|
|
|
| |
|
|
| ||
|
|
|||
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
||||||||||
 |
|
14 Aug 94Draft Draft Draft Draft Draft v0.1GUIDELINES FOR CONDUCT ON AND USE OF INTERNETVint CerfPresident, Internet SocietyINTRODUCTIONThis document is an attempt to characterize various constructive models of Internet conduct both by those who use the system and by those who provide its services. It is written from the perspective that, taken as a whole, the Internet is a global and shared infrastructure whose utility is, in part, a function of the ability of contituents to cooperate. In particular, the conclusion should be noted that users need to cooperate with users, service providers with other service providers and users and service providers with one another.The use of the term "infrastructure" is very deliberate here. Although still modest in scale compared to the global telephone system and far less pervasive that national road systems, the Internet has reached the point where it can be reasonably characterized as an infrastructure upon which vital activities are now dependent. A significant part of the R&D; community is very dependent on the daily and reliable operation of the Internet and various business and government enterprises are becoming more so. The general public is only just beginning to discover and explore the potential of this mode of telecommunication. As is true of many other kinds of infrastructure, users and service providers commingle in complex ways. There are some parallels with the road system. There are privately owned roads and driveways which interlink with public thoroughfares and highways. Vehicles are owned and operated by all sectors. In the Internet, users own computers and local networks and routers (or, at least, the user's institutions own these assets). Service providers own or lease switching equipment and telecommunications facilities. Private and public network operators must cooperate and users often also serve as information suppliers by operating anonymous FTP archives, Web servers, gopher servers, email distribution lists, and so on. The collection of users and service providers affect one another in complex ways and it is partly because of these interactions that commonly-held codes of conduct are important to develop and to observe. As any system approaches infrastructual proportions, concern for public well-being is a natural development. The Internet already touches such a large community that concerns over privacy, security, treatment of intellectual property and various kinds of torts (harmful, damaging incidents) have been raised in legislative bodies. The Internet community can contribute to informed discussion on these matters through production of documents such as this one. Without informed debate, there is always the possibility that laws will be created which are inimical to achieving the potential benefits of a global information infrastructure. This paper makes the assumption that there are only three ways to influence behavior: technical constraints, legal constraints and moral constraints. Technology can be used to limit the scope of behavior and where that fails, legal remedies may be sought. Ultimately, appeal may be made to moral principles. In reality, all of these tools are commonly applied to channel behavioral choices.
HISTORYIn the earliest days of Internet development, starting roughly in 1973, the activity was essentially part of a research program sponsored by the US Defense Advanced Research Projects Agency (ARPA). The ARPANET was the principal backbone of the system and local host and network systems were owned and operated by university research groups and various industrial research organizations. In 1975, ARPA turned the ARPANET over to the Defense Communications Agency to operate. The system was used only for research and for unclassified defense applications. Until about 1981, the use of the Internet was constrained by rules set forth by ARPA and DCA and locally augmented by rules of use on university campuses and within the research organizations involved. Around 1981, other agencies became interested in the use of the ARPANET and, in particular, the National Science Foundation (NSF) began its Computer Science Network (CSNET) effort which used TCP/IP to link universities to ARPANET by gateways between the ARPANET and public X.25 networks, as well as putting some universities up directly on ARPANET and others on a telephone dial-up system called PHONENET (for email exchange). By the mid-1980s, a number of agencies in the US and in other countries began to make use of Internet. In 1986, for example, the NSF initiated its NSFNET program to link supercomputer centers to each other and to the rest of the Internet. Until 1988, essentially all guidance concerning the use of the Internet was governed by policies set by research agencies and universities involved, around the world. Each network component might have local rules in addition to the general "use only for Research and Education" guidance.Thus from 1969, when ARPANET was started, to about 1988, the general rules were that the Internet should only be used for research and education. In particular, no commercial uses were permitted and not advertising was allowed on mailing lists, nor job solicitations. These rules were largely based on the premise that the facilities had been created for research and educational use and paid for by various agencies of government. If a local net, paid for by the local organization, had multiple uses, some of which were not research and education, it was up to the local organization to assure that the government-provided resources were not abused. In 1988, the predecessor to the US Federal Networking Council was approached with a proposal to interconnect MCI Mail with the Internet on an experimental basis on the theory that increasing the connectivity of the Internet to other email systems would result in a net benefit for everyone. This proposal was accepted with some provisions limiting charging and also prohibiting use of Internet for carrying email between commercial service providers. Very quickly, public commercial email service providers linked their systems to the Internet. This changed the policy for Internet usage at least insofar as permitting commercial users to interact with Internet users. The NSFNET backbone still had important usage restrictions associated with it and this created some confusion because it was not always possible to know whether traffic was routed over the backbone or over other alternatives (such as the Commercial Internet Exchange). By 1990, the ARPANET had been retired and the NSFNET picked up the burden of major backbone support. In the meantime, increasing numbers of non-research users and organizations were connecting to the Internet by way of various service providers, some of which were for-profit. It was around this time that the Federal Networking Council was asked to approve interconnection of commercial information services to the Internet on the theory that legitimate research and educational users had need for access to such services. Plainly, the usage profile for the system was relaxing towards relatively unrestricted applications. In November, 1988, Robert T. Morris released a "worm" program into the Internet which affected several thousand UNIX hosts and caused a major flap in the press - raising the Internet to public awareness for the first time. The ensuing debates and legal proceedings brought forward a spate of Internet Codes of Conduct developed by EDUCOM, the Internet Activities Board, Association for Computer Machinery and others [references?]. Even 6 years ago, the Internet was still regarded as a largely research-oriented system with resources that had to be protected and treated as a privilege to access. The various offerings were still largely cast in terms of protecting shared research resources. As we approach the middle of the last decade of the 20th Century, things have changed and are changing. The Internet is becoming the first step towards global information infrastructure and our views of its use and abuse need to grow and change along with it.
TAXONOMYIn order to focus on specific aspects of Internet conduct, it may be helpful to divide the constituents into various classes. This is almost always a controversial enterprise and the purpose will be defeated if it leads to endless refinement of the classification. My intent here is simply to break the universe of discourse into parts, first to approach things in smaller pieces and second to make sure all aspects are somehow covered. Since any given organization or individual can play many roles, the taxonomy is intended to refer to role classes and not intended to bind any individual or institution to any single role.Roughly, one can parse the community into users, network service providers and application service providers. One might also distinguish research and education from other uses but I am going to ignore that distinction for the present in the hope it won't prove useful. Network service providers range from private network operators (e.g. campus network) to public, for-profit network service providers (e.g. CERFNet :-). Application service providers may be for-profit information services (e.g. Dow-Jones News Retrieval) or non-profits (e.g. Research Libraries Group) or government agencies (e.g. National Library of Medicine) and even individuals (e.g. Bulletin Board Systems on the Internet).
GUIDELINES AND POLICIESIt is no longer adequate to base guidelines for conduct purely on the basis of who pays for the underlying network or computer systems resources. Even if that was once sensible, the diversity of constituents of the Internet makes it a poor basis for formulating policy. Thus, guidelines for conduct have to be constructed and motivated in part on the basis of self-interest. Many of the suggestions below are based on the theory that enlighted self-interest can inform and influence choices of behavior.[What follows is an unordered sampling of ideas to be refined, augmented, discarded in the ensuing discussions].
USER CONDUCT1. Mailing Lists, newsgroups, and bulletin boardsMailing lists are like common property in information space. Often such lists are set up by mutual agreement among the list members and dedicated to a particular purpose. In the USENET, for example, newsgroup formation involves a democratic decision process since carrying of newsgroups consumes communal resources. Users participating in these common, quasi-public forums should:
2. AdvertisingAdvertising is permitted and even encouraged on the Internet but advertisers are advised to give thought to how the Internet resources can best be applied for this purpose. Much of the flaming about use of the Internet for promotional information and solicitation has been based on the false premise that it is "illegal" to use the Internet for such purposes. As the history section attempts to say, this constraint has largely evaporated since 1988 as policies supporting much broader use began to evolve. Nonetheless, sensible advertisers will be sensitive to the way in which their information is received by potential clients, so as to maximize positive gains. Advertisers should:
3. MBONEThe multicast backbone is still very much an experiment. Not all of the Internet has the same capacity, so conduct of mbone transmissions can be very demanding, especially on links of the underlying network that are narrow in scope. MBONE use should be coordinated ahead of time with [well, who is the current coordinator? coordinators?].4. PrivacyPersonal privacy should be respected. Internauts should not engage in practices which invade the personal privacy of other Internet users. Forwarding email without permission, deliberate system break-ins and so on are considered outside the community norms.5. SecurityComputer networks and the host systems on them are not uniformly protected. Personal computers and laptops are often entirely unprotected. System break-ins or aiding others to break into systems should be considered outside the community norms. Obtaining of passwords or other access information by fraudulent means should be outside the community norms. Because others may be affected by the loss of security on a particular user's system, every effort should be made to use non-repeatable passwords when possible.6. Intellectual PropertyNotwithstanding the fact that there are laws protecting the acquisition and use of intellectual property, users should refrain from illegally copying or making available copies of protected works.INFORMATION SERVICE PROVIDERS1. Intellectual PropertyInformation service providers have an obligation to protect intellectual property or, at least, to warn others of its protected status. Service providers should limit opportunities for abusive use of their systems (e.g. eschew anonymous FTP read/write directories). Providers should cooperate with intellectual property owners who have evidence of such abuse and seek to stop it.2. Quality of Information[perhaps something ought to be said about this - or maybe warnings when quality is uncertain?]NETWORK SERVICE PROVIDERS1. Interconnection a high priority[We need for the Internet to stay fully connected if possible]2. Cooperate with each other to assure high quality and reliability of Internet service3. Cooperate with law enforcement agencies in tracking down illegal and abusive users, service providers.[depending on how this is interpreted, I imagine it could be controversial]
4. Truth in advertising rules should apply[There have been some service providers whose advertising is misleading to say the least].
REFERENCES[here I would list other contributions already published]
| ||||||||
|
This document
<http://www.isoc.org/internet/conduct/cerf-Aug-draft.shtml>
|
||||||||||
|
|
|
||||||||
