[cooperation-wg] Q: What is the latest trend in Internet connectivity offerings?

This really sounds like the case of the piratebay, where they tried to sue
people over the simple fact that they were mentioned in the whois registry
as the "contact person". In Holland the ISP tends to shield themselves a
lot by telling the lobbies that they are nothing but data carriers, which
in return caused them to get sued for copyright infringement. They are
bound by law NOT to give any information about their customers to (private)
lobby organisations, unless you come with a legal document requesting them
to hand over your personal information. However most ISP's will forward
emails sent to them.

Concerning registering yourself before you can use a network is something
that is governmental-related. In case of problems they can point at you as
the culprit. However, since anyone can register a domain, you can also set
up a mule that buys the domain while you keep ownership of that domain, or
buy a postbox company in the Seychelles?

The onliest thing that links an IP to a person is the endpoint. Other than
that, there is no possible way to verify someone. The same way that
companies try to validate someone by "sending an SMS". Anyone can get a
free phone number on a SIP server and use that to "verify" themselves, That
is how I have gotten an american phone number from Google and how I call
customer support in the USA...

The registry should be a "best guess" method, or they should do the same
thing as banks and Facebook and start "enforcing" the fact that you should
give out a copy of your ID card, and make sure that the ID card is valid
and holds the same data as you entered on your account. Its a false sense
of security when people can give out a random number and the registry will
accept it without questioning the legality of it.

Julius

On Wed, Jun 22, 2016 at 3:27 PM Patrik Fältström <paf at frobbit.se> wrote:

> On 22 Jun 2016, at 15:07, Gordon Lennox wrote:
>
> > My own thing was when I looked at registering a domain name under dotSE.
> As an individual you have to give them a copy of your government-issued
> "personal identification number”. But if you are not Swedish then any old
> government-related number would appear to do. Does not matter which
> government. Does not matter if it a personal identity number. Does not
> matter if they can check it or not - probably they cannot. I have no idea
> why they need this. But somehow they really-really need a little number for
> that field.
>
> And in Denmark the registry requite mandatory validation of that ID-thing
> -- but only if you use the Danish ID, not otherwise.
>
> Go figure.
>
> In Sweden we managed to kill those ideas at least.
>
> In a more sensitive environment (I think) it would be a responsibility for
> the registrar to know who the customer (and domain holder / user) actually
> is, but nope. That is not how the registrar agreements are written. The
> current situation makes it impossible for a registrar to say "I know this
> person".
>
> The difference between what one have to do and how to implement it is not
> very easy to understand sometimes.
>
>    paf
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/cooperation-wg/attachments/20160622/22e41006/attachment.html>