Civil Liability for System Operators

Civil Liability for System Operators

Civil Liability for System Operators
System operators (SYSOPs) have found themselves in some pretty sticky legal situations the past couple of years, particularly for tortious offenses like copyright infringement, defamation and libel and invasion of privacy. As electronic bulletin board systems (BBS's) have proliferated, so has the likelihood that a system operator will find herself at the receiving end of a civil liability suit for something that either she, or one of her subscribers, has uploaded or downloaded from the BBS. What types of acts will cause liability for the system operator? What can a system operator do to protect themselves?
This paper will offer answers to these questions. The paper will first provide a description of the Internet so that new SYSOPs and other readers will have a strong understanding of the Internet's background. Next it will discuss the similarities and the differences between electronic bulletin board systems and other mediums of communication. Finally, the paper will discuss the different causes of action that a SYSOP may face, including copyright liability, defamation and libel and invasion of privacy. Included in this section will be a discussion of the key cases in these different areas. The paper will conclude with several suggestions for how a SYSOP can avoid (or at least minimize) their liability for these causes of action.
Introduction

Imagine if 10 years ago you fell asleep and you just woke up yesterday. You would probably be shocked at the growth of the personal technology industry. You would find that most of your friends have computers in their homes that can do more than those room filling computers that your remember from 10-15 years ago. At about that same time, the majority of personal computers that were sold, were often used as word processors, in large measure due to the complexity of the software that was available at that time. Now, however, computers can used by the typical, i.e., non-technical, user as more than elaborate typewriters. Today's computers can help even the most computer phobic person reach entire new worlds of information because everything, included the operating system and nearly all software is controlled by graphical user interfaces (GUI's). A GUI makes performing tasks that were tedious in DOS seem like child's play now
because almost all tasks are accomplished by using a mouse to point and click on icons. Prior to GUI's, computer users had to learn text based commands to perform even the most simple operation. For example, printing a paper used to require pressing a series of keys on the keyboard that were proprietary to whatever software package the user had, thus there was very little standardization in the different programs. Now, with the familiar Windows and Windows 95 screens that users have become accustomed to seeing, users need only find the picture of the printer on the screen to print the document that they have created.
Historical Background of the Internet

Anyone who has even a modest personal computer (pc), a regular (analog) phone line, and a modem, can connect to a new world called the Internet (the Net). A brief discussion of the Net's history is appropriate to provide a basic understanding of how it has evolved over the last 30 years. The Internet was created in the 1960's by the Defense Department's Advanced Research Projects Agency. The purpose of the Net was to serve as a data network capable of surviving a nuclear attack. There were two major aims: 1. to allow numerous users to simultaneously send data and 2. to ensure that there was never one central computer running the system. The reasons behind these aims were based on the antagonistic relations between the Communist countries and the United States during the Cold War. The Federal Government believed that if the Soviets bombed Washington, the decentralized system would not be destroyed.
The next phase of development of the Internet came in the 1970's when universities and research centers all over the world were given access. The purpose was to allow for the easy dissemination of information. The system allowed scientists who were across the world from one another to communicate almost immediately via electronic mail. By October 1971, experimenters were "logging" onto each others' sites, a remarkable feat at this time.
During the mid 1980's, the National Science Foundation took control of the Net. They created a network of supercomputer centers that would interconnect with autonomous networks serving different communities of researchers, government agencies, and university campus networks. Thus, the Net had gone public.
In the late 1980's the only way to operate within the Net was to use the fairly complex grammar of the UNIX operating system. However, in the last few years, the introduction of the World Wide Web (Web) has dramatically changed the way people interface with the Net. The Web links pages together with hypertext links. A hypertext link allows the user to input what they are looking for and what returns is the document, not the name of the source. This method of operation required that users know the HyperTextMarkupLanguage in order to effectively use the Web. However, from 1993 to the present time major advancements have taken place as programs called Web Browsers have come into existence. A Web Browser allows users to interface with the Net by pointing and clicking on graphics. This innovation has led to the explosion of the Web (which is only a part of the entire Internet system) and has brought millions of people online.
While the Web is the currently the most significant part of the Internet, it is just that, only a part of it. There are two other significant areas of the Net: newsgroups and electronic mail. A newsgroup (the most common is Usenet) is essentially a non-graphical user interface that allows people to chat about specific areas of interest from the Dallas Cowboys to Debbie Does Dallas. More specifically, a user looks at the Usenet area of interest to them and they will see messages posted from people all around the world. Thus, when an individual posts information (pictures, stories, commentary) to Usenet, potentially millions of others will have access to what they've written. Electronic mail (e-mail) allows people to send electronic messages nearly instantaneously to anyone who has an e-mail address. The primary difference between Usenet and e-mail is that e-mail is essentially like a one on one phone call; there is only one recipient of the mail, it is not available for a wide audience, while on Usenet there is a wide audience.
The Net is a virtual storehouse of information on every topic imaginable, including how to cheat at the latest video game, to Butterball's® ideas on what to with leftover Thanksgiving turkey, to continuously updated sports scores, to information about your favorite politician, and on and on and on. However, there are some things that are available on the Net that would probably be rated X by the motion picture industry. For example, Playboy, Penthouse, and Hustler magazines all have sites that are available online with no effective access restrictions. Additionally, there are many other sites that contain even more graphic pictures and stories than the aforementioned magazines.
In addition to the Net, there are private electronic bulletin board systems that operate quite similarly to the Net, but are more limited in scope and access. A computer bulletin board system is the computerized equivalent of the bulletin boards commonly found in the workplace and schools. Instead of hanging on a wall covered with notes pinned up with thumbtacks, computer bulletin boards exist inside the memory of a computer system. A BBS is a private area on an electronic network where users may post messages and read previously posted messages by other users. Another service many bbs's make available is the ability to upload and download files. A BBS providing a section of files for its user to download, can distribute almost any type of computer file, including text, software, pictures, video clips, and sounds. Additionally, some private BBS's solicit their subscribers to upload various items onto the bbs. Uploading is the converse of downloading where the user posts information onto the bbs instead of taking from it. The system is analogous to removing and posting on a regular cork bulletin board.
The largest BBS's in the world today are America Online, CompuServe, Prodigy and the Microsoft Network. Besides these large commercial bulletin board systems, there are literally thousands of other BBS's that are run by private individuals.
For the purposes of this paper, BBS operators and Internet website operators will be viewed as being equivalent regarding the likelihood of liability because they provide the same functions in a nearly identical manner.
Similarities of Electronic BBS's to Existing Mediums

A BBS operator has a great deal in common with both the operator of a book store and a publisher. When a person purchases a book from a bookstore and the book turns out to contain offensive material, it would not be reasonable to hold the bookstore owner responsible for the book's contents because a book store owner can not reasonably be expected to have analyzed every book that runs through his store. Similarly, the argument can be made that SYSOPs can not reasonably be expected to monitor every posting that is put on their BBS' by their users. In contrast, if the SYSOP is only running a small BBS (for example, her own website) then she is more like a publisher because she can control exactly what is being sent out to the consuming public.
Another similarity between BBS's and existing media is the method of the transmission of the information. A BBS is similar in some ways to both broadcast and cable television. It is like broadcast TV because just as the network TV stations can be received on any television within the viewing area without discrimination, a BBS is available to essentially any pc with a modem. However, a BBS is also like cable TV station in that a viewer can only get to them through an intentional act by the user. In other words, a TV watcher cannot watch Showtime's "Late Night" without first taking the overt step of subscribing to cable television and the Showtime channel specifically. Thus, there is (to some extent) implicit within the subscription of the service, the subscriber is accepting and acknowledging what is available through the service. In other words, a subscriber to ESPN knows that they are going to get sports, similarly a subscriber to the Net or a private BBS also knows what they are getting with their service. Similarly, a net surfer, or a BBS subscriber cannot obtain access to either of those services without first subscribing to them.
The primary difference between cable and broadcast TV is that the consumer needs a supplier to provide the cable television service, but does not need anything more than a television to receive broadcast TV. A similar distinction holds true with the Net and a private BBS. A user needs to have only a basic internet connection to reach virtually any part of the internet, but in order to obtain access to a private bbs, the user must first have arranged for the service.
Another similarity can be drawn to fee based telephone calls (e.g. 1-900 or 976 calls). Just as the customer that places the phone call has to make an overt effort to obtain contact with the phone service provider by dialing the phone number, a BBS user has to make a similar effort to dial the number to contact the BBS.
Differences between BBS's and Existing Mediums

A significant difference between a BBS and any other medium is that BBS's are often used for a non-chaperoned exchange of information, data, pictures, etc. In other words, the user can do essentially what ever they wish because there is a strong chance that a BBS operator will be unaware of the activity on his system. Additionally, BBS users are a completely non-captive audience. Even with cable television, subscribers may not realize that when they flip to channel 17 (for example) late at night that there will likely be mature/adult programming being aired. However, by virtue of the lack of organization of the Net and based on the nature of private BBS's, it would be virtually impossible for a user to stumble across anything that he found objectionable. As stated above, the Net is simply a massive conglomeration of computers that are networked together and there is no formal organization; there is no starting, nor ending point. Therefore, finding something on the Net requires either knowing the specific address of the site the user desires to go to or performing a search for the site. Either way, there is very little chance that a user will inadvertently find something that they find to be objectionable. The distinction between the Net and cable television is that while watching cable TV, a viewer can click on the remote to move sequentially up or down the available channels; there is an order to the television channels. However, on the Net, a user cannot more sequentially because there is not a next site in the range. The Net is unlike anything else in existence because there is no other medium that has as little structure and organization as the Net does. Similarly, on a private BBS, the user has to have made the affirmative act of dialing into the BBS; thus, there is a strong likelihood that the person dialing into the BBS knows exactly where she is going. In other words, a BBS customer cannot easily suggest that they had no idea of what was available on the BBS that they dialed into.
There are both similarities and differences between this new means of communicating and existing means. The question remains as to what standard the SYSOP should be held: the book store owner or the publisher?
Copyright Infringement

Words, stories, pictures, music and computer software are all subject to copyright laws and everyone of them is transferable through a BBS. Having any of these items on a bbs can easily lead to copyright infringement liability for the SYSOP. A copyright provides several exclusive rights for the copyright holder, including: the right to make derivative works, the right to reproduce the work, the right to distribute the work, the right to perform or display and the right to assign any of these rights to someone else.
Existing copyright case law makes life difficult for SYSOPs because there are three different ways that a court can find they are liable for copyright infringement: direct infringement, contributory infringement, and vicarious infringement. Direct infringement is when a SYSOP is found directly liable for infringement because copyrighted works were placed on her BBS. An example of this is found in the Playboy Enterprises, Inc. v. Frena case. In this case, the defendant operated a private BBS that contained adult pictures , some of which were copyrighted photographs owned by Playboy Magazine. Frena acknowledged that the photographs were being transmitted through his BBS. His defense was that his subscribers had uploaded the pictures without his consent or knowledge and that that he removed them as swiftly as he was able to find them. The court concluded that Playboy had the exclusive right to display the pictures because they were the rightful copyright holders. The court found the defendant liable. Despite the fact that Frena was a passive conduit of the copyrighted material and made efforts to avoid such a problem, the court found that it was not sufficient to elude infringement and liability.
Sega Enterprises v. MAPHIA is representative of how the judiciary is currently regarding contributory liability. The defendant in this case sold services which could be used to copy Sega video games and also sold access to a private BBS where subscribers were overtly encouraged to upload and download the copyrighted Sega games. The defendant's were to some extent passive conduits of the copyrighted material, while the true infringers were able to carry on with their illegal activity (albeit with the consent of the SYSOP). The result of this case came as no surprise: the court ruled that MAPHIA had contributorily infringed upon Sega's copyrights due its "role in the copying, including provision of facilities, direction, knowledge and encouragement."
In addition to direct and contributory liability, a SYSOP can theoretically be held vicariously liable for copyright infringement. Theoretically because at this time there have not been any cases on point. This type of liability would occur if the SYSOP was found to have control over the infringer and has direct financial interest in the infringement. Since SYSOPs often cannot control what their subscribers up and download, many scholars argue that vicarious liability should not apply.
However, in the next case, the defendant was able to find a creative way to avoid liability. The federal district court in Massachusetts faced the issue of copyright infringement in the United States v. LaMacchia. David LaMacchia was a student at Massachusetts Institute of Technology and he was indicted on charges for managing a BBS used to distribute copyrighted software. The government charged him with conspiracy to commit wire fraud based on his operation of a bulletin board system that allowed users to download expensive copyrighted word-processing software at no charge. LaMacchia claimed that he was only a distributor, and was not liable, just as a bookstore owner who supplies information by virtue of the sale of the book that is later used illegally by others is not liable. The Court held that LaMacchia's conduct did not violate the wire fraud statute and granted his motion to dismiss.
A more recent case, Religious Technology Center v. Netcom On-Line Communications Services, provides a perfect example of a set of facts that a SYSOP hopes to never encounter. The plaintiffs, Religious Technology Center (RTC) and Bride communications, own the rights to published and unpublished literary works of L. Ron Hubbard, the science fiction writer and founder of Scientology. RTC brought suit against Dennis L. Erlich, a former Scientology minister who had a change of mind and is now a critic, alleging that Erlich had infringed RTC's copyrights and misappropriated RTC's trade secrets by uploading excerpts of Hubbard's writing onto the "alt.religion.scientology" discussion group on the Internet. Erlich's defense was that his postings constituted fair use, as defined by the Copyright Act of 1976, since they were critical of Scientology.
The defendant, Erlich, posted the excerpts from Hubbard via Clearwood Data Services, a bulletin board service operated by Tom Klemesrud. Clearwood Data Services accessed the net through Netcom On-Line Communication services. RTC named both Klemesrud, as the SYSOP and Netcom as defendants in the case alleging that both of them either directly and/or contributorily infringed RTC's copyrights by having reproduced and published Hubbards protectable work.
U.S. District Judge Ronald Whyte signed an ex parte order allowing the seizure of the allegedly infringing materials from Erlich's home. He then vacated the writ of seizure because the application for the writ failed to meet the proper requirements. Judge Whyte issued a partial ruling on the case, whereby he rejected Erlich's fair sue defense and found that Erlich had directly infringed upon some of RTC's copyrights. The court rejected the fair use defense partially on the basis that Erlich had posted large portions of RTC's materials with little or no accompanying criticism. The court also held that Erlich had not violated RTC's trade secrets since RTC had failed to adequately define its secrets. Judge Whyte did not grant the preliminary injunction requested by the plaintiff's against Netcom and Klemesrud, but did grant it against Erlich.
Netcom sought a motion for dismissal from the case by suggesting that it had no control over subscriber's postings and that liability would intrude upon the access provider's First Amendment rights. Netcom analogized itself to a telephone company that passively transmits communications with no knowledge or control over content. Netcom argued that holding them liable would set a precedent that would make every user who accessed the Internet potentially liable for copyright infringement. The potential liability of the user would be based upon the complete copy of other postings that is automatically sent by the Usenet newsgroup system to anyone gaining access.
RTC alleged that Netcom's duplication of the works onto disks before transmission to the Net was sufficient copying to form the basis for direct infringement under the tests set forth in Sega and Playboy. Further, RTC argued that since direct copyright infringement is a strict liability tort, a court would not require that Netcom have had any knowledge of Erlichs' infringement. RTC also suggested that Netcom was liable for contributory infringement since Netcom knew of the illegal activity once RTC informed them of Erlich's wrongdoing. RTC suggests that Netcom's failure to take action at the point of notification amounts to contributory liability.
This case has not been fully decided and it is unclear whether a court will find Netcom's failure to act to prevent further infringement sufficient encouragement or participation to form the basis for contributory copyright infringement.
The outcome of this case will have a strong impact on system operators and access providers, regardless of the final decision.
Defamation and Libel

Perhaps the most likely threat facing a SYSOP is a defamation suit. The Restatement of Torts defines defamatory communication as communication that tends to harm the reputation of another so "as to lower him in the estimation of the community or to deter third persons from associating or dealing with him." Actual harm to the reputation is not required for a statement to be defamatory. The statement need not actually result in a third person's refusal to deal with the object of the defamatory statement; instead, the words used must merely be likely to have such an effect. The transmission of defamatory statements by a candid or perhaps unsophisticated BBS user can lead to a nightmare for SYSOPs because essentially every posting onto a BBS is a communication. Defamation can occur on a computer system in a number of forms: posts on a BBS, discussions in a chat room, or interpersonal e-mail. Of course, a SYSOP that directly defames another is likely to find himself in need of a lawyer to defend him and the same is true for a user who posts the statement. However, even when the SYSOP is a passive conduit of the information they may find themselves incorporated as a defendant into the plaintiff's suit. An important note regarding defamation suits is that truth is an affirmative defense.
Speech on a computer system has more of the characteristics of libel than slander. This is true because libel, since it is written, is embodied in a physical and longer lasting form. Written or printed words or considered more harmful than spoken words because they are deemed more premeditated and deliberate. A transmission over a BBS is also a lasting and semi-permanent record of the speech and is therefore considered to be libel or defamation, but not slander.
The first case that came before the court system pertaining to the issue of online service provider's liability involving a defamation suit was Cubby, Inc. v. CompuServe Inc. CompuServe is an electronic BBS which is available to paying members. Users have access to numerous forums consisting of interactive online conferences, electronic bulletin boards, and topical databases. Cubby Inc. filed suit against CompuServe based on allegedly defamatory statements located within the Journalism Forum. CompuServe had contracted out the management of the Journalism Forum to a company called Cameron Communications, Inc. CompuServe does not review the information carried on the Journalism Forum. CompuServe moved for summary judgment and it was granted by the court based on the fact that CompuServe was acting as a distributor, not as a publisher. Courts have consistently held that distributors of printed matter, such as vendors and bookstores, are not liable if they can show that they neither knew, nor had reason to know of the defamation contained in the materials they distribute.
Not all of the cases have come down so leniently on the side of free speech. A recent New York Supreme Court decision, demonstrates the issues presented. In Stratton Oakmont, Inc. v. Prodigy Serv. Co., the trial court concluded that Prodigy was liable for a derogatory message on one of its bulletin boards. Prodigy claimed that it merely edited the messages posted for taste and obscenities, not content, and should not be responsible for subscribers communications. Prodigy's brief argued that Prodigy seeks no more than to have the same rights as a newsstand or bookstore that refuses to carry sexually explicit magazines. The Court determined that Prodigy's efforts to censor obscenities from its bulletin boards put the company in the same position as a publisher because it was monitoring bulletin board conduct. This case seemingly holds a completely contradictory result from the CompuServe case, but there is one possible explanation for the different result. Prodigy attempted to control what was being posted by it's customers and CompuServe did not. However, deciding cases on this basis is an unenlightened approach to dealing with the problems. Prodigy has made efforts to internally regulate what was being posted, so as to not offend its customers. For their efforts they were found liable. On the other side, CompuServe took a hands off approach to the regulation of their online service and for their inactivity, they are not liable. This is simply an unfair result.
Invasion of Privacy

Unlike public messages posted onto a BBS, users expect their e-mail to be private. Many SYSOPs are concerned that by not monitoring the e-mail, they cannot be sure that the users are not violating the law, thereby potentially exposing the BBS to legal risk. Prior to the passage of the Electronic Communications Privacy Act (ECPA), communications between two persons were subject to widely disparate legal treatment depending on whether the message was carried by regular mail, electronic mail, an analog phone line, a cellular phone or some other form of electronic communication system. The ECPA deals specifically with the interception and disclosure of interstate electronic communications, and functions as the major sword and shield protecting e-mail. It works both to guarantee the privacy of e-mail and also to provide an outlet for prosecuting anyone who does not respect that privacy.
Section 2 of the ECPA provides an exception for SYSOPs and their employees to the extent necessary to properly manage the BBS. After accessing the e-mail, the employer cannot divulge it to others except as may be necessarily incident to the rendition of the service or to the protections of the operators rights or property.
The first case that has attempted to apply this statute to electronic publishers was the Steve Jackson Games case. Steve Jackson Games is a small publisher of role-playing games. The company also ran a private BBS to obtain customer feedback. The Secret Service took all of the company's computers, both their regular business computers and the one on which they were running the company's BBS. They also took all of the copies of their latest game. The Electronic Frontier Foundation, who provided legal counsel for the company, likened the taking by the secret service to an indiscriminate seizure of all of a business's filing cabinets and printing presses. The company was raided because one its employees ran a BBS out of his home which distributed a widely published electronic journal that in part contained a stolen telephone company document. The document, however, contained information that was widely available in other forms. The result of this case was that the private e-mail items addressed to individuals and residing on a BBS were held to be stored electronic communications and thus were subject to the provisions of the ECPA. However, while the ECPA was passed specifically to deal with e-mail privacy, it is rarely invoked "due to widely conflicting interpretations of its directives."
What Can A SYSOP Do to Protect themselves?

This section will describe specific methods of dealing with the particular causes of action that have been discussed and will be followed by various methods of risk management.
If faced with a copyright infringement suit, it is important that the SYSOP understand that a work is automatically copyrighted (note: NOT copyrightable) at the moment it is created and originality is put into it. Thus, an e-mail that is received by someone cannot be reproduced etc., because it is subject to the originator's copyright. It does not transfer to the person who received the mail. Thus, the recipient cannot sell, republish or use it in any inconsistent with the wishes of the sender. SYSOPs can limit copyright infringement by not allowing users to log into a system, but this conflicts the original goal of creating access.
If faced with a defamation suit, the SYSOP should try to find out whether the statement is true, if it is and the SYSOP can prove it, he is out of trouble. Claire Walters, author of the Official BBS FAQ, offers three suggestions for a SYSOP to protect themselves from a defamation suit before the fact.

Think carefully about the two types of defamation: Defamation made by the SYSOP and defamation be the user. Passing on a false rumor can amount to actionable defamation.
Actively discourage callers from "flaming" one another in public message areas. Such comments can lead to liability problems for the SYSOP.
Keep in mind that the callers may not have properly identified themselves and creating a messy situation if the SYSOP chooses to publicly decry the misdeeds of the user who has given a fictitious name.

If faced with an invasion of privacy suit it is not true that a SYSOP has free reign to read their users e-mail. It seems to be a general proposition that a SYSOP can read a user's e-mail to help minimize their liability. Why would a SYSOP want to read his user's e-mail? There are three likely reasons: idle curiosity, fear that the user is doing something inappropriate or dangerous, and finally, during the course of system maintenance. However, if a SYSOP determines that reading the e-mail is the appropriate course of action to follow, how do they deal with invasion of privacy issues that would likely come up? A common practice among SYSOPs is to post disclaimers that state that there is no private e-mail under the provisions of the Electronic Communications Privacy Act. However, these disclaimers may not survive a court challenge and, in effect, SYSOPs who attempt to exempt themselves from the ECPA are waiving all of the rights and protections against a government search and seizure. Instead of protecting the SYSOP's rights, the disclaimer may actually end up making things worse than they otherwise would have been.
Taking the ECPA regulations into consideration, the SYSOP should:

Monitor e-mail only occasionally and to the extent necessary to assure that there is nothing improper occurring on the board. Resist the urge to disclose or even comment on items that have been discovered through reading the e-mail.
Do not be overly confident that a disclaimer suggesting that there is no private e-mail is sufficient to overcome a challenge under the ECPA.
Process all e-mail in the same manner. A SYSOPs rights to monitor e-mail under the ECPA apply only to activities undertaken in the normal course of operation of the BBS.

If a SYSOP has problems with a specific user the Electronic Frontier Foundation suggests several options:

talk to the individual, pull them into chat or call them on the phone. Often the user is unaware that they are causing a problem and will agree to stop doing the offending act.
have an attorney send a cease and desist letter
file a civil lawsuit against the user
file a criminal case, if necessary.

The SYSOP may offend the problem user by the confrontation, but it is her bbs and potentially her livelihood on the line.
Risk Management

"There is some good news: most of the risks your board faces can be minimized if you take an active approach to the problem." The SYSOP has several options that are available to them to help them manage the risk that they face. According to Wake Forest University Professor of Law Thomas M. Steele, there are 5 basic methods of risk management that a SYSOP can employ:

Avoid the risk. This means simply, do not engage in the risk promoting activity. This may not be a feasible solution for the mass SYSOP population, but in extreme cases where the risk is quite high as compared to the benefit received, it may be an appropriate.
Manage the risk. Managing the risk involves taking preventative measures, such as liability releases signed by the user, that requires the user to accept liability for their actions. Additionally, Professor Steele suggests that good record keeping can help assuage a potentially volatile situation for the SYSOP.
Transfer the risk. Currently this option is not as widely available as it will likely be in the next few years. However, if an insurance policy is available, this is an ideal means for a SYSOP to deal with their potential liability. Their are two types of policies that are currently used to offer some protection for SYSOPs: liability insurance policies and errors and omissions policies. The liability policy is, as it suggests, essentially indemnification from liability. Generally these liability policies are not specifically designed for SYSOPs, so a careful review of the policy is necessary to ensure that the purchaser of the policy will be covered to the extent that they are expecting. The other type of policy, the error and omissions policy is similar to an all risk liability policy that used to be available, except that it is intended to cover virtually everything that is not covered by the primary insurance policy and nothing that is covered.
Risk transfer to others. Essentially the idea behind this is to transfer the risk to some other organization that is immune from liability, such as a government agency. If this is not possible, consider creating a shell organization that has no assets, under which the BBS can be run. The advantage to doing this is that the shell organization has minimal assets and thus it would not be an attractive defendant to a suit. A potential concern is if a corporation is formed for this purpose, a potential claimant against the BBS may be able to pierce the corporate veil and have the court award the damages through the operator or the organization which is in actuality behind the BBS.
Share the risk. Professor Steele recommends creating an insurance pool. This would help defer some of the costs of insuring the BBS. Basically this works the same way that an insurance company works, but without a 3rd party insurance company reaping the massive profits. This approach has not been actively employed by SYSOPs, but it should be considered because it is an effective to minimize the costs of liability.

Conclusion

The civil liability that a SYSOP faces is growing and may be somewhat daunting to those who are currently SYSOPs or those who desire to create a BBS. A SYSOP with a strong understanding of the Internet, as well as an awareness of the similarities and differences of BBS systems to other existing media will be more equipped to face the potential liability for copyright infringement, defamation and libel, and invasion of privacy, if they heed the suggestions set forth in this paper as to how to avoid, or at least minimize, the risk associated with operating a BBS.