[anti-abuse-wg] Definition of Abuse

On Tue, 16 Aug 2016 14:23:21 +0000
David Hilario <fransossen at hotmail.com> wrote:
> Hi Andre,
> 

Thank you so much David

That is a very complete, informed and direct answer

I also do not foresee anything changing anytime soon, or that there is
even a need for anything to change, for that matter.

We do really need a definition of "abuse" though, as some actions may,
or 
may not be abuse and/or crimes - and when there are general discussions
about "abuse" it would be good to know the definition and/or parameters.

It would be within the scope of an operational abuse list, to define
what abuse is. 

So, we are still at this last definition: 
"The non sanctioned use of a resource to infringe upon the usage rights
of another resource"

Current discussions about what needs to be added still? (add if I am
missing anyone or anything please) 

(1)
Gert Doering suggested that "there are legal reason why someone could
infringe on someon else's use rights"
 - added the 'non sanctioned' - seems fine now, Gert?

(2)
unauthorized access / hacking / and/or breaking in 
( Dave Crocker -  abuse concerns unauthorized access  )
(Andre - breaking in is crime, abuse is use something for bad purpose )

(3) causing damage to others
( Dave Crocker -  "and to actions that inflict damage on others" )
(  Michele Neylon - I like the idea of “damage” or “harm” on others
The “infringe on usage .. “ thing didn’t seem very clear to me and I
don’t see how that would apply to spam etc)
(Andre - damage is a result of an action or result of abuse? crime?)




 

> 
> >Maybe you can help, David? 
> >
> >When RIPE investigates "abuse" what are they investigating? Crimes? 
> >Criminal activity? Fraud? or actual abuse?
> 
> Short version: 
> RIPE NCC can only investigate and take actions against resource
> holders based on RIPE policy violations and contractual agreement
> violations. (With the exception of legal requirements such as court
> orders enforceable under dutch law, embargo that apply to Dutch based
> organisation, RIPE NCC functions under Dutch law and has to comply at
> that level...but those things are outside of the scope of the RIPE
> policies)
> 
> Long version: 
> This is the document you are looking for:
> https://www.ripe.net/publications/docs/ripe-640
> 
> It lists the reasons for being under violations and the eventual
> consequences (de-registration of resources, closure of LIR).
> 
> Anything else is actually sort of irrelevant, unless a RIPE policy is
> to be put in place against something that would be defined as
> "abuse". This would be decided here within the WG and not by the RIPE
> NCC.
> 
> The RIPE NCC will then be able to enforce the policy that has been
> decided here.
> 
> I don't really foresee any of that changing anytime soon though.
> But actions are taken, where actions can be taken by the RIPE NCC,
> based on the current set of policies.
> 
> Cheers,
> David