Skip to main content

Anti-Abuse Working Group Minutes RIPE 86

Wednesday 24 May 12:00 - 13:00
Chairs: Brian Nisbet, Tobias Knecht, Markus de Brün
Scribe: Gerardo Viviers
Status: Final

The recordings and presentations are available at:
https://ripe86.ripe.net/programme/meeting-plan/aa-wg/

The stenography transcript is available at:
https://ripe86.ripe.net/archives/steno/39/

A. Administrative Matters

Brian started the session welcoming everybody and thanking the people supporting everything. The CoC was mentioned. The working group minutes from RIPE 85 were approved and the agenda was finalised. 

B. Updates

B.1 Recent List Discussion

Brian Nisbet, Working Group Chair

Brian mentioned that there hadn’t been much discussion on the list recently and asked the working group if there was anything to discuss to do it at this moment or in the AOB. 

B.2. RIPE NCC Training Update

Gerardo Viviers, RIPE NCC

The presentation is available at:
https://ripe86.ripe.net/wp-content/uploads/presentations/14-Anti-Abuse-Training-update-RIPE-86.pdf

Gerardo Viviers, RIPE NCC, presented a short overview of the Anti-Abuse training. He then informed the working group on progress since RIPE 85. There were no questions or comments.

Brian thanked Gerardo, the RIPE NCC, and the people from the Working Group who provided input for the project.

B.3. RIPE Database Task Force Recommendations 

Brian mentioned that the working group had discussed the RIPE Database Task Force outputs during RIPE 85, pointing out that there is a discussion point regarding the relationship between the RIPE NCC and LEAs. He pointed out that at RIPE 85 the working group did not come up with anything concrete follow up steps. He explained that part of the response to this recommendation was the next presentation on the agenda. He also mentioned that the working group chairs had previously discussed whether the working group might be able to help both the RIPE NCC and LEAs regarding LEA requests sent to the RIPE NCC. Brian asked the working group if anybody had any comments or questions.

There were no comments or questions. 

B.4. How the RIPE NCC Handles LEA Requests

The presentation is available at:
https://ripe86.ripe.net/wp-content/uploads/presentations/71-How-the-RIPE-NCC-Handles-LEA-Requests_Presentation.pdf

Theodoros Fyllaridis, Legal Counsel, RIPE NCC, presented on how the RIPE NCC handles requests for information coming from law enforcement agencies (LEAs).

Alex de Joode, AMS-IX, asked about the RIPE NCC's familiarity with the e-evidence package that is being discussed in the European Commission, which would allow LEAs to request data directly and the RIPE NCC would be obliged to provide it. 

Maria Stafyla, Senior Legal Counsel, RIPE NCC, explained that the RIPE NCC does follow this and that the adoption process had been agreed upon. The RIPE NCC will update the procedures to reflect this. 

Robert Scheck, ETES GmbH, asked if the RIPE NCC could publish the LEA requests with the sensitive details removed for greater transparency on the RIPE NCC website, similar to what e-mail providers posteo.de or mailbox.org are doing.

Theodoros mentioned that the RIPE NCC publishes a transparency report every year and asked for more details.

Brian explained that the request is for the RIPE NCC to publish the LEA requests with redacted details on the website.

Theodoros mentioned that the RIPE NCC does not do this yet but will look into this.

Henrik Kramselund, Zencurity Aps / KEA.dk, asked about the sources of the LEA requests, and how they are sent to the RIPE NCC. He also asked about the French LEA mentioned in the presentation, whether it was a French organisation or an international organisation based in France.

Theodoros explained that the requests come directly from the LEAs and that the French LEA was a French organisation based in France.

Henrik asked if it wasn’t considered harassment to be sent 121 requests for the same data by the same LEA, and whether the LEA in question should change its procedures.

Theodoros answered that the RIPE NCC informs LEAs of the procedures that are followed and yet it continues to receive these requests. He clarified that this is a relatively recent phenomenon that started the previous year.

Denis Walker, co-chair of the DB WG, asked if the RIPE NCC could mention what type of information was being asked for in the LEA requests.

Theodoros explained that the requests were for information that is not in the RIPE Database. He was unsure about sharing further information about the details of the LEA request.

Denis asked if the RIPE NCC could clarify what type of information was being requested.

Theodoros mentioned that the type of information included names and addresses. He explained that the RIPE NCC challenges these requests when possible, but when there are no more options, the RIPE NCC has to comply with the requests.

Peter Koch, DENIC, thanked the RIPE NCC for the continuing efforts in providing transparency and being open to questions. He asked if any of the LEAs used the MLAT procedure or if any request that came through the MLAT procedure was refused.

Theo explained that it has been used in the past, but not recently.

Peter asked about the French LEA from the presentation and what the RIPE NCC was doing about this.

Theodoros shared that the RIPE NCC provides information to the LEAs about request procedures and that every request is replied to, but the LEA sent the request again.

Harry Cross asked if the requests that asked how to request something materialised into anything.

Theodoros informed that there was no follow-up to these requests.

Harry asked if the RIPE NCC provides education to the LEAs regarding the data that it does not have or does the RIPE NCC simply say “We don't have it.” and do nothing.

Theodoros explained that the RIPE NCC informs the LEAs that it doesn't have the data and points to alternative paths, like the RIPE Database, where the LEA can find contact information for the IP addresses they are investigating.

Brian commented that the information on what data can be requested from the RIPE NCC has already been provided for more than ten years.

Malcolm Hutty thanked the RIPE NCC for the presentation and said he would like to see more of these types of presentations from other organisations. He mentioned that he thinks the RIPE NCC holds very little of the information that the LEAs request. Malcolm asked if the RIPE NCC holds any information that might be relevant that the working group does not know about.

Athina Fragkouli, Chief Legal Officer, RIPE NCC, explained the kind of data the RIPE NCC gathers from members in order to fulfil the membership contract with the RIPE NCC. Members are aware of the data they are sharing with the RIPE NCC for this purpose. No user data has been shared.

Malcolm asked to clarify whether the information is collected during the submission of forms and is not generated by the RIPE NCC itself.

Athina confirmed this. 

D. Interactions

D.1. Domain Trust

The presentation is available at:
https://ripe86.ripe.net/wp-content/uploads/presentations/9-Domain-Trust-20230515.pdf

Dan Owen, Global Cyber Alliance, presented on a new community dedicated to combating domain abuse. 

Trey Darley, Accenture, mentioned that there is a SIG (special interest group) that deals with domain abuse and asked Dan if he was familiar with this SIG.

Dan confirmed they had recently joined it.

Trey commented on the work of the SIG and that everybody should collaborate towards putting together a better take down system within the community.

Dan commented that this type of conversations about best practices is what he likes to have, seeing what other members of the community are doing that works. 

X. A.O.B.

There were no AOBs.

Z. Agenda for RIPE 87

Brian mentioned the upcoming RIPE 87 meeting and said that the WG chairs will share a call for agenda points for the upcoming Anti-Abuse Working Group session.