[address-policy-wg] IP Addressing policy on personal contact info (kf)

Hello, sorry for late response ;-)

No the question in fact is that there should be no difference weather it is 
a Swedish law  or e.g a Polish law that has
the "restriction" of putting personal contact data in the RIPE db, I think 
that all counties have or will
make some kind of laws agains data protection. I would like us to come up 
with a templates (-s) that could be useful
in these cases. This template should clearly point out that there is a 
customer that is only documented
at the actual ISP and not in the db. I understand that several isp:s 
allready have had these kind of issues
over the years and due to data protection laws only have internal records 
over the customers, but I believe
that the templates that have been created differ a lot. Is there a way to 
take out information about how
many objects there is in the db that is only personal contact data without 
no referrence to a company name?
Maybe we then could see which areas (countries) this concerns the most. (+ 
get a good clean up done in the db)

Regards Katri

that could be used in these cases.

At 22:19 2003-08-19 +0200, you wrote:

>         Shane,
>
>>>In France there is such a thing as unlisted phone numbers which
>>>remain private and unknown.  Further, the RIPE DB is becoming the
>>>best spam list in the world.  So yes, responsability lays with LIR,
>>>yes let's clean the DB, yes respect privacy.
>>
>>I think there are two sides to this issue.
>>
>>
>>One is what the RIPE NCC can and has done to increase the privacy of 
>>people who have contact information in the Database.  We have been trying 
>>to increase the privacy protections in the Database over time:
>>
>>- person/role objects removed from public FTP site
>>- DB automatically rate limits access to person/role objects
>>- mntner/irt objects removed from public FTP site
>>- .DE person object deletion
>>- automatic cleanup of unreferenced person/role objects
>>
>>The Allocation Editor on the LIR Portal should allow LIRs to keep their 
>>contact data up-to-date.
>>
>>We have talked with the Dutch Data Protection Authority about the 
>>Database as well, to make sure that we don't run afoul of the EU privacy 
>>directives.
>
>
>I think that issue is somewhat more problematic than that. I guess that 
>what Katri is actually asking for is the Swedish data protection law. I am 
>no expert on this law but from what I know / remember, the law requires 
>the direct consent of the registered party as well as certain guarantees 
>that the data is not passed on (within some limits). This means that the 
>Swedish ISPs in order to register these customers actually needs written 
>consent from the customer, as well as to solve the issue on passing that 
>data on further by registering the data in the RIPE DB.
>
>Perhaps someone that knows the issue better could comment?
>
>Best regards,
>
>- kurtis -