[db-wg] 2022-01 Resource holders identity

Colleagues

Now we move on to the more difficult issue of identifying resource
holders. For any resource holder that is not a natural person I don't
think there is a privacy issue. For natural persons we seem to have
this conflict between privacy and public interest. The privacy issue
is well understood. Publishing the name and address of a natural
person in an open, public database can have severe consequences. But
what is the public interest?

To understand this question we have to dig deep into the purpose of
the RIPE Database. Terms are thrown around with little consideration
to what they actually mean. We all know the RIPE Database is a 'public
registry', but what does that really mean? What is it a registry of,
why does it need to register this, who needs to know what and why?
After 30 years maybe we need to re-evaluate the fundamental purpose of
this database.

The database is a number, routing and reverse delegation registry. The
routing and delegation elements generally don't include personal data,
so we can put them to one side for the moment. What is the number
registry? It 'documents' IP addresses (IPv4 and IPv6). It is arguable
if ASNs are part of the number or routing registry. Although they are
Internet resources, the "org:" attribute is optional so it is not
possible to identify the resource holder of an ASN using the database.
There are a number of reasons that have been given over the years for
why this documentation is required. To ensure allocations and
assignments are unique. To know what parts of allocations are 'in use'
by end users. To identify who is responsible for a block of address
space. To have a means of contacting network operators for several
reasons.

We have already discussed contacts, so the key issue here relating to
both privacy and public interest is identifying who is responsible for
a block of address space. Let's consider why this needs to be done and
who needs to know. ORGANISATION and INET(6)NUM objects all reference
contacts. So if there are any technical, administrative or abuse
issues there are contacts who can handle these issues. We have already
agreed that contacts must be contactable and they must only exist in
the database if they are capable of addressing the related issues. So
what is the reason for wanting or needing to be able to identify who
is responsible for a block of address space and where to find them?
Taking away all the issues that contacts can handle, are we down to
purely legal matters? Is it for those cases involving criminal or
abusive behaviour that someone wants to hold the responsible party
accountable or liable? Are there research and investigatory reasons
for identifying the holders of blocks? Do some people want to cross
reference assignments held by individuals or organisations from
multiple, different resource holders to monitor activities? If so, is
it in the public interest and should it override privacy?

Before we can decide on the priorities of privacy vs public interest,
we need to understand what that public interest is. How does that
public interest fit with the purpose of the database? We need to have
this discussion now on the purpose of the database and the public
interest, or not, in certain bits of data to decide if the identities
of natural persons holding resources can, should, must be hidden from
public view.

cheers
denis
proposal author