This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] personal data in the RIPE Database
- Previous message (by thread): [anti-abuse-wg] personal data in the RIPE Database
- Next message (by thread): [anti-abuse-wg] personal data in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
denis walker
ripedenis at gmail.com
Mon Jun 6 17:42:21 CEST 2022
Hi Richard On Mon, 6 Jun 2022 at 16:15, Richard Clayton <richard at highwayman.com> wrote: > > In message <CAKvLzuG47-bY0vN59+kkcgJ0p4332J7r-Q0wRFnoMhhTaVRgqA at mail.gma > il.com>, denis walker <ripedenis at gmail.com> writes > > >They were very clear that the address of resource holders is also very > >important to LEAs in their investigations. So I am going to make a > >controversial suggestion here. Currently we have two categories of > >registry data, Private and Public. The Public data is available to > >LEAs and their use of it is covered by agreed purposes of the RIPE > >Database defined in the Terms & Conditions. For Private data they need > >to get a court order, which is an expensive and time consuming > >process. Suppose we add a middle category Restricted data. This could > >be data like the address of natural persons who hold resources. Data > >that is now public but we are proposing to take out of the public > >domain. We could allow LEAs (and maybe other recognised public safety > >agencies) to continue to have access to this Restricted data without a > >court order. (There are technical ways of doing this which are out of > >scope for this discussion.) > > You appear to be under the impression that Internet security and safety > arises out of the activities of Law Enforcement Agencies whereas in > practice private individuals and companies do the vast majority of this > work -- generating referrals to LEAs when it is appropriate for action > to be taken that only they can perform > > Moving to a situation where only LEAs can see what is currently > available in RIPE whois data would be a very retrograde step and would > seriously impact the security and stability of the Internet. We are talking about restricting access to one piece of data, the address of natural persons. I accept that a lot of abuse may come from address space held by natural people. I understand that a lot of investigation work is done by companies and individuals. How much of an impact would it be on your activities to not know the private address of these natural people? From the country attribute in their ORGANISATION object (accurately maintained by the RIPE NCC) you know the country that they are legally operating from. You don't know the street or city they work out of. I can only think of three reasons why you would need the full address. You intend to visit them (unlikely), you want to serve legal papers on them or you attempt some kind of heuristics with the free text search in the database to match up resources with the same address. cheers denis proposal author > > -- > richard Richard Clayton > > Those who would give up essential Liberty, to purchase a little temporary > Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 > -- > > To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://mailman.ripe.net/
- Previous message (by thread): [anti-abuse-wg] personal data in the RIPE Database
- Next message (by thread): [anti-abuse-wg] personal data in the RIPE Database
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]