Benoit, List,
On Fri, 14 Mar 2008, Benoit Panizzon wrote:
So ist this true? Do most of you guys issue warning to your users if you get such messages?
Sure, and as a customer I'd expect from my ISP to do the very same. As long as they just want you to be notified about this incident everything is fine. What you however should underline in your conversation with them is that you have no possibilities to prove or falsify their claim. (this might set you free from any liablity since they can not claim that 'you knew'). Passing the notice to your customer without interacting with the entity that sends you the notice would be the way I'd go. It is of course also important to inform your customer that you can won't verify this claim as it is none of your business as an ISP to check what data your customers are exchanging.
After all it is very likely that your customer doesn't even know about this "problem" as many of those requests i have seen have been for boxes that have been abused by third parties due to security issues for random undesired stuff.
As concerns requests like these in general I stick to the policy "as long as there is no official document like a search warrant i advise the enquiring entity to use the regular correct legal process" if there is such thing like a search warrant i comply politely and do whatever is stated there with caring for the most minimal impact possible.
my experience as netmaster for several isps and the as250.net project showed me that this is some sort of the "golden way" to keep your customers satisfied as well as to comply politely with the law where needed.
kind regards, michael