Notification and Takedownfrom an ISP standpoint

Mariano CuniettiCTO, Enter Srl, Milano

mcunietti@enter.it@mcunietti

ECTA Conference Brussels, 26 November 2012

Enter Srl

• Enter is an ISP operating in Italy and it is a member of AIIP, the Italian ISP association

• Business consists in infrastructure services for enterprises (access, hosting, cloud, telephony)

• Investments were done in developing proprietary access networks (ULL, Metroethernet), datacenter, cloud infrastructure (OpenStack)

• Innovative products are related to connectivity (Metroethernet) and cloud computing (www.cloudup.it)

Agenda

• Police Notice and Takedown requests

• Blocking technologies• Collateral damages• Suggestions for future approach

Police Takedown Request - Reasons

• Illegal offer of goods and services (e.g. illegal arms, fake medicines, unauthorized gambling services etc.).

• Illegal promotion of goods and services.• Content facilitating phishing, pharming or hacking.• Infringements of copyright and related rights, trademarks• Infringement of consumer protection rules.• Incitement to hatred or violence (on the basis of race,

religion, gender, sexual orientation etc.)• Child abuse content• Terrorism related content (e.g. content inciting the

commitment of terrorist offences and training material)• Defamation• Privacy infringements (Spamming included)

Police Takedown Request - Form

• "In the scope of this criminal prosecution, please proceed immediately to the preventive seizure of this site by prohibiting access from Italy to the site [www.]domain.com[/page] with IP 111.222.333.444 both via DNS and IP blocking.

• Blocking shall be extended to related aliases linking to this site in the present and future, to IP address[es] actually bound to the aforementioned domain name[s] and any other additional statical IP address should be bound to, in the present and future.

• You are strongly invited to forward this request to any other provider may be part of the same company group your company is member of.”

DNS Blocking

IP Blocking

Collateral damages

• DNS blocking is easily worked around by users• IP blocking can be worked around by offenders• URL filtering has “A-B-Normal” impacts on

privacy, costs, operations• Taking down entire domains or IPs means

shutting down also legal services or websites.

• Tracking down future DNS and IP aliases is a police task requested to ISPs

Suggested approach

• Address the takedown N&A to the source: the hoster. One action rules them all.

• Define standard police procedures to request takedown actions. Train police to use them.

• Establish a single european and international point of contact for police requests to hosters

Questions?