. Bar Cyberspace Law Committee
> Colorado Cyber Committee
> Ret. Professor of Law, Lincoln Law School of San Jose
> Ret. Chair, Asilomar Microcomputer Workshop
>
>
>
>
>

Re: Packetstream - how does this not violate just about every provider's ToS?

[Job Snijders]

Dear Anne,

On Wed, Apr 24, 2019 at 11:07:51PM -0600, Anne P. Mitchell, Esq. wrote:
> How can this not be a violation of the ToS of just about every major 
> provider? 

Can you perhaps cite ToS excerpts from one or more major providers to
support your assertion?

> Anne P. Mitchell, 
> Attorney at Law
> GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
> Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
> Legislative Consultant
> CEO/President, Institute for Social Internet Public Policy
> Board of Directors, Denver Internet Exchange
> Board of Directors, Asilomar Microcomputer Workshop
> Legal Counsel: The CyberGreen Institute
> Legal Counsel: The Earth Law Center
> California Bar Association
> Cal. Bar Cyberspace Law Committee
> Colorado Cyber Committee
> Ret. Professor of Law, Lincoln Law School of San Jose
> Ret. Chair, Asilomar Microcomputer Workshop

Are you listing all the above because you are presenting a formal
position supported by all these organisations about ToS? Can you for
instance clarify how signing of as a director for the Denver Internet
Exchange shapes the context of your ToS message?

Or, perhaps you are listing the above for some kind of self-marketing
purposes? If that is the case, please note that it is fairly uncommon to
use the NANOG mailing list to distribute resumes. I know numerous
websites dedicated to the dissemination of work histories, perhaps you
can use those instead of operational mailling list?

Regards,

Job

ps. RFC 3676 section 4.3

Re: Packetstream - how does this not violate just about every provider's ToS?

[Paul Ferguson]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 4/24/2019 10:07 PM, Anne P. Mitchell, Esq. wrote:

> Just ran into packetstream.io:
> 
> "Sell Your Unused Bandwidth
> 
> Earn passive income while you sleep
> 

What could possibly go wrong?  :-)

- - ferg

- -- 
Paul Ferguson
Principal, Threat Intelligence
Gigamon
Seattle, WA  USA
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iF4EAREIAAYFAlzBQlEACgkQKJasdVTchbJqVwD/V3h5ZU9IyQEZq5I8aGBCtB+g
hp19rjVbr8qtRPxibRoA/jsZYEIKdWNff+O3cVFnLSTNt4YuzLU5tgUPME4t9QiL
=B089
-END PGP SIGNATURE-