This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ncc-services-wg@ripe.net/
[ncc-services-wg] personal data in the NCC
- Previous message (by thread): [ncc-services-wg] personal data in the NCC
- Next message (by thread): [ncc-services-wg] Re: Optimize to be new LIR progress (Shahin Gharghi)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Max Tulyev
president at ukraine.su
Thu Oct 21 15:29:22 CEST 2010
Hi All, I read the thread about it, and there is something to dig out for me. As for my experience in working with RIPE NCC hostmasters, they often request a lot of information they never can check. It is the MAC address lists, some kind of graphs, some papers issued by companies they never can reach, etc. All these data can be relatively easy obtained and processed. The other way is the personal data, and so important data like photo ID or passport. Request and handle that data is difficult and is a subject of a number of laws, such as The Law about Personal Data in Russia. By that law, the legal obtaining of that data is almost impossible for RIPE NCC, so it means RIPE can NEVER check the russian passport you send them. The question is: what EXACTLY do RIPE NCC staff do with the photo IDs we are sending them? Is it really important, or it is just for a extra bureaucracy? Also, let's imaging bad and good guys. The bad guy will make the "photo ID" in the Photoshop in a few minutes (and look up this message - RIPE NCC can't check it), but the good guy will experience a lot of problems. So why? 20.10.10 12:25, Sergey Myasoedov написав(ла): > Hello, > > I would like to talk about personal data protection. After the audit process, NCC demands > that we send them, together with the contract, the ID of person who signs the End User > assignment contract (even if the contract is signed by a person on behalf of company). > > It seems strange: the CEO of company that wants IP resources signs the contract, probably > stamps it and suddenly (!) RIPE NCC asks for the ID of CEO. We (LIR) have no choice on such > operations - we should request ID or RIPE NCC will not assign resources for our customers. > > Even more, RIPE NCC requires scans of ID, and this action violates local laws in some > countries (for example, CZ or RU). In Russia, personal data can be processed only after a > special agreement (except some cases mentioned in the law), but we will send the ID images > without any special agreements to the NCC. > > I tried to find some statements on data protection in the RIPE NCC or on any guarantee of > confidentiality, but no such information found in the standard service agreement or any > policy documents. > > On these grounds, I would like to initiate a change. RIPE NCC should have data protection > procedures or RIPE NCC should not request personal IDs of third parties. > > > -- > Sergey > -- WBR, Max Tulyev (MT6561-RIPE, 2:463/253 at FIDO)
- Previous message (by thread): [ncc-services-wg] personal data in the NCC
- Next message (by thread): [ncc-services-wg] Re: Optimize to be new LIR progress (Shahin Gharghi)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]