[db-wg] geolocation and current purposes

Colleagues

I have spent some time thinking about the wording of the current
purpose of the RIPE Database in relation to geolocation services. In
some ways the purposes are very loosely written. That means they are
open to interpretation. I think they can be interpreted to cover the
"geofeed:" attribute. Some people have expressed this view but it is
not sufficient to just say it, you need to justify the viewpoint. I
will attempt to do that.

"Facilitating coordination between network operators (network problem
resolution, outage notification etc.)"

The first point is the 'etc'. That means the example list is not
exclusive. It doesn't even define the types or categories of
coordination. So basically any coordination between network operators
is included.

'Facilitating' means 'to make things easy'. So the database exists to
make any coordination activity between network operators easy.

So in what ways is "geofeed:" going to make it easy for network
operators to coordinate some activity? One of the ways network
operators have talked about how they want/need to use "geofeed:" data
is to provide content based on location of an IP address.

If a content providing network operator wishes to offer this content
to anyone in a specific location, that can be seen as a coordination
activity. The content provider can coordinate with other network
operators to establish that their customers are within this location
so they can access this content. If this interpretation is accepted by
the community then the context has changed. The legal team can now
reassess their advice in the context that the use of the "geofeed:"
data is now covered by the existing database purposes.

But there are other questions that the legal team also needs to
consider. The "geofeed:" attribute references data external to the
RIPE Database that neither the RIPE NCC nor the RIPE community has any
control, management or perhaps even influence over. This data may
contain PII. Although the maintainer of that external data is
responsible for its content, does the RIPE NCC have any (joint)
accountability or liability as the data controller and facilitator of
the RIPE Database? Nic Handles are considered to be PII as they
reference objects that contain PII. But these objects are also
contained within the RIPE Database. The geofeed csv files are external
to the RIPE Database. Do the references to them still constitute PII?

Given that we are currently discussing a policy proposal governing the
use of personal data in the RIPE Database, here we have a mechanism
where resource holders can publish full postal address details of end
users who are natural persons and link that published data to the
resources in the RIPE Database. Given that these files are published
by holders of RIPE resources and referenced by the RIPE Database,
should the content of these files follow RIPE policies? (I'm not
suggesting any validation of the contents, but perhaps resource
holders should be responsible for applying policies to this content.)

The T&C is a legal document. In the event of any dispute, lawyers make
a lot of money by analysing and interpreting documents like this.
Although the loosely written purposes may now be interpreted to cover
geolocation data, there are still significant problems with the way
the purposes are written. A review would still be beneficial.

The T&C are mostly in the background during day to day operations.
Just as the terms of an insurance policy can be irrelevant for years.
The one time it matters is when you want to make a claim, or in the
case of the database if someone ever makes a legal challenge over any
aspect of its use or content. At that point, if the purposes can be
widely interpreted, then the outcome is uncertain. It would be
advantageous to all parties if the purposes were clear and precise
with little room for interpretation. Whenever this issue is raised
some people make the cynical comments that there has never been any
legal challenge and there is no queue of people waiting to do so and
common sense has always prevailed (in the past). It only needs one.
Other RIRs have been involved in legal actions. Don't wait until your
house is flooded before checking your insurance policy to see if you
are covered.

Another clear issue with this purpose's wording is that use of contact
details in the database is only allowed by network operators to
contact other network operators ("between network operators"). In this
sense the purpose is very precise. Use of contact details by the
public, non member organisations, investigators, CSIRT teams (unless
they are also operators) and LEAs is not allowed under these T&C.

Something to think about...

cheers
denis
co-chair DB-WG