This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Legal concerns, was Manual vs automated reports
- Previous message (by thread): [anti-abuse-wg] Manual vs automated reports
- Next message (by thread): [anti-abuse-wg] Legal concerns, was Manual vs automated reports
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alessandro Vesely
vesely at tana.it
Thu Jul 26 19:35:13 CEST 2012
On Thu 26/Jul/2012 18:37:55 +0200 Tobias Knecht wrote: >> In the words of RFC 6650: > > Don't get me wrong, this rfc is a good one an clarifies some things, > but it is written by Americans under their understanding of US law. IMHO, it is not so much being Americans or whatever, as being versed on legal points of view. > Some things that are mentioned are not possible under European > Jurisdiction. For example providing Feedbackloops is especially in > Germany a very critical task. Is it? I guess in Italy we have more or less the same European directives. So long as the user is clearly informed about what data is being sent to who, and grants her/his consent to that, it should be legal to do FBLs. Yet, IANAL. The best thing, IMHO, would be do gather users' consent on the first time they hit a "This is Spam" button. At the same time, give them the option to redact their email address in the header. (See http://tools.ietf.org/html/rfc6590 ). > So rfc 6650 is good but unfortunately does not fit all use and legal > cases. We need to clear up this issue. Googling for that I find that ETIS, which is based in Europe, has an "Anti SPAM Co-operation Group" that "is also working on an anti-spam feedback loop project." (Quotes from http://etis.org/groups/anti-spam-task-force ). I'd guess you know them; they have a meeting on next Oktoberfest... Would they cover those legal concerns? A recurring objection in the acm-tf was that RIPE handles just a region, and therefore we'd need anti-abuse practices to be specified by some global body such as the IETF. Now we have it. We should use it as we use SMTP. And the fact that our law is better than theirs should be an aid, not a hindrance! > In addition to that, I do not have any problem in single persons > reporting abuse incidents as long as they are useful. And even people > in the registration business sometimes do not know how to report > correctly, which is not bad it's just that they haven never done it > before and need somebody/something that guides them through, which > should be one of the next tasks for this community to define. Very much agreed. We need to exchange scripts and ideas.
- Previous message (by thread): [anti-abuse-wg] Manual vs automated reports
- Next message (by thread): [anti-abuse-wg] Legal concerns, was Manual vs automated reports
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]