This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[db-wg] 2022-01 New Version Policy Proposal (Personal Data in the RIPE Database)
- Previous message (by thread): [db-wg] 2022-01 New Version Policy Proposal (Personal Data in the RIPE Database)
- Next message (by thread): [db-wg] 2022-01 New Version Policy Proposal (Personal Data in the RIPE Database)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
denis walker
ripedenis at gmail.com
Sun Jun 19 16:56:34 CEST 2022
Ronald Many of your comments are insulting and unprofessional. Much of what you've written below is utter nonsense. Some of your most emotive nonsense I've simply cut out. As the proposal author I feel compelled to keep reinforcing the truth over you nonsense. Your style is totally contrary to the stated aims of RIPE to be a diverse and inclusive community. On Sun, 19 Jun 2022, 13:42 Ronald F. Guilmette via db-wg, <db-wg at ripe.net> wrote: > Below I respond to denis' recent points made here regarding the pending > proposal to have RIPE NCC obscure all natural person mailing addresses... > whether those natural persons desire it or not. > The RIPE NCC does not enter or maintain the data in question and will not be obscuring anything. > > In message <CAKvLzuH8UJpJRVeKq5f3OfMLFGffWeoUmq+xvLdBLJ-u25ZZ= > A at mail.gmail.com> > denis walker <ripedenis at gmail.com> wrote: > > >If you want to 'justify' publishing the home addresses of natural > >persons in this open, public database then propose a change to the > >purposes of the database to argue a case for doing so. > > I do not believe that it is in any way incumbant upon me to "justify" what > is, what has been, and what remains common practice in all regions. > Rather, > it is incumbant on those proposing a deviation from a widely-accepted > system > that has served the community well for 20+ years to justify a proposed > departure from that existing norm and practice. > > In short, the burden of proof is on you, not me. > As an armchair lawyer you have totally failed. GDPR does require the purposes of the database to justify the processing of personnel data. The current defined purposes do not do this for this data. > >So you are supporting various means "to obfuscate their actual > >physical location" and then in the very next sentence complaining > >about "inaccurate garbage" in the database. Your own arguments are > >contradictory. > > I am opposed to there being an -official- condoning and/or (even worse) an > official -enforcement- of deliberate obfsucation of any fields of the > WHOIS data base. So voluntary obfuscation is ok? If there are the occasional rare persons who can make an > objectively supportable claim that they really need to have *both* number > resources *and* also confidentiality of their physical address, then let > those rare persons use a P.O. box number for their physical address or else > let them apply specially and -individually- to RIPE NCC for some special > dispensation from the default norm of entirely public WHOIS data. > Some telecom companies enter hundreds of thousands of customer details into the RIPE Database including personal names and addresses. These people, in reality, have probably never heard of the RIPE Database or the RIPE NCC. These are the very people GDPR is intended to protect. > This is the difference in our positions. You would have secrecy and > deliberate obfsucation be the new default and the new norm. I would > prefer to maintain the existing and longstanding norm that obfsucation of > contact information is offically -discouraged- rather than being officially > -encouraged- (and perhaps even, as you would have it, universally > -enforced-, > whether any individual affected member even wants it or not). > > What gives you or anyone the right to take away a member's rights to have > their true and actual mailing address in their own public WHOIS records? > Again you simply don't understand the issue. "their true and actual". This address is 'defined' in the database documentation as "The postal address of a contact related to the organisation". That can be anyone based in any location in the world, as Europol have discovered. They find several addresses for the same organisation in different parts of the world. This postal address, as defined, really had no meaning to anyone besides whoever entered the data. Because that is, after all, what you are proposing, right? You have not > proposed to -ask- each affected member if they want to have their mailing > address obscured or not, correct? You just want to impose this on -all- > natural person members, in a top-down and dictatorial fashion, whether any > given affected member likes it or not, right? > Including those hundreds of thousands of telecom customers who don't even realise their personal details are so openly exposed. This isn't only about members but end users as well. > >There are contacts referenced in the database that allow contact "for > >any and all issues relating to their RIPE number resources". I doubt > >any member would like Ronald to visit them at their home to rant on > >their doorstep. > > OK, so why are you limiting this proposal to only natural person members? > Are you suggesting that natural person members don't want me to visit their > actual physical location, but companies who are RIPE members do? > By making this postal address field optional companies can also choose not to enter an address. > So now, why don't you re-submit this proposal and instead propose that > *all* > mailing address information, including even the country name, be redacted > from the data base for *all* members? It will be optional. Because that's obviously where you > really want to go with all this. So let's just cut to the chase and redact > *all* mailing address inormation for *all* members. What's good for the > goose is good for the gander also, right? So let's just bite the bullet > and go directly to your real end goal which is to redact *all* physical > address information, from all data base records. Makes perfect sense, > based on your logic. > We are talking about a specific, meaningless postal address. [Utter nonsense removed] > > >> As I have said on the Anti-Abuse Working Group's mailing list, any > >> member concerned about concealing their mailing address either (a) is > >> up to no good or else (b) may easily and cheaply achieve the desired > >> goal FOR THEMSELVES by renting a cheap P.O. box. > > > >or (c) enter false data into an unverified, unchecked, mandatory field > >they don't want to fill in. > > Whose fault is it that even now, the RIPE public WHOIS data base contains > boatloads of unverified garbage? The very fact that some data is unverified means it is not checked. So no one knows of it is true or not. We take it on trust that entered data is correct. It is the community's fault, because the > community has failed to adopt any rule requiring the public WHOIS data > reflect known (to NCC) and objective reality. > You cannot verify I'll defined, free text data. > You can't have it both ways. You can't on the one hand decry, as I do, > the fact that there are no rules in place which would force public WHOIS > data to be accurate, and then in the same breath say that your "solution" > to the problem of inaccurate data is simply for NCC to stop publishing > -any- data. > > No. The way to fix the problem is to fix the problem. > > I propose, here and now, that upon reciept of any report or query, sent to > RIPE NCC, which suggests that any WHOIS record may contain invalid or > inaccurate data, Again you simply don't understand what you are talking about. BY DEFINITION this free text postal address is of A contact RELATED to the organisation. Good luck proving any address entered into this field is false. that RIPE NCC should compare the data in the public WHOIS > to the bona fide documents that NCC has on file for the relevant members, > and > if there is any notable discrepancy between the two, then NCC should > manually > substitute into the public WHOIS record the accurate and correct > information, > as obtained from NCC's own files. > Again you don't understand. The RIPE NCC does not hold on file details of all contacts related to member organisations. Even if they did, they are not allowed to publish confidential details held in a non public record into a public database without consent. > (Of course, I am sure that this proposal will receive the exact same > genuine, > fair, even handed, and thoughtful consideration as has every other proposal > that I have put forward here, which is to say absolutely none. Apparently, > only RIPE WG chairs and/or close friends thereof are allowed to ssuggest or > submit any proposals in any RIPE WG, and if one isn't pals with the Right > People, then one can go pound sand. This disgusting and blatant favoritism > is, of course, why I mostly don't waste my time in any RIPE WGs anymore. > Because what's the point? The die has already been cast.) > This is just purely insulting... > > My vision, in contrast, is for a future where every field in the WHOIS data > bases of -all- RIRs is accurate and has been verified, > That is simply not possible for all data fields. cheers denis Proposal author > > > > Regards, > rfg > > -- > > To unsubscribe from this mailing list, get a password reminder, or change > your subscription options, please visit: > https://mailman.ripe.net/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/db-wg/attachments/20220619/8e1a9af6/attachment.html>
- Previous message (by thread): [db-wg] 2022-01 New Version Policy Proposal (Personal Data in the RIPE Database)
- Next message (by thread): [db-wg] 2022-01 New Version Policy Proposal (Personal Data in the RIPE Database)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]