×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Virginia High Court Wrong About IP Addresses

CmdrTaco posted more than 5 years ago | from the i-was-wrong-about-milli-vanilli dept.

174

Frequent Slashdot contributor Bennett Haselton writes "The Virginia Supreme Court has ruled that the state's anti-spam law, which prohibits the sending of bulk e-mail using falsified or forged headers, violates the First Amendment because it also applies to non-commercial political or religious speech. I agree that an anti-spam law should not outlaw anonymous non-commercial speech. But the decision contains statements about IP addresses, domain names, and anonymity that are rather basically wrong, and which may enable the state to win on appeal. The two basic errors are: concluding that anonymous speech on the Internet requires forged headers or other falsified information (and therefore that a ban on forged headers is an unconstitutional ban on anonymous speech), and assuming that use of forged headers actually does conceal the IP address that the message was sent from, which it does not." Click that magical little link below to read the rest of his story.
The first 20 pages of the decision, which are all about legal standing, jurisdiction, and overbreadth, made my eyes glaze over. I'm not analyzing those at all except to point out that on most of those issues, the lower court came to exactly the opposite conclusion from that of the Virginia Supreme Court, and there is no reason to think that the higher court is any more likely to be "correct" than the lower court (even granting the assumption that there is an objectively "correct" answer to these questions). Any time you feel intimidated by "experts," it's helpful to step back and ask whether the alleged experts even agree with each other.

Page 21 is where the technical stuff starts that we can tear apart directly. The decision says, in talking about the transmission of e-mail:

The IP address and domain name do not directly identify the sender, but if the IP address or domain name is acquired from a registering organization, a database search of the address or domain name can eventually lead to the contact information on file with the registration organizations. A sender's IP address or domain name which is not registered will not prevent the transmission of the e-mail; however, the identity of the sender may not be discoverable through a database search and use of registration contact information.

These are statements that are only true if you play some kind of parlor game to find a way to read them as "true," not statements that indicate the court knew what was going on. To review: IP addresses in the U.S. are generally allocated by ARIN in blocks to Internet service providers and Web hosting companies; these companies then lease the IP addresses to their customers. You can look up an IP address with ARIN to determine which ISP or hosting company has been assigned that particular block, but the ISP or hosting company generally won't tell you the identity of their customer who has leased it from them. And anybody can register a domain, but most domain registrars give you the option of registering the domain anonymously, so that only the registrar knows the owner's true identity. So the court's statement that a database search "can eventually lead" to contact information is correct only if you clarify that it "can" lead there, but it usually won't. As a finding of fact, this is 100% true, and about as useful as "Obama might win in November. Or he might not."

But it's impossible to defend what the court says next:

As shown by the record, because e-mail transmission protocol requires entry of an IP address and domain name for the sender, the only way such a speaker can publish an anonymous e-mail is to enter a false IP address or domain name. Therefore ... registered IP addresses and domain names discoverable through searchable data bases and registration documents "necessarily result[] in a surrender of [the speaker's] anonymity."

Now, there are two possible definitions of "anonymity" to consider: (1) you can be anonymous to the extent that ordinary citizens reading your content cannot determine your identity without a subpoena; or (2) you can be anonymous to the extent that even the government, armed with subpoenas and wiretaps, can never find out who you are. But under either interpretation of the word, the court's statement that "the only way such a speaker can publish an anonymous e-mail is to enter a false IP address or domain name," is wrong.

By default, almost all Internet users are already anonymous in the first sense, even without using forged headers or other tricks in their e-mails. When you send e-mail through your own Internet service provider's mail server, or when you log on to Hotmail and send messages from a Hotmail account, or when you lease a dedicated server from a Web hosting company and use it to send mails, the messages don't contain any more information about your true identity than you decide to put in them. Only the government could ordinarily discover your identity in those cases, by looking at the IP address that the message was sent from, and subpoenaing the Internet service provider or hosting company for the identity of the person using that IP address at that time.

But there are even ways to be anonymous in the second sense -- such that not even the government could identify you -- without resorting to forged e-mail headers. You can create Hotmail and Gmail accounts without giving the providers any of your true information. When you send messages through those services, they pass along the IP address that you used to connect to their Web sites, but you can obscure your IP address as well, by using an anonymizing proxy or a service like Tor.

Elsewhere in their decision, the court indicated that what they really wanted to protect was the right to send anonymous bulk e-mails that were political or otherwise non-commercial. But even by that standard, it's still possible to use Hotmail and Gmail together with an anonymizing proxy (the mail services do impose limits on how many messages each account can send in a day, but if you want to send bulk mails badly enough, you can always sign up for multiple accounts). And if you only care about staying beyond the reach of U.S. subpoena power, you can always sign up for a dedicated host overseas and send the bulk mails from there.

Apart from the court's misstatement that forged headers are the only way to publish anonymously in e-mail, there is the incorrect presumption that forged headers actually do afford anonymity in either of the senses given above. The court wrote, "[T]he only way such a speaker can publish an anonymous e-mail is to enter a false IP address or domain name." But while it is possible to enter any domain you want in your return e-mail address when you send an e-mail, the court apparently didn't know what it was talking about when it referred to "entering a false IP address." You can't just "enter" any arbitrary IP address when sending an e-mail. If user@domain name.com receives an e-mail, the mail server at domain name.com has to receive the message over a connection made from some other machine, and the domain name.com mail server can always see the IP address of the machine on the other end of the connection. Normally, this machine on the other end would be the mail server of the sender's Internet service provider. Or if the sender has leased a dedicated machine at a hosting company, that dedicated machine would be the one connecting to the domain name.com mail server. Some desktop spamming programs let you turn your home computer into the sending mail server, so that it connects directly with the remote mail server to send the message. In all of these cases, the receiving mail server can see the IP address of the sending machine, so a government subpoena would usually be enough to determine the sender's identity. (I know you all know this, but I have delusions that some helpful clerk will print out this article and explain this to the judge.)

When spammers "enter" false IP addresses in sending mails, that usually means entering made-up IP addresses in headers that are sent along with the contents of the message. However, these would normally only have the effect of throwing someone off the trail who opened the message sent to user@domain name.com and was reading the headers manually. Perhaps they would see some random IP addresses scattered in the headers, would go to ARIN and look up the hosting company or ISP that those IP addresses were assigned to, and would mistakenly file a complaint with that company. But the domain name.com server can always see the true IP address that the message was received from, and for people who know how to read the headers properly, that IP address will be indicated in the headers as the address that connected to the domain name.com mail server to send the mail.

So the court's statement that "the only way such a speaker can publish an anonymous e-mail is to enter a false IP address or domain name" is doubly wrong: because it's easy to send e-mails anonymously without using forged headers, and because forged headers do not in fact provide the level of anonymity that the court said should be protected anyway. The only way to truly obscure your identity by hijacking a third-party IP address without permission, would be to hack into a third party's computer, by infecting a user's home computer with a Trojan horse for example, and using it to send mail. Presumably the court was not contemplating that such an activity should be considered legal, even as a means of sending political speech.

It would presumably be unconstitutional for an anti-spam law to prohibit anonymous political e-mails which attempted to hide the sender's identity -- that is after all what "anonymous" means! You couldn't pass a law outlawing Tor, for example. But the Virginia law doesn't apply to senders merely trying to hide their identity, it applies only to the use of computers "to falsify or forge electronic mail transmission information or other routing information in any manner in connection with the transmission of unsolicited bulk electronic mail" (emphasis added). There is a difference between obscuring one's identity (which Tor and anonymous remailers allow you to do), and actively trying to frame an existing third party by using forged headers to make the mail appear that it came from somewhere else, especially when sending bulk mail, which is likely to generate complaints whether it's commercial or not.

By contrast, the Washington anti-spam law prohibits any mail which "misrepresents or obscures" the origin of the message (emphasis added). This is broader and could be construed to include a wider range of things, such as the use of overseas IP addresses to send bulk mail on behalf of a U.S. company, or the use of anonymously registered domains to hide the sender's identity. It would probably be unconstitutional to prohibit these obscuring techniques for non-commercial anonymous e-mail, which is why the Washington law specifically applies only to commercial messages.

But here I'm getting into issues like constitutional law where different experts might disagree. The clear-cut technical fact is that, contrary to the court's ruling, forged e-mail headers do not provide true anonymity when sending mail, whereas there are other, legal, ways of sending mail that do make the sender truly anonymous.

What is frustrating about the court's misstatements about IP addresses, domain names, and anonymity, is that the judge is obviously intelligent and could have understood the concepts if they had been explained correctly to him. I held some misconceptions for a long time myself about domain names and IP addresses, because the first explanations I read were incomplete or wrong, or I didn't understand them. But the mistakes in the ruling would have been caught if the judge had just showed a draft to an Internet guru and said, "Hey, can you check if there's anything wrong here?" I know, I know, that's "just not done" (and there are probably formal rules in most states against showing a draft of a ruling to a third party before publishing it, even if the third party reviewer is sworn to secrecy, as they should be). But there's nothing stopping the judge from asking a technical expert during the trial, "It seems to me that the only way to publish anonymously on the Internet would be to use forged headers in e-mail. Can you tell me if that's right before I go too far down that line of reasoning?"

I've appeared before judges in Small Claims court who did ask questions about any part of the technical issues that they wanted to understand, and were even willing to revise some prior misconceptions. But all of them, even the open-minded ones, proceed by gathering information during the trial, and then in the conclusion, spell out their argument and their ruling (during which time you're not allowed to interrupt), which is then set in stone unless you appeal. I've never seen a judge say, "Here's the line of reasoning in my head right now, and my tentative conclusion. Is there anything in that chain of reasoning that you want to dispute, before I make it final? I am not promising to change my mind just because you disagree with something. But I will take it into account." This is essentially what scientists do when they submit their papers for peer review before publishing them, to minimize the chance of making an error. Judges could do the same thing -- if not formally, because they're not allowed to show opinions to third parties, then at least informally, by running their ideas past the experts assembled in their courtroom -- to reduce the chance of making a mistake. But have you ever heard of a judge doing that?

The Virginia judges probably did about as well as one could be expected to do, having learned all these technical terms only recently, and then withdrawing to their chambers to form an argument without any feedback from any technical experts. So, given the technical howlers that ended up in the ruling, the moral is that forming an argument in isolation from experts is probably not the right way to go about it.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

174 comments

summary way to long. (4, Insightful)

ZERO1ZERO (948669) | more than 5 years ago | (#25220093)

Man, I was gonna read it, but I clicked and then by the time I scrolled down a bit, and a bit, I was too tired and/or bored to continue.

Re:summary way to long. (3, Informative)

rob1980 (941751) | more than 5 years ago | (#25220135)

Most /. articles that start with Frequent Slashdot contributor Bennett Haselton writes... end up that way. You can always choose not to read them.

Re:summary way to long. (4, Funny)

garett_spencley (193892) | more than 5 years ago | (#25220203)

"You can always choose not to read them."

Damn. I wish someone had told me that 20 minutes ago :(

Taco... (0)

Anonymous Coward | more than 5 years ago | (#25221089)

...Stop referring to links as "magical little links."

It's hokey.

Re:summary way to long. (3, Insightful)

electrictroy (912290) | more than 5 years ago | (#25220571)

>>>But the decision contains statements about IP addresses, domain names, and anonymity that are rather basically wrong, and which may enable the state to win on appeal.

So who would the State of Virginia appeal to? (just curious)

Re:summary way to long. (5, Informative)

morgan_greywolf (835522) | more than 5 years ago | (#25221061)

SCOTUS [wikipedia.org] , especially in a case like this where their are likely federal issues, since it involves a lil' ol' network [wikipedia.org] that spans the entire globe:

Federal courts may only overrule a state court when there is a federal question, which is to say, a specific issue (such as consistency with the Federal Constitution) that gives rise to federal jurisdiction. Rulings of state supreme courts on such matters may be appealed directly to the Supreme Court of the United States.

Re:summary way to long. (4, Funny)

nine-times (778537) | more than 5 years ago | (#25220685)

You don't have to tell us. Nobody here reads the articles or the summaries. Hell, we barely read the comments they're responding to.

Re:summary way to long. (4, Funny)

Atzanteol (99067) | more than 5 years ago | (#25221127)

You're right. Most of us don't even finish reading the posts we're replying to either.

Re:summary way to long. (1)

josecanuc (91) | more than 5 years ago | (#25221225)

You're WRONG. It's entirely possible to produce green eggs and ham, the grammatical ambiguity notwithstanding. ;-)

Re:summary way to long. (1)

Sun Chi (680938) | more than 5 years ago | (#25221389)

Of course we have to tell you: no one here reads the comments, summary, or article.

Re:summary way to long. (1)

multipartmixed (163409) | more than 5 years ago | (#25221575)

> You don't have to tell us. Nobody here reads the articles or
> the summaries. Hell, we barely read the comments they're responding to.

I couldn't agree more. The fact that Barrack Obama thinks he can win the election without being underhanded tells me he doesn't have the stones to be a world leader.

Re:summary way to long. (2, Funny)

Narlaquin (1353067) | more than 5 years ago | (#25221641)

You don't have to tell us. Nobody here reads the articles or the summaries. Hell, we barely read the comments they're responding to.

It looks like you didn't even read the comment that you were writing.

Re:summary way to long. (3, Insightful)

Obfuscant (592200) | more than 5 years ago | (#25220847)

He lost me when he said he thought that non-commercial anonymous spam should be legal.

Re:summary way to long. (1)

nomadic (141991) | more than 5 years ago | (#25222193)

Most /. articles that start with Frequent Slashdot contributor Bennett Haselton writes... end up that way. You can always choose not to read them.

If we're going to have long articles parsing legal issues, why not have an actual lawyer write them rather than a layman like Haselton?

Re:summary way to long. (1)

nacturation (646836) | more than 5 years ago | (#25220387)

Man, I was gonna read it, but I clicked and then by the time I scrolled down a bit, and a bit, I was too tired and/or bored to continue.

There are prescription medications to help with that.

Re:summary way to long. (2, Insightful)

elrous0 (869638) | more than 5 years ago | (#25220645)

Perhaps some contributors misunderstand the concept of a "summary." I've seen more than a few who could definitely use a primer on the effectiveness of "brevity" as well.

Re:summary way to long. (4, Informative)

Karganeth (1017580) | more than 5 years ago | (#25220657)

Try using spreeder. It increases the speed you can read at by a lot. http://www.spreeder.com/ [spreeder.com]

Re:summary way to long. (1)

Lostlander (1219708) | more than 5 years ago | (#25220977)

That's awesome. In addition to being useful for saving time it's a great way to test how fast you can read things and still comprehend them.

Re:summary way to long. (3, Interesting)

thrillseeker (518224) | more than 5 years ago | (#25221013)

if by "increase the speed you can read", you mean "move eyes across words rapidly without increasing comprehension", then yeah, maybe ...

Re:summary way to long. (2, Funny)

PPH (736903) | more than 5 years ago | (#25221793)

Won't help me a bit. Unless it increases the rate at which I can move my lips.

Re:summary way to long. (2, Interesting)

commodoresloat (172735) | more than 5 years ago | (#25221599)

Huh? Interesting, but it seems to actually slow me down... I think it would for most people unless you're in the habit of reading only one word at a time. But I think for most people it's customary to pick up several words at a time while reading fast.

Re:summary way to long. (4, Insightful)

Sloppy (14984) | more than 5 years ago | (#25220913)

I think his best and most-core argument is right here:

There is a difference between obscuring one's identity (which Tor and anonymous remailers allow you to do), and actively trying to frame an existing third party by using forged headers to make the mail appear that it came from somewhere else

and I really wish someone had put that sentence right in the court's face.

Re:summary way to long. (2, Insightful)

omeomi (675045) | more than 5 years ago | (#25221529)

I got about a quarter of the way down, and realized it wasn't worth continuing...

but the ISP or hosting company generally won't tell you the identity of their customer who has leased it from them...So the court's statement that a database search "can eventually lead" to contact information is correct only if you clarify that it "can" lead there, but it usually won't.

Unless, of course, you have a subpoena, in which case the ISP or hosting company will most certainly tell you. And they will likely do a database search on their own system prior to telling you. If you're trying to be anonymous, you generally want to be anonymous from the government, too...

Why All Bailout Packages Will Fail (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#25220101)

I've been thinking about this for a while, but I think I understand why the majority of the American people are against the current bailout package, and why ultimately all bailouts (whether for banks, mortgage holders, or taxpayers in general) will fail.

The root of the problem is not economic but sociological in nature. No amount of economic carrots will fix the problem, despite the fact they may delay the crash or draw it out into a painstakingly long-term affair. Individidual productivity has dropped off as people have become depressed with their jobs, which seem to absorb ever increasing amounts of their time and effort.

Americans have become disillusioned with going after material goods to the point they have abandoned building relationships. People are addicted to their jobs and have delayed finding a partner of the opposite sex, getting married, and having children. Their job brings them immediate stability and shiny things; however, they know long-term stability they are at risk.

I think a majority of the population would appreciate a breather from the corporate world, and if there are large swaths of people in the same position, that gives them ample chance to meet with other people who have plenty of spare time in order to build relationships that cannot be built barhopping on Friday nights.

Maybe I'm projecting my thoughts too much on the rest of the populance, but I know very few people my age (~30 years old) who have even started building a family, and that's quite frankly, distressing. The economy isn't everything. We will survive. The crash will happen. Let it happen swiftly and let the recovery happen in the near term.

Re:Why All Bailout Packages Will Fail (1)

cmacb (547347) | more than 5 years ago | (#25221015)

Maybe I'm projecting my thoughts too much on the rest of the populance, but I know very few people my age (~30 years old) who have even started building a family, and that's quite frankly, distressing. The economy isn't everything. We will survive. The crash will happen. Let it happen swiftly and let the recovery happen in the near term.

I don't know what this has to do with the subject at hand, but I agree with you to some extent. I don't agree that it has to do with people addicted to their jobs, although there are certainly people who are. There are also people addicted to the Internet, or addicted to TV viewing or going to those bars you mentioned. If the people who promote the abandonment of religion (and that would be the majority here on Slashdot) can't find a substitute better than just sitting all day hitting refresh on your browser, I don't think there is much hope for things improving.

I'm not saying necessarily that religion is the answer (although it certainly is an answer). But I see few alternatives presenting themselves. Marx said that The State would for a while become our religion, and I don't care what anyone here claims, we are going down the same path as the Soviet Union, only without a bloody revolution. Der Spiegel is today celebrating the death of capitalism and American dominance, except we haven't been practicing capitalism since the 1800s. Popular belief among American "intelligentsia" is that we now have the power to control every aspect of our society and I foresee that after the next election any failure of such control will simply engender a feeling that the controls weren't strict enough. That's what I'm seeing every day in the mainstream media.

That control, ever more sophisticated, will soon, even if it hasn't already, make anonymity impossible. The novel 1984 may have been a failure in terms of the timing, but I don't think it is far off the mark in terms of where we are going, and the direction as well as end-point to me seems fairly inevitable.

I think I have accidentally wandered back on-topic, my-bad.

Re:Why All Bailout Packages Will Fail (1)

compro01 (777531) | more than 5 years ago | (#25221715)

I don't know what this has to do with the subject at hand, but I agree with you to some extent. I don't agree that it has to do with people addicted to their jobs, although there are certainly people who are. There are also people addicted to the Internet, or addicted to TV viewing or going to those bars you mentioned.

The important difference in those is that the former addiction would appear to be actively endorsed by society in general, or could even be considered indirectly enforced.

Just a random thought ... (2, Interesting)

oneiros27 (46144) | more than 5 years ago | (#25220105)

As much of the issue in this case seemed to involve forged headers, have any of the companies whose domain names were used in a forgery ever tried suing under slander laws?

Re:Just a random thought ... (2, Interesting)

gnick (1211984) | more than 5 years ago | (#25220349)

There may be a few willing to try, but I'm sure they're a minority. I just logged in to my 'spam' box to check the domains being used. The vast majority seem to be legitimately registered domains selling 'R0lex R3plicas' or 'V1agra'. A small subset are from 'bankofamerica.com', 'wachovia.com', or 'easternbank.com' presumably from people who feel sufficiently isolated from a US lawsuit. The rest are from gmail or yahoo accounts or domains that I assume don't even exist. I'd be surprised if there were enough spoofed headers 'slandering' legitimate companies for a successful lawsuit.

Re:Just a random thought ... (3, Interesting)

Anonymous Coward | more than 5 years ago | (#25220565)

In recent months, a client of mine has been joe jobbed so heavily that they've been unable to work due to backscatter. Not only is their business name being used in connection with spam promoting online gambling sites but being self employed and relying on email for their work it's costing them money.

You hit the real problem though...

presumably from people who feel sufficiently isolated from a US lawsuit.

If ever there were a class of criminal deserving of rendition protocols and gitmo style internment...

Re:Just a random thought ... (1)

swingerman (29475) | more than 5 years ago | (#25220641)

Actually, there would be no cause of action for slander on these facts -- identity theft, maybe, but not slander. Other requirements aside, slander requires an oral statement, and an email is a "written" statement not an oral one. The correct tort, if it applied, would be libel. However, the other requirements for libel would most likely not be met. The more appropriate tort would be invasion of privacy, either appropriation or maybe even false light, though those may be a stretch.

BWAHAHAHA the joke's on you! (1, Funny)

Anonymous Coward | more than 5 years ago | (#25220117)

There was no such decision by the Supreme Court! I staged a man in the middle attack and FOOLED you with my forged headers!

I don't want any anonymous mail in any case. (0, Troll)

Gordonjcp (186804) | more than 5 years ago | (#25220139)

If you aren't prepared to put your name to what you say, then I don't want to hear it.

I disagree (2, Insightful)

Anonymous Coward | more than 5 years ago | (#25220245)

If you aren't prepared to put your name to what you say, then I don't want to hear it.

Tell that to all the Iraq war protesters (when it first started) who had their houses vandalized and were assaulted because of their views.

Or the folks who disagree with their Governments and are being watched, were tortured or killed.

Or how about being an atheist in a theist country and trying to get work - outside of working for Bill Maher.

Just saying.

Re:I don't want any anonymous mail in any case. (1)

Ohio Calvinist (895750) | more than 5 years ago | (#25220343)

I think the problem here is that someday you might want to send anonymous mail of a religious or political nature and most would agree that there is merit in that not being illegal. For instance, I've sent anonymous e-mail (well, semi-anonymous, from some generic gmail account) complaining to the Health Dept. that facilities on site were not up to health code, but did not want my employer to be able to deturmine from the public records who made the complaint.

I wish that public key signing of e-mail on a massive system was possible and inexpensive (or free!) and massively adopted so that I could filter out unsigned e-mail. Right now, there isn't truly a lot of flexibility in filtering messages based on identity (or lack of identity), instead all we get are very sophisticated pattern matching methods which work well for most cases. Poorly when you monitor public facing mailboxes on an international scale where Contry-origin and english language "correctness"/buzzword filters are all you get.

Re:I don't want any anonymous mail in any case. (4, Interesting)

dgatwood (11270) | more than 5 years ago | (#25220953)

I think the problem here is that someday you might want to send anonymous mail of a religious or political nature and most would agree that there is merit in that not being illegal.

No, we wouldn't. There is no merit to that whatsoever. There are plenty of ways of communicating religious or political messages that do not require forging email headers. First, there are anonymous email accounts that do not forge anything. Second, there are anonymous blogging services. Third, there are anonymous web hosting providers. The techniques that these anti-spam laws use have no valid use except to send out mail with no way to communicate back to the original sender whatsoever, making it nearly useless for legitimate religious or political messaging purposes.

I wish that public key signing of e-mail on a massive system was possible and inexpensive (or free!) and massively adopted so that I could filter out unsigned e-mail.

Yup. I agree. However, if we get to the point where we have to start signing things to prevent spam, legitimate anonymous email will become a lot harder, and thus laws like this one actually protect legitimate anonymous speech by making it harder for people to abuse the email system in a way that causes people to overreact and block all anonymous speech. The negative consequences of spam on free speech are far, far greater than the negative effects of this law, so if this law successfully reduces spam, it has a positive impact on free speech, not a negative one.

I would also add that free speech---even free political speech---is not absolute. The Supreme Court has long held that time, place, and manner restrictions on speech are perfectly allowable. Email is a manner of speech. It is, therefore, completely reasonable to put limits on speech sent via email, so long as the restriction is reasonably narrow in scope, which these regulations are, IMHO. The court striking this down is completely unreasonable, and I would strongly encourage Virginia to ask the SCOTUS to grant certiorari on this one.

Re:I don't want any anonymous mail in any case. (1)

epee1221 (873140) | more than 5 years ago | (#25221985)

There are plenty of ways of communicating religious or political messages that do not require forging email headers.

GP was responding to the assertion that anything said anonymously is not worth listening to. He did not say one should (or should be allowed to) send anonymous messages by forging headers.

Re:I don't want any anonymous mail in any case. (0, Troll)

Gordonjcp (186804) | more than 5 years ago | (#25221791)

I think the problem here is that someday you might want to send anonymous mail of a religious or political nature

Why would I want to commit an act of cowardice like that?

Re:I don't want any anonymous mail in any case. (0)

Anonymous Coward | more than 5 years ago | (#25222197)

Well, you live in a "free" country, there are countries where you can get killed by saying what you want, or worse, re-educated.

Re:I don't want any anonymous mail in any case. (5, Insightful)

PMuse (320639) | more than 5 years ago | (#25220375)

If you aren't prepared to put your name to what you say, then I don't want to hear it.

Then, you will hear only those things that no one is trying to suppress by intimidation or retaliation.

If you don't have time for anonymous speech, that's fine. However, anonymous speech too often conveys vital information for it to be prohibited for those who want to hear it.

Re:I don't want any anonymous mail in any case. (1)

ChuckSchwab (813568) | more than 5 years ago | (#25220547)

Then, you will hear only those things that no one is trying to suppress by intimidation or retaliation. ... However, anonymous speech too often conveys vital information for it to be prohibited for those who want to hear it.

That argument applies just the same to all kinds of unsolicited email. As much as I may get annoyed at some kinds of spam, I have to fundamentally agree with the Virginia courts here. The fact is, spam is a perfectly valid form of free speech. When you tell people they can't spam, you're telling them that they don't have the right to speak their mind to the world.

Is spam annoying? Of course! (Well, on occassion.) But "annoyingness" has NEVER been a basis for restricting someone's rights. You know what I find annoying? When people voice opinions against the proposed financial rescue bills in the House and Senate. (Not to mention the anti-rescue banner ad on this very story!) They are universally speaking out of ignorance (specifically, regarding the problems illiquidity of perfectly valid mortgage-backed securities) and it pisses me off to no end.

But that anger it arouses in me does not equate to a right to ban that kind of speech (except maybe under economic terrorism laws, which I think they need to pursue, as I said recently). Imagine if the British Crown decided that speaking against the Stamp Act was "spam". Or, more appropriately, what if they had the attitude of "Oh, you can have ALLLLL the free speech you want ... but only on paper that's had its Stamp Act duties paid." That's the 18th-century equivalent of what I see a lot of people these days saying: "Oh, you have the right to free speech ... but not on my email server."

Yes, I *do* have free speech. EVERYWHERE. Not just in "free speech zones". But on government-taxed paper too. Using the air you might have breathed. And yes, using your server, which CHOSE to accept my messages.

Re:I don't want any anonymous mail in any case. (0)

Anonymous Coward | more than 5 years ago | (#25221029)

They are universally speaking out of ignorance (specifically, regarding the problems illiquidity of perfectly valid mortgage-backed securities) and it pisses me off to no end.

"Universally"? No. It is not only possible, but actually quite common, for well-informed people to reach different conclusions on things. Yes, even different conclusions than you.

But that anger it arouses in me does not equate to a right to ban that kind of speech (except maybe under economic terrorism laws, which I think they need to pursue, as I said recently).

Ah. They should be allowed to oppose you, except that they shouldn't. No, you moron, being against the bailout is not terrorism in any fashion and you know it.

Re:I don't want any anonymous mail in any case. (4, Insightful)

moderatorrater (1095745) | more than 5 years ago | (#25221101)

Yes, I *do* have free speech. EVERYWHERE.

No you don't. You don't have the right to free speech within my house, and I can tell you to leave my home and use force to compel you to if something you say offends me. Hell, I can make you leave my home if you refuse to say something I want you to say.

You do not have the right to free speech on my servers. If I'm running a forum and I don't like what you say, I'm well within my rights to delete your posts and ban you forever. Because I own these things, I have control over them, in many ways more control than the government will ever have. The government can only restrict certain types of speech, I can restrict any or all speech.

Re:I don't want any anonymous mail in any case. (3, Insightful)

Anonymous Brave Guy (457657) | more than 5 years ago | (#25221491)

When you tell people they can't spam, you're telling them that they don't have the right to speak their mind to the world.

No, you're telling them that they don't have the right to make everyone listen to what they want to say... which they don't, as far as I'm concerned.

What they choose to say on their own web site, which I visit voluntarily, or in a public forum, which no-one is forced to attend, is one thing. What they shove, unsolicited, into millions of inboxes is quite another. The problem with spam is not what they say, but the push model they use to say it.

Re:I don't want any anonymous mail in any case. (1)

Rary (566291) | more than 5 years ago | (#25220731)

If you aren't prepared to put your name to what you say, then I don't want to hear it.

Then, you will hear only those things that no one is trying to suppress by intimidation or retaliation.

Note that, according to his subject line, GP was referring specifically to mail. He was not saying that he doesn't want to hear anonymous speech in general, just not in his inbox.

I agree with him. People should have the right to speak their mind anonymously in a public forum without limitation, but I don't want anything anonymous in my private inbox.

Re:I don't want any anonymous mail in any case. (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25220927)

I think anonymous speech should be outlawed. Only trolls use anonymous speech.

Re:I don't want any anonymous mail in any case. (1)

Jaeph (710098) | more than 5 years ago | (#25221035)

Bull.

We're mixing words and sentences up to the extent that nothing has any meaning any more. If someone wants to print anonymously, they can contact a newspaper (blog/whatever), submit an article, and be heard if the media entity will print it. Hence "publius" in the federalist papers.

But sending mail headers with fraudulant address should be "fraud" in the criminal sense and prosecuted in extreme cases.

To be honest, I don't mind a simple heading of "anonymous" - then I can screen you out without a problem. But lying is a real issue, and should be dealt with, not hidden under some glorious "oppressed" nonsense.

-Jeff

Re:I don't want any anonymous mail in any case. (5, Interesting)

Rrhain (1376181) | more than 5 years ago | (#25221125)

And if my inbox were a public place funded by public money, anonymous people might have a claim to using it. But my inbox is a private place funded by my money and therefore I have the right to stop people from sending to it since it costs me money to download their message.

I have the right to block phone numbers that don't display their Caller ID from calling me. People who hide their phone number are free to call anyone they want...just not me. And that's because I'm the one paying for the line. You do not get to use my line without my permission. Why should my inbox be any different?

Contrast this with my physical mailbox: I don't pay for it (directly, at least). It does not cost me money to have somebody else send me something, in general. And even COD (does anybody actually still do that?) allows me to refuse delivery if I don't want to pay. Since it is, to some degree, a public method, people can send me things without my requesting it and I have the ability to discard their messages unread. It costs me nothing.

But because I have to pay for the network connection, because I have to pay to download your message before I can determine if I want to see it, it means I get to have some control over what gets put in it.

Your right to anonymous speech does not come with a right to an audience. You do not get to enter my home, without my permission, to try to make your case. If I want to hear your speech, I will go to where you make it.

Re:I don't want any anonymous mail in any case. (1)

lysergic.acid (845423) | more than 5 years ago | (#25220495)

that's your choice. that doesn't mean anonymous mail should be outlawed.

i think that forged e-mail header should be banned, but anonymity is an important pillar of the right to privacy.

it may not be necessary for most people to send anonymous e-mails usually, but we still live in a world in which dissidents are persecuted, sometimes even killed.

even in the U.S., if you're a whistleblower for a powerful corporation, or perhaps a powerful government organization, you may face serious repercussions for your actions. if we prohibit anonymous e-mails then potential whistleblowers might be discouraged from revealing corruption/injustice within their organization.

the fallacious "if you're innocent then you have nothing to hide" argument is naive and shortsighted. communication through anonymous channels is vital to any free society.

Re:I don't want any anonymous mail in any case. (0)

Anonymous Coward | more than 5 years ago | (#25220561)

Purchase lengthening pills from me; make women happy.

Re:I don't want any anonymous mail in any case. (0)

Anonymous Coward | more than 5 years ago | (#25220831)

Translation:

If you aren't prepared to expose yourself to arrest, detention, and possibly even torture from a potentially hostile and tyrannical government when you present sound, rational, logical arguments that oppose said government, then...well, there is no then. It's a ridiculous stance. Anonymity is essential to the function of a free state.

If you disagree, then let's take your argument to the logical conclusion. Before you make any statement, you must first provide information that will allow any person to locate you at any time.

Re:I don't want any anonymous mail in any case. (0)

Anonymous Coward | more than 5 years ago | (#25221635)

Great! We'll make sure to exclude you from the distribution of the federalist papers, then. Signed, the founding fathers.

Spam is Evil (1)

Dr.D.IS.GREAT (1249946) | more than 5 years ago | (#25220217)

It is my firm belief that I would tread on the rights of others to prevent spam. Spam is a cancer of ISPs and most importantly it is god damn annoying!

But the real problem is nigerian 419 spam. Those evil little pygmys have ripped off Americans and other bloats for a while. I think maybe the government should step in and do something about it. Too many old men think they are falling in love with a attractive online retailer entrepreneur and turning into stolen merchandise drop sites and distributors.

When will the government or hacker community do something about it?

Dr. D

Re:Spam is Evil (2, Funny)

ivandavidoff (969036) | more than 5 years ago | (#25220569)

There are no pygmies in Nigeria. If you are receiving Nigerian spam sent by pygmies, the headers are forged.

Re:Spam is Evil (1)

cream wobbly (1102689) | more than 5 years ago | (#25220863)

I would tread on the rights of others to prevent spam

Then I am glad you are not in government.

Re:Spam is Evil (1)

Dr.D.IS.GREAT (1249946) | more than 5 years ago | (#25221007)

<quote>

<quote><p>I would tread on the rights of others to prevent spam</p></quote>

<p>Then I am glad you are not in government.</p></quote>

Well, how does your confidence treat you when you DL 4000 emails everyday telling you, "She wants MORE" and buy these pecker-picker-upper pills.

What I ment about treading on the rights of others: We have Dept. Homeland Sec. wire tapping and all that bullshit making sure Kumar isnt gunna blow him self up in the subway. This is done very sketchy by the govt, and it supposedly keeps us safe... NOW! the govt should kinda wire tap emails in a way, find out where the repeat spam offenders are coming from and take em out. If we can shit 2 billion dollars on bagdad we can shit 2 million in finding spam shops and shutting them down, especially the 419 crowd. If the govt has to break into a few out boxes to find out where the spam is coming from, be my guest; I will be the first one to give up my usrname and pswd for 10 minutes...

uh...

Dr. D

State Supreme Court, State Law (1)

John Hasler (414242) | more than 5 years ago | (#25220467)

> ...which may enable the state to win on appeal.

This is the Virginia state supreme court ruling against Virginia state law. Just who do you think they are going to appeal to?

Re:State Supreme Court, State Law (1)

KiahZero (610862) | more than 5 years ago | (#25220623)

The state can appeal to the USSC, since it's a state court applying federal law (the Constitution).

Whether or not the USSC will actually grant certiorari (hear the case) is another matter entirely.

Re:State Supreme Court, State Law (1)

idiotnot (302133) | more than 5 years ago | (#25221689)

Yes, and the court wrote that SCOTUS is more likely to be on their side; the federal courts would prefer that state courts not interpret federal constitutional issues narrowly.

What will happen is that the General Assembly will revise the law, limiting it to commercial e-mail. Unfortunately, the way Virginia law works, spammers again have free reign until 1 July.

It's a court, what do you expect? (1)

Gothmolly (148874) | more than 5 years ago | (#25220477)

This is the same court system that required a server's RAM to be held as evidence, since it was a data-storage device.

Someone will challenge this, and the State will lose. That's the way the system works.

i agree with the summary for a change (3, Insightful)

timmarhy (659436) | more than 5 years ago | (#25220491)

spam != anonymous mail or free speech. for a start it's not anonymous by it's very nature - they WANT you to contact them and know who they are. it's also not free speech, because free speech means i'm free not to listen or help you in anyway. spam intrudes on my inbox.

Re:i agree with the summary for a change (0)

Anonymous Coward | more than 5 years ago | (#25221103)

As I understand it, the law as written only required the forgery of headers. This is a resonable analysis of that rule as a barrier to anonymous speach.

Now you are suggesting: that spammers are not anonymous because they want you to contact them.

Well, ok a few points:

  - Just be cause they want to contact you doesn't mean they don't want to be anonymous (of course they do!)
  - Lets say they didn't want you to contact them back, and the speach wasn't fraudlent or commerical or something else we don't like.... it was in fact maybe important political speech! The law still applies right?? In that case the law is wrong, and the court was right. In other words the legislators, industry people, etc didn't think enough about The Law when they wrote it. People then whine about The Courts. Who now have a Big Mess. Fundamentally courts are not supposed to make laws. They are supposed to tell the lawmakers they fucked up and they need to fix the mess when they have.

Now I think the analysis is good, and perhaps the courts analysis would be different if the government hadn't been so successful in forcing ISPs and business to keep records and fundamentally limit the possibility for anonymous speech so much.

We know Nixon had an enemies list. Do we really think Bush is different? We know TIA exists. We know the president has fought to put as much of this data as possible under unsupervised extra-governmental places so it can be accessed without oversight. This is _bad_ for America.
Yes SPAM is bad and annoying, but get the laws _right_.

Garick

This summary is incredibly naive (0)

Anonymous Coward | more than 5 years ago | (#25220521)

First of all, I think anyone interested in sending anonymous emails containing criticism of the government will agree that opening up a Hotmail account won't cut it. Nor does it make sense to do this through Tor and hope that the service works correctly, has no security vulnerabilities, etc when you can just forge some headers and get direct access. Finally, what makes you think that people will only do this from their home PC? What if someone goes to a cafe, or rides by an unsecured wifi spot, or something like that? Not to mention that for some protocols (maybe not mail), you could spoof your IP address.

IP address tracking (1)

ilovesymbian (1341639) | more than 5 years ago | (#25220555)

So they think IP addresses are like ID cards and nobody can spoof them... shows the sorry state of affairs and why we get so much spam and nobody is accountable for it and why they can't catch the spammers.

You might want to stick with what you know (5, Informative)

KiahZero (610862) | more than 5 years ago | (#25220583)

IANALY, because I have another 1.5 semesters and a bar exam to go. However, I still know a lot more about the law than you, which is why I know things like this was a VA Supreme Court case, not a trial.

Appeals don't work like your small claims cases (thank the gods). You have written briefs from the parties and any interested amici curiae, which is where your technical experts come in. The "trial" is oral arguments before the justices (not "judges") of the VASC, where the two parties have fifteen minutes to emphasize certain parts of their cases while the justices interrupt with questions as the mood strikes them. Typically, this is where the justices ask for further explanations of the arguments in the brief, generally about things that seem not to make sense or could use further clarification. Sometimes, justices will ask questions that draw better arguments out of a party, so as to convince other justices around to their way of thinking.

A justice would never ask, "Well, I'm going to rule this way; what do you think," because that's not the appropriate language for the Court; you're confusing a peer-to-peer relationship with one that is decidedly not. The attorneys for the parties aren't peers of the justices, and the amici aren't peers of the justices. Your role as party or amici is to provide the justice with the information the justice wants in order to come to a conclusion. However, justices will ask questions to get at facts they need, and a skilled lawyer will be able to figure out where a justice is headed from a question, and explain why that reasoning is good or bad.

It's all well and good to have a layman's critique of the system, but it would help if the layman wasn't basing his opinions on completely irrelevant experiences and actually knew something about the system he was critiquing. Hell, even a quick Wikipedia search would have prevented basic misunderstandings about the nature of the court: http://en.wikipedia.org/wiki/Supreme_Court_of_Virginia [wikipedia.org]

Re:You might want to stick with what you know (0)

Anonymous Coward | more than 5 years ago | (#25220951)

A justice would never ask, "Well, I'm going to rule this way; what do you think," because that's not the appropriate language for the Court; you're confusing a peer-to-peer relationship with one that is decidedly not.

Since that's the same thing that the summary says, I don't think he's the one that's confused. If you read that badly I don't think I would want you for a lawyer.

Re:You might want to stick with what you know (1)

KiahZero (610862) | more than 5 years ago | (#25221011)

But the mistakes in the ruling would have been caught if the judge had just showed a draft to an Internet guru and said, "Hey, can you check if there's anything wrong here?" I know, I know, that's "just not done" (and there are probably formal rules in most states against showing a draft of a ruling to a third party before publishing it, even if the third party reviewer is sworn to secrecy, as they should be). But there's nothing stopping the judge from asking a technical expert during the trial, "It seems to me that the only way to publish anonymously on the Internet would be to use forged headers in e-mail. Can you tell me if that's right before I go too far down that line of reasoning?"

Re:You might want to stick with what you know (0)

Anonymous Coward | more than 5 years ago | (#25222109)

I have an idea, why don't you save us all and just die in a fire.

Not too surprising... (0)

Anonymous Coward | more than 5 years ago | (#25220607)

You take a bunch of old lawyers that have no concept of how technology works, mix in some ego, and have them make decisions on it. It's only going to be right by accident.

Re:Not too surprising... (0)

Anonymous Coward | more than 5 years ago | (#25220925)

You take a bunch of old lawyers that have no concept of how technology works, mix in some ego, and have them make decisions on it. It's only going to be right by accident.

You just described Congress.

Not Quite wrong (1)

TotalRebel (638110) | more than 5 years ago | (#25220617)

IP and MAC address can be spoofed, so that the ISP will not know the true address and location of the originating client endpoint. Also if WiFi is used, then it becomes easier to hide the true endpoint from the ISP and mail server.

What Courts Know (4, Interesting)

ari_j (90255) | more than 5 years ago | (#25220633)

A court is generally not supposed to know anything that's not brought to its attention in the case, other than legal issues which the court is supposed to know all about. If a court issues an opinion in which it is wrong about how e-mail and IP addresses work, that is simply because one of the following things went wrong:

  • The court took judicial notice of something that is at odds with reality (this would be extremely rare, as what courts can take judicial notice of is very limited in scope; also, one of the attorneys would normally have had to ask the court to take such judicial notice, although it could do so sua sponte)
  • One of the lawyers argued the issue and got it wrong, and the other lawyer(s) failed to point out the error
  • Evidence supporting the wrong finding was presented by an incompetent expert witness
  • The finder of fact at trial (jury or judge, depending on the specific case) interpreted the evidence wrong
  • The appellate court decided that the finder of fact at trial interpreted the evidence so horrendously wrong as to justify overturning the factual decision and coming up with the wrong answer in the process

On technical matters, when a court gets it wrong it is usually not the court's fault.

The best way I've seen to sum this up... (2, Interesting)

Arrogant-Bastard (141720) | more than 5 years ago | (#25220697)

"Spam and other forms of abuse are not speech, just as a brick with an attached note thrown through a window is not publication." If that's correct, then the 1st Amend. doesn't apply and the whole argument can be tossed.

Re:The best way I've seen to sum this up... (1)

stubob (204064) | more than 5 years ago | (#25221415)

Throwing it through a window means destruction of property. Maybe we can charge them with littering?

Correct by Definition (3, Informative)

John Hasler (414242) | more than 5 years ago | (#25220701)

> The first 20 pages of the decision, which are all about legal standing, jurisdiction,
> and overbreadth, made my eyes glaze over.

So legal stuff makes your eyes glaze over and yet you are going to give us your legal opinion. Right.

> I'm not analyzing those at all except to point out that on most of those issues, the
> lower court came to exactly the opposite conclusion from that of the Virginia Supreme
> Court, and there is no reason to think that the higher court is any more likely to be
> "The first 20 pages of the decision, which are all about legal standing, jurisdiction, and overbreadth, made my eyes glaze over. I'm not analyzing those at all except to point out that on most of those issues, the lower court came to exactly the opposite conclusion from that of the Virginia Supreme Court, and there is no reason to think that the higher court is any more likely to be "correct" than the lower court (even granting the assumption that there is an objectively "correct" answer to these questions). correct" than the lower court (even granting the assumption that there is an
> objectively "correct" answer to these questions).

The Virginia Supreme Court is the ultimate authority on matters of Virginia state law. Where Virginia state law is concerned what the Virginia Supreme Court says is "objectively correct".

If the court had upheld the conviction then the defendant could appeal to Federal court on the grounds that the law violates the First Amendment. However, since the court overturned the conviction the state has no grounds for an appeal to Federal court because there is no Federal question.

I agree that there may be flaws in the court's reasoning, but the nearest thing to an appeal is for the state to ask the Virginia Supreme Court to re-hear the case.

Re:Correct by Definition (1)

KiahZero (610862) | more than 5 years ago | (#25220883)

VA could also appeal to the USSC, since the decision was based on an interpretation of the First Amendment.

speaking of anonymous emails (1)

Liath (950770) | more than 5 years ago | (#25220719)

did anyone else wake up to 26,300 or so emails from false IP addresses in Stafford County, VA?

appeal (1)

PMuse (320639) | more than 5 years ago | (#25220813)

. . . which may enable the state to win on appeal.

What appeal? Think the US Supreme Court is going to take this case? Possible, but unlikely.

Impossible to defend? (2, Insightful)

Schraegstrichpunkt (931443) | more than 5 years ago | (#25220987)

But it's impossible to defend what the court says next:

As shown by the record, because e-mail transmission protocol requires entry of an IP address and domain name for the sender, the only way such a speaker can publish an anonymous e-mail is to enter a false IP address or domain name. Therefore... registered IP addresses and domain names discoverable through searchable data bases and registration documents "necessarily result[] in a surrender of [the speaker's] anonymity."

Impossible to defend? Just watch me.

You're overlooking a perfectly reasonable generalization that the judge is making. The IPv4 packet headers and the email headers, to the judge, are one and the same: Both can be used (indirectly) to identify the sender of the email, and both need to be "forged" in order to send anonymous email.

Keep in mind that tunnelling your packets through a proxy effectively "forges" the IPv4 source address, since the communication is actually originating at your computer, but on the receiving end, it shows up as being from the proxy, even though the communication actually originated elsewhere.

The judge was right to point out that you can't communicate on the Internet without including some kind of "sender address", and this address needs to be forged in order to use the Internet to communicate anonymously. As far as his argument is concerned, it doesn't matter whether the headers you're forging are specified in RFC 791 or in RFC 822.

Armchair Quarterbacking (1)

Valdrax (32670) | more than 5 years ago | (#25221027)

The first 20 pages of the decision, which are all about legal standing, jurisdiction, and overbreadth, made my eyes glaze over. I'm not analyzing those at all except to point out that on most of those issues, the lower court came to exactly the opposite conclusion from that of the Virginia Supreme Court, and there is no reason to think that the higher court is any more likely to be "correct" than the lower court (even granting the assumption that there is an objectively "correct" answer to these questions). Any time you feel intimidated by "experts", it's helpful to step back and ask whether the alleged experts even agree with each other.

Well this quote really gets the article started off with a bang. First of all, the expertise of a trial court and a state supreme court should not be presumed to be equal. A trial court judge could be as fresh as the day is young, but a supreme court justice there has to be elected by the legislature and has to go through a vetting process that favors experience.

This sort of "all experts are equal" attitude confuses issues like global warming, where there are clearly people more knowledgeable about a subject than others, but the public is tricked into believing that "balance" demands we treat anyone with an opinion as equal to anyone else.

Now, there are two possible definitions of "anonymity" to consider: (1) you can be anonymous to the extent that ordinary citizens reading your content cannot determine your identity without a subpoena; or (2) you can be anonymous to the extent that even the government, armed with subpoenas and wiretaps, can never find out who you are.

For purposes of government action against citizens violating the law, the latter is the only one that matters. (Well, that plus what the government can't find out without violating the 4th Amendment.) The former is of little relevance. The courts shouldn't rest all First Amendment protections on whether or not the average person can figure out how you are instead of the bodies entrusted with the duty to enforce the laws against you. Otherwise, anonymity would be meaningless in a legal sense except as an excuse to provide a mirage of privacy for citizens.

But there are even ways to be anonymous in the second sense -- such that not even the government could identify you -- without resorting to forged e-mail headers. You can create Hotmail and Gmail accounts without giving the providers any of your true information.

Courts generally will not favor solutions that revolve around you fraudulently entering into an agreement with email service providers who require you to provide accurate information when signing up and agreeing to their service contracts.

Furthermore, you always have to give an email address for confirmation when signing up for such services, and eventually if you peel back enough layers of registration, the courts can find out an account where you had to give real information to someone (whoever you pay for your initial email account), so this is no guarantee of privacy at all.

In all of these cases, the receiving mail server can see the IP address of the sending machine, so a government subpoena would usually be enough to determine the sender's identity. (I know you all know this, but I have delusions that some helpful clerk will print out this article and explain this to the judge.)

Didn't you just completely defeat this argument by mentioning the use of Tor a few paragraphs above?

Also, while the court is interested in protecting legitimate political or commercial speech (and thus speech not made by illegal activities), most spammers "fake" IP addresses by sending mail from virus hijacked machines, so a government subpoena is useless to find their identity in the case of a real spammer.

It would presumably be unconstitutional for an anti-spam law to prohibit anonymous political e-mails which attempted to hide the sender's identity -- that is after all what "anonymous" means!

Not necessarily. Trespass to chattels and the old, common law maxim that "a man's home is his castle" provide some potential support for banning this sort of behavior, in my opinion. Your free speech rights include the right to protest on the street in front of my house, but not in my living room. Caselaw on this matter is in flux right now. The CA case Intel v. Hamidi accepted the notion of trespass to chattels for this purpose at the lower court level but eventually rejected it in the CA SC due to a failure to show any harm to the servers and due to a blanket bans on communication through Intel's servers to people willing and unwilling to listen being untenable under the 1st Amendment (but still opening the door to enforcing action on behalf of just the unwilling recipients). (Full PDF decision here [ca.gov] .)

But the mistakes in the ruling would have been caught if the judge had just showed a draft to an Internet guru and said, "Hey, can you check if there's anything wrong here?"

Are you assuming that no expert witnesses were present for the trial? That seems like it would be almost legal malpractice for either side to have not presented expert testimony on the matter. The only "howler" in this decision that you've cited is a minor misstatement of how IP address and domain can lead to *someone's* identity (not necessarily yours when faked) and a differing (wrong) opinion on your part about privacy as a legally protected concept.

Your entire argument rests on that legally fallacious concept of privacy -- that privacy against the government isn't what's important here. For purposes of the courts and of protecting the people against legislation that potentially impinges on Free Speech rights, that's ALL that matters.

In other words, this whole article is an impressive waste of verbiage.

Lawyers' fault for not explaining it to them (0)

Anonymous Coward | more than 5 years ago | (#25221107)

Not trying to be an armchair-attorney here, but I don't think people arguing in front of a state (or federal for that matter) Supreme Court should expect the justices to know anything about how the Internet works. The attorneys making the case should have made it clear to them and if they deliberate with the wrong assumptions you're either making a bad case or your opponent makes a convincing lie.

But again, "IANAL but I play one on /." applies.

Dude... (0, Offtopic)

sydneyfong (410107) | more than 5 years ago | (#25221197)

Seriously, you really have no clue what you are talking about.

I don't know where to start.

Here's what I have to say. You don't nitpick on a few lines in a long judgment and claim the decision is bad just because of that few lines.

It's like if I found a typo in your post and claimed it was all bullsh!t. Worse, I said it was boring and I only noticed the typo.

The rant is understandable, since somehow the law eludes many (although personally with hindsight it's not that hard to get), and most people don't know how their legal system works, but I really can't imagine this getting through the slashdot filter and posted. Yes, even by slashdot standards. (Yes Taco I'm talking about you)

Re:Dude... (1)

PPH (736903) | more than 5 years ago | (#25221895)

It's like if I found a typo in your post and claimed it was all bullsh!t. Worse, I said it was boring and I only noticed the typo.

Dude! You finally 'get' Slashdot!

Um, wow ... (1)

gstoddart (321705) | more than 5 years ago | (#25221339)

The two basic errors are: concluding that anonymous speech on the Internet requires forged headers or other falsified information (and therefore that a ban on forged headers is an unconstitutional ban on anonymous speech)

Cool, so does that mean fake ID is constitutionally protected so that I can preserve my anonymity when doing things in public?

Sometimes (well, quite often actually) judges rule on technology issues without really having nearly enough understanding of the underlying issues and what it means. It's amazing how a poorly misunderstood bit of technology can lead to a ruling which has absolutely no relation to how reality works.

And, just because you have the right to free speech, doesn't mean that I'm required to actually listen to you. Decreeing that allowing forged headers in order to allow the special case of some religious or political nut screaming in my ear is ludicrous. Your freedom to speak does not confer an obligation on me to listen.

Someone should start spamming this guy with several thousand emails with forged headers expounding the virtues of the Flying Spaghetti Monster, or calling him at home with forged caller id telling him to vote for the Nut Job Party so he can see the flaw in his reasoning.

If the analog is a phone call, you don't have the right to anonymously phone me over and over.

Cheers

Maybe I missed something (1)

MrSmith0011000100110 (1344879) | more than 5 years ago | (#25221375)

So SPAM is different from anonymous random cold-calling that we can easily defer from by adding our phone numbers on the DNC list. Oh that's right, email isn't REAL, so it doesn't count the same way. SPAM as a statistic is 90% of all email traffic and yet it's not a problem. Do these judges not have/use email? Are they all so old and their ways old-fashioned that they don't see our inboxes stuffed with crap to the point where we have to pay for hardware(enterprise) or software(home) solution to end the SPAM madness? Legally and any other way I believe SPAM is wrong. The fact that a judge/judges that clearly has no understanding of the subject matter could rule one way or the other is and should be a case of malpractice. We are granted the right to a jury of our peers(despite what we really get) so why can't the judge be held to the same? If I ever went to could a la Terry Childs, I'd hope to have at least a few IT people on the jury. I know if it was a jury of CEO's I'd fry for such an infraction. In summation Judges + Technology = bad decision.

Magical little link? (0)

Anonymous Coward | more than 5 years ago | (#25221475)

OMG! Ponies!!!

You are barking up the wrong tree... (1)

spiritraveller (641174) | more than 5 years ago | (#25221801)

The submitter complains about factual issues, but appellate courts do not determine factual issues. Trial courts do. Before the case reached the VA Supreme Court (an appellate court), the trial court already made its findings of fact. The appellate court can only address the factual conclusions of the lower court if the lower court made a clear error in its analysis of the factual evidence presented. As the VA Supreme Court makes clear, it is analyising what is "shown by the record," not making its own declaration of how the internet works.

In order to know whether the VA Supreme Court should have overturned the lower court's findings, you would have to review the record on file with the court and read the testimony of the various expert witnesses that the parties called to testify. If there was no testimony at all to support the court's factual findings, then the VA Supreme Court could have overturned those factual findings, but only if there was no evidence or testimony to support the finding. If there is any evidence to support the trial court's factual findings, the appellate court has no choice but to go with them.

Courts make factual findings based on the evidence presented to them. Anything that is not obvious to pretty much everybody (I am paraphrasing the law here.) must be proven through evidence (including testimony of expert witnesses).

See here [wikipedia.org] for more info.

As discussed on Groklaw... (1)

gnasher719 (869701) | more than 5 years ago | (#25221849)

This has actually been discussed on Groklaw to the end.

The situation is actually quite simple: The good lawmakers of Virginia passed a law that prevents _anybody_ from using forged headers etc. etc. , including good folks who need anonymity for good reasons protected by the US constitution. Therefore, the law as it stands is illegal. Now a judge _can_ decide that a law is unconstitutional and therefore cannot be used in any court case; a judge can _not_ decide how to fix this law. Therefore it _must_ go back to the lawmakers who have to fix it; as long as it isn't fixed, it cannot be used to convict any spammers.

The article comes up with all these arguments why the court decision is wrong. What he ignores is that the judge doesn't have the power to do that analysis. The only thing the judge can do is to say that the law is constitutional or not. The article claims that there are methods others than those disallowed by the law that make anonymous free speech possible. But that is not for the judge to decide. The law clearly restricts free speech that is protected by the US constitution (while also correctly restricting the rights of spammers to their "speech"), and that is not allowed.

Bit like EA (1)

word_virus (838778) | more than 5 years ago | (#25222125)

Virginia law is definitely of the "release it now and patch it later" variety. We're a bit like EA that way....
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...