Definitely not in this case (unless you're using Digital Ocean as a VPN end point or something). EO 13984 (which is cited as the enabling act) has a narrow definition:
(e) The term ‘‘Infrastructure as a Service Product’’ means any product or service offered to a consumer, including complimentary or ‘‘trial’’ offerings, that provides processing, storage, networks, or other fundamental computing resources, and with which the consumer is able to deploy and run software that is not predefined, including operating systems and applications. The consumer typically does not manage or control most of the underlying hardware but has control over the operating systems, storage, and any deployed applications. The term is inclusive of ‘‘managed’’ products or services, in which the provider is responsible for some aspects of system configuration or maintenance, and ‘‘unmanaged’’ products or services, in which the provider is only responsible for ensuring that the product is available to the consumer. The term is also inclusive of ‘‘virtualized’’ products and services, in which the computing resources of a physical machine are split between virtualized computers accessible over the internet (e.g., ‘‘virtual private servers’’), and ‘‘dedicated’’ products or services in which the total computing resources of a physical machine are provided to a single person (e.g., ‘‘bare-metal’’ servers)
Do you have a basis for this claim or are you just throwing it out there to see if it catches on? The document linked refers to IaaS, which as an acronym definitely does not include ISPs.
In practice, as long as a definition can conceivably cover something, the DOJ or some agency will use it. Case in point from yesterday: money transmitter as applied to arresting the developers of a NON-CUSTODIAL wallet, as part of a wider war on crypto mixing:
Reading the definition https://www.federalregister.gov/d/2024-01580/p-46 and the paragraph following it, it's intentionally broad and i'd say it's not that much of a stretch to say ISPs provide services that match this.
Some AI services such as Synthesia
https://www.synthesia.io › ethics
" Your avatar can be created only with your explicit consent, following a thorough KYC-like procedure. Complete control: Our platform ensures you can decide"
There are probably very few ISPs that can fall outside of this standard. For example if your provider provides e-mail, it's providing infrastructure. And yet, the slope can get much more slippery than this.
Please read EO 13894 before proceeding further. Is the user able to run custom software directly with a customary ISP (because that's in the definition)? I agree with EGreg that they can possibly twist this, but as written it's actually narrower than you think.
Definitely not in this case (unless you're using Digital Ocean as a VPN end point or something). EO 13984 (which is cited as the enabling act) has a narrow definition:
(e) The term ‘‘Infrastructure as a Service Product’’ means any product or service offered to a consumer, including complimentary or ‘‘trial’’ offerings, that provides processing, storage, networks, or other fundamental computing resources, and with which the consumer is able to deploy and run software that is not predefined, including operating systems and applications. The consumer typically does not manage or control most of the underlying hardware but has control over the operating systems, storage, and any deployed applications. The term is inclusive of ‘‘managed’’ products or services, in which the provider is responsible for some aspects of system configuration or maintenance, and ‘‘unmanaged’’ products or services, in which the provider is only responsible for ensuring that the product is available to the consumer. The term is also inclusive of ‘‘virtualized’’ products and services, in which the computing resources of a physical machine are split between virtualized computers accessible over the internet (e.g., ‘‘virtual private servers’’), and ‘‘dedicated’’ products or services in which the total computing resources of a physical machine are provided to a single person (e.g., ‘‘bare-metal’’ servers)
(https://www.govinfo.gov/content/pkg/FR-2021-01-25/pdf/2021-0...)
That's not a narrow definition.
Do you have a basis for this claim or are you just throwing it out there to see if it catches on? The document linked refers to IaaS, which as an acronym definitely does not include ISPs.
In practice, as long as a definition can conceivably cover something, the DOJ or some agency will use it. Case in point from yesterday: money transmitter as applied to arresting the developers of a NON-CUSTODIAL wallet, as part of a wider war on crypto mixing:
https://www.coindesk.com/policy/2024/04/24/samourai-wallet-f...
This comes amid a war on end-to-end encryption, and so on. It's not like they are going to stop here.
Reading the definition https://www.federalregister.gov/d/2024-01580/p-46 and the paragraph following it, it's intentionally broad and i'd say it's not that much of a stretch to say ISPs provide services that match this.
Some AI services such as Synthesia https://www.synthesia.io › ethics " Your avatar can be created only with your explicit consent, following a thorough KYC-like procedure. Complete control: Our platform ensures you can decide"
There are probably very few ISPs that can fall outside of this standard. For example if your provider provides e-mail, it's providing infrastructure. And yet, the slope can get much more slippery than this.
Please read EO 13894 before proceeding further. Is the user able to run custom software directly with a customary ISP (because that's in the definition)? I agree with EGreg that they can possibly twist this, but as written it's actually narrower than you think.