[Imc] IMC Website Abuse policy

Paul Riismandel p-riism at uiuc.edu
Thu Dec 20 05:40:30 UTC 2001 

This is the policy as presented and passed at last Sunday's steering 
meeting, along with some term definitions as requested by Pauline.

If there are no objections, this will be posted to the website by the next 
features update (Monday).

IMC Website Abuse Abatement Policy
Drafted by Mike Lehman, Paul Riismandel, Ellen Knutson and Brian Hagy
Approved by IMC Steering Dec. 17, 2001

As a means of insuring the privacy of U-C IMC website users, the IMC does 
not regularly log the IPs of website users.  On rare occasions specific 
types of abuse of the IMC website may require temporary logging of IP 
address information in order to identify abusers and take steps to end the 
abuse.  These procedures define specifically how this is to be done.

Definition and explanation of terms:
ISP  Internet Service Provider.  This is anyone who provides Internet 
service to consumers, businesses or any user.
IP number  refers to the Internet Protocol address, which is a unique 
number assigned to every computer connected to the Internet.  A computer's 
IP number may be static and unchanging or may be assigned dynamically, 
changing every time that computer connects to the Internet.  Most dial-up 
Internet connections and many broadband connectionssuch as cable or DSLare 
dynamic.  When a computer receives a dynamic IP address it is typically one 
of a bank or range of addresses used by that computer's ISP. Therefore even 
if a user has a different IP every time s/he accesses a website, the users 
ISP can be identified if they're within a certain range.  The ISP can often 
then identify the user from this address.

IP Logging to Address Direct Threats
1.      Direct threats are as defined in the IMC's Website Appropriate Use 
Policy: These constitute direct threats on specific people or small, easily 
identifiable groups of people.
2.      The IMC Steering Group can begin logging IP numbers of website 
users only in the case that  a direct threat to an IMC member, user or 
community member is posted to the IMC website's Newswire.  The purpose of 
logging IP numbers is to identify the threatening poster in the event that 
s/he posts again using the same name or alias.
3.      Perceived instances of direct threats are to be brought to the 
Steering Group, which will decide during a regular meeting if they warrant 
a response under this policy.
4.      Notice of the impending discussion of the issue will be given to 
the IMC membership via the IMC e-mail list at least five days in advance of 
the meeting where the discussion is scheduled.

IP Logging to Address Attacks on the IMC's Server(s)
1.      In a case where the IMC's system administrator(s) believe that a 
denial of service (DoS) attack or other malicious hacking is being done 
against the IMC's Internet servers such that there is a substantial risk 
that the IMC's website and other Internet services will be made unavailable 
to users, the administrator(s) or IMC Tech Group may make an emergency 
determination to identify the source of the attack, so long as notice is 
posted to the IMC e-mail list.  The Steering Group will review this action 
at its next scheduled meeting.

IP Logging Procedures
1.      Website user IPs may only be logged for a maximum of 14 days or 
after the threatening poster has made three additional posts to the IMC 
website, whichever occurs first.
2.      IP logs will be purged automatically in a 6-8 hour cycle, requiring 
that a system administrator or IMC Tech Group member decide to keep a log 
if the threatening poster appears on the IMC website.
3.      The purpose of logging IPs is to establish a pattern of access of 
the threatening poster, so as to determine if s/he is using a static IP 
address, a dynamic address within a range of IPs or an utterly dynamic 
address with no obvious pattern.
4.      Information obtained about a threatening poster will be preserved 
in a confidential and secure manner until the Steering Group authorizes the 
release or use of the information.  Only threatening posters specifically 
identified by the Steering Group may have information gathered about them.
5.      As a threatening poster's IP information is gathered, all other IP 
log information outside of a threatening poster's IP must be purged 
immediately.
6.      Information obtained from logging of IPs may be used as directed by 
the Steering Group.  This may include contacting ISPs regarding possible 
violations of their terms of service by the threatening posters; contacting 
the owner of a computer identified as the source of the posts; or any such 
other measures as may resolve the abuse as authorized by the Steering Group 
following established IMC decision making procedures.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/imc/attachments/20011219/59d2b903/attachment.html>

More information about the IMC mailing list