Welcome to WebmasterWorld Guest from 54.90.204.233

Forum Moderators: LifeinAsia

Message Too Old, No Replies

You have SSL or NAT on your systems? Go to jail, do not collect $200

At least in the state of Michigan as of March 31, 2003

     
3:34 pm on Mar 30, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 10, 2001
posts:731
votes: 0


Following a /. article, after reading the State of Michigan's law Act 328 of 1931, you cannot use SSL, NAT, or VPNs unless you get approval of the Telephone Company:
[michiganlegislature.org...]

Sec. 540c.

(1) A person shall not assemble, develop, manufacture, possess, deliver, offer to deliver, or advertise an unlawful telecommunications access device or assemble, develop, manufacture, possess, deliver, offer to deliver, or advertise a telecommunications device intending to use those devices or to allow the devices to be used to do any of the following or knowing or having reason to know that the devices are intended to be used to do any of the following:
[...]
(c) To receive, disrupt, decrypt, transmit, retransmit, acquire, intercept, or facilitate the receipt, disruption, decryption, transmission, retransmission, acquisition, or interception of any telecommunications service without the express authority or actual consent of the telecommunications service provider.

And to make sure all the vendors are under the hood too:

(3) A person shall not deliver, offer to deliver, or advertise plans, written instructions, or materials for the manufacture, assembly, or development of an unlawful telecommunications access device or for the manufacture, assembly, or development of a telecommunications access device that the person intends to be used or knows or has reason to know will be used or is likely to be used to violate subsection (1). As used in this subsection, “materials” includes any hardware, cables, tools, data, computer software, or other information or equipment used or intended for use in the manufacture, assembly, or development of an unlawful telecommunications access device or a telecommunications access device.

What is the punishment for using SSL on your web site, or VPN connection in Michigan?

[...]guilty of a felony punishable by imprisonment for not more than 4 years or a fine of not more than $2,000.00, or both.

Best part? The law is copyrighted... So no one can use it without referencing them.

© 2003 Legislative Council, State of Michigan

I still think, every time a lawyer passed their bar exam, two must retire.

Let's not even talk about firewalls, Remote Control and Node solutions... Heck if you make a telephone call and don't disclose where you call from you could be violating this law...

4:07 pm on Mar 30, 2003 (gmt 0)

Full Member

10+ Year Member

joined:Oct 22, 2002
posts:260
votes: 0


I'm not a lawyer, but...

unlawful telecommunications access device

...seems to be the key set of words in this little bit of legislation.

Looks to me like, as long as you aren't doing anything illegal, you don't have anything to worry about in the State of Michigan.

<edit>fixed typo.</edit>

4:17 pm on Mar 30, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 10, 2001
posts:731
votes: 0


the problem is with the or between ... access device or for the manufacture,.... This clearly means that one or the other, or both. And the second part of that sentence is simply says ...to be used to do any of the following or knowing or having reason to know that the devices are intended to be used to do any of the following...

With that or in there, only one of the two have to be fulfilled to violate the following list of activities.

Broken into two 'sentences':
A person shall not assemble, develop, manufacture, possess, deliver, offer to deliver, or advertise an unlawful telecommunications access device intending to use those devices or to allow the devices to be used to do any of the following or knowing or having reason to know that the devices are intended to be used to do any of the following

A person shall not assemble, develop, manufacture, possess, deliver, offer to deliver, or advertise a telecommunications device intending to use those devices or to allow the devices to be used to do any of the following or knowing or having reason to know that the devices are intended to be used to do any of the following.

In essence the P(1) covers both illegal an non-illegal devices, by my interpretation.

<edit>Broken instead of Borken</edit>

[edited by: Tapolyai at 4:30 pm (utc) on Mar. 30, 2003]

4:27 pm on Mar 30, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 6, 2002
posts:742
votes: 0


In Texas it's still illegal to carry wire cutters. Goes back to the western days when people would cut other folks fences. Every state has these old laws that are still on the books.
4:31 pm on Mar 30, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 10, 2001
posts:731
votes: 0


This is not an old law MarkHutch. It becomes effective tomorrow!
750.540c.amended THIS AMENDED SECTION IS EFFECTIVE MARCH 31, 2003

[edited by: Tapolyai at 4:31 pm (utc) on Mar. 30, 2003]

4:31 pm on Mar 30, 2003 (gmt 0)

Full Member

10+ Year Member

joined:Oct 22, 2002
posts:260
votes: 0


Seem like an "intent" issue here.

The folks who manufacture WiFi intend for the product to be used legally. However, there are folks who use WiFi to illegally tap into Internet cafe services. I'm thinking those are the folks Michigan are trying to attack and stop.

WiFi can be used legally, and that's the original intent of it. If folks are using it illegally, their doing so intentially and are therefore breaking the law in Michigan.

OTOH, most folks using SSL are doing so for legal purposes (i.e. e-commerce shopping carts). Since they aren't doing anything illegal, Michigan isn't interested in stopping them from conducting their legal business operations.

I don't know anything about NAT or VPNs, so I can't comment on those. <shrug>

4:45 pm on Mar 30, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 6, 2002
posts:742
votes: 0


Sorry. I didn't read the whole thing before I replied. My bad.
6:52 pm on Mar 30, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Aug 10, 2001
posts:1551
votes: 10


As far as I understand the snippets above, they prohibit the following:

- Using telecommunications equipment for unlawful purposes (duh)
- Using telecommunications connections for purposes not explicitly authorized by the provider of those connections (which would equal fraud).
- Enabling others to do one of the above, by means of education, advertizement, equipment manufacture, etc...

I fail to see how this stands against the use of SSL or NAT.
To the best of my knowledge, using SSH and/or NAT as such is not unlawful in the US or in Michigan in particular.
Your ISP explicitly authorizes you to transmit data across your internet access connection to and from any other online systems of your choice. I don't think they have any say about the contents or the format of your data, which means that the use of SSL and NAT would be covered by that authorized purpose.

Or am I missing something fundamental here?