IETF Logo Mail Archive

Re: [hrpc] FCC's new Internet regulatory gambit and human rights

Adrian Gropper <agropper@healthurl.com> Thu, 28 March 2024 17:29 UTC

Return-Path: <agropper@gmail.com>
X-Original-To: hrpc@ietfa.amsl.com
Delivered-To: hrpc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5CB0C14F609 for <hrpc@ietfa.amsl.com>; Thu, 28 Mar 2024 10:29:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.644
X-Spam-Level:
X-Spam-Status: No, score=-1.644 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id grY1CviVbhFX for <hrpc@ietfa.amsl.com>; Thu, 28 Mar 2024 10:29:08 -0700 (PDT)
Received: from mail-yb1-f175.google.com (mail-yb1-f175.google.com [209.85.219.175]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DC265C14F60A for <hrpc@irtf.org>; Thu, 28 Mar 2024 10:29:08 -0700 (PDT)
Received: by mail-yb1-f175.google.com with SMTP id 3f1490d57ef6-dc6d9a8815fso1259566276.3 for <hrpc@irtf.org>; Thu, 28 Mar 2024 10:29:08 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711646948; x=1712251748; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Ijh+6mstgM6gJNLDRdJ/QWTwl/X4iV0yeyjny1d0lIg=; b=SMG4g3WlnlfMoJ4Y3iWyoL75bhzrAbrpjaEgYvy7MvyqOkG1awO46ZG1L+jlb6INyO v/dWr5biypqaYS1ucRHtdsgHfqUgl2YhRN8f/SfcLFimNIS3JPX7pGPXzzjCnZyBquHJ VLdUZzY9Mxh2lUnhHaH64Ua20jcQkuVXZ02hx5KILAsBwUnsUOsEsSHGKTm8sFJ3ldwb 2zQqbGmGV+hw8V2o0Ugmgo1zx5Ozxl3JgGHtkZnskyhNe8sTV0RG+y1hHHALtb/4yDPP /5tKSqcFOGcftHpFYlvb0WdSvw7E+3w//3c71LDmMfbNMfDPu2KTY0Srdl8Lonbl+64G uy5A==
X-Forwarded-Encrypted: i=1; AJvYcCW1fu2T2XlcYMMx2eSdYYK+PKFgLErjD0dccSm8x7pjip4SCQSmEY7YQ16YlUslIo5LyQiS/ROwZ0AU/WVL
X-Gm-Message-State: AOJu0Yz3d6gu5trxcP73hkw+s+tgLFdD9VX35VP7bOC3PGFCJrBXYbLs CfQG5XdzNWK1yzDozaOIjHIhbIut+N/SrPVnpfCc1UNcgqffyntNoJBtBkqFSdWDoGj+Tk9lq5W Z1D77bWCNZiVeYJhVTBUxgSXhnag=
X-Google-Smtp-Source: AGHT+IG9cB8dSIqnTyrVeuJCvRbOeZc7sk7PtXydA4zknezMvJwByxbEE4c6LmWSHvnu7ddr4IvuXPGgar77nfous8Q=
X-Received: by 2002:a25:4605:0:b0:dca:c369:fac2 with SMTP id t5-20020a254605000000b00dcac369fac2mr3506725yba.3.1711646947852; Thu, 28 Mar 2024 10:29:07 -0700 (PDT)
MIME-Version: 1.0
References: <659E347E-B474-4CD7-A41E-394BC5B99285@mnot.net> <110ee2ad-fbd4-4917-9464-4fd3e0511d6e@andersdotter.cc> <D216AB41-DE37-4747-A5B1-33B70C121F78@mnot.net> <4ed43236-6061-4d57-aa26-fc9e8b13d499@andersdotter.cc> <CABcZeBMZy0jVDpJpG_vo6DY0KvVN22+GKCyNOPf+0O3NJCU9Sg@mail.gmail.com> <333c35f8-ec94-4cd9-a201-e4e223baf664@andersdotter.cc> <CAGVFjM+=nk+WDy1oPHfr0dK5z7ppEdXbebHSwa06tJRiZLEGhg@mail.gmail.com> <38f5d8a0-86c9-4e26-a75d-0c37615597dc@andersdotter.cc> <9346223d-d0b7-487b-a566-c6464aa31a07@gmail.com> <1633729151.141406.1711637681285@appsuite-gw2.open-xchange.com> <DED82366-57B0-4B66-B8B6-F6707F7EB371@pch.net> <c0fbc15d-08e7-48a0-9c8f-2565aae37110@netmagic.com>
In-Reply-To: <c0fbc15d-08e7-48a0-9c8f-2565aae37110@netmagic.com>
From: Adrian Gropper <agropper@healthurl.com>
Date: Thu, 28 Mar 2024 13:28:56 -0400
Message-ID: <CANYRo8gLmfCBov5oD1w_QLwY9EBzcdK0vwfWZGE-3WjCzXaSkQ@mail.gmail.com>
To: trutkowski@netmagic.com
Cc: Bill Woodcock <woody@pch.net>, Vittorio Bertola <vittorio.bertola=40open-xchange.com@dmarc.ietf.org>, rutkowski.tony@gmail.com, hrpc@irtf.org
Content-Type: multipart/alternative; boundary="0000000000004ecbb20614bbdc7c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/hrpc/480PZq0KQnJzMQewL6nzudZ3AQ0>
Subject: Re: [hrpc] FCC's new Internet regulatory gambit and human rights
X-BeenThere: hrpc@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: hrpc discussion list <hrpc.irtf.org>
List-Unsubscribe: <https://mailman.irtf.org/mailman/options/hrpc>, <mailto:hrpc-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hrpc/>
List-Post: <mailto:hrpc@irtf.org>
List-Help: <mailto:hrpc-request@irtf.org?subject=help>
List-Subscribe: <https://mailman.irtf.org/mailman/listinfo/hrpc>, <mailto:hrpc-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2024 17:29:12 -0000

Software regulation could be done in various ways.

Software needs to be hosted by an entity or self-hosted. Most of the hosts
are large corporations that can be regulated to act as App Platforms and
issue "black box warnings" when the commit hash of open source software is
not certified by some third party they recognize. This could apply to
manufacturers of things as well as cloud hosts. This would decouple the job
of certification from the open source community itself.

US healthcare regs do a version of this. The patient has a "right of
access" to their own data and can bring a client they compile from source.
The resource serving institution, typically a hospital, may not trust the
signature associated with the client but all they can do is issue a black
box warning to the patient that brings the client.

Adrian





On Thu, Mar 28, 2024 at 11:39 AM Tony Rutkowski <
trutkowski.netmagic@gmail.com> wrote:

> Bill,
>
> It is not just the "smug Eurocrats."  It appears obvious that the
> equally smug FCC-crats have been working closely with the Eurocrats, and
> in some respects, the FCC provisions are even more onerous and expansive
> that Europe's.  The FCC-crats also appear to be attempting to make its
> "voluntary" scheme effectively mandatory by hitching a ride on the
> mandatory EU regulations via a mutual recognition agreement.
>
> --tony r
>
> On 3/28/2024 11:12 AM, Bill Woodcock wrote:
> >> On Mar 28, 2024, at 15:54, Vittorio Bertola <vittorio.bertola=
> 40open-xchange.com@dmarc.ietf.org> wrote:
> >> The risk of underfunded, volunteer-based software projects used at
> large scale is just not socially bearable any more, they think; someone
> must take liability for their security, which needs to be based on some
> kind of standard practices.
> > My prediction: If this actually goes where the smug Eurocrats intend,
> they will congratulate themselves for having solved the problem.
> Meanwhile, productive European open-source authors will no longer be able
> to afford the liability of doing what they do, and will either have to
> stop, or publish from legal entities in the US, where nobody ever has to
> answer for bad software, ever.  Because, you know, then Google and
> Microsoft and Facebook would face liability, and the USG exists to prevent
> that.
> >
> >                                  -Bill
> >
> >
> > _______________________________________________
> > hrpc mailing list
> > hrpc@irtf.org
> > https://mailman.irtf.org/mailman/listinfo/hrpc
>
> _______________________________________________
> hrpc mailing list
> hrpc@irtf.org
> https://mailman.irtf.org/mailman/listinfo/hrpc
>

v2.23.0 | Report a Bug | By Email