[ncc-services-wg] legal adress

@Niall : i  understand your point and clearly this is not an easy topic
when it comes to define what is personal data.
But here is my question : If, to you, the legal adress is a personal
data, are you also thinking the same way about the telephone number
which is so far kept for registrar abuse contact phone ?

Speaking about sole trader, if i understand well your point and go
beyond, the name by itself might also be considerated as a personal data
as it is also a way to identify the person.

To me, legal adress is just a way to be assured that the official
request are sent to the correct place


Pour une administration exemplaire, préservons l'environnement.
N'imprimons que si nécessaire.

-------- Message original --------
*Sujet: *[INTERNET] ncc-services-wg Digest, Vol 79, Issue 5
*De : *ncc-services-wg-request at ripe.net
*Pour : *ncc-services-wg at ripe.net
*Date : *10/10/2018 09:20
> Send ncc-services-wg mailing list submissions to
> 	ncc-services-wg at ripe.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://mailman.ripe.net/
> or, via email, send a message with subject or body 'help' to
> 	ncc-services-wg-request at ripe.net
>
> You can reach the person managing the list at
> 	ncc-services-wg-owner at ripe.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of ncc-services-wg digest..."
>
>
> Today's Topics:
>
>    1. Re: sara proposal and question to Randy (Niall O'Reilly)
>    2. Re: sara proposal and question to Randy (Carlos Fria?as)
>    3. Re: sara proposal and question to Randy (Randy Bush)
>    4. Re: sara proposal and question to Randy (Randy Bush)
>    5. back to randy (ROBINOT Stephane DCPJ SDLC)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 09 Oct 2018 15:16:58 +0100
> From: "Niall O'Reilly" <niall.oreilly at ucd.ie>
> To: ncc-services-wg at ripe.net
> Subject: Re: [ncc-services-wg] sara proposal and question to Randy
> Message-ID: <D607D348-09D8-456C-B412-BB48896A2345 at ucd.ie>
> Content-Type: text/plain; charset="us-ascii"
>
> On 9 Oct 2018, at 14:43, ROBINOT Stephane DCPJ SDLC wrote:
>
>> If we all agree that personnal ie individual data has to be removed from direct access and that the legal address has to be published,
> It is difficult to agree in general to both of these points, as they may,
> in specific cases, contradict each other.
>
> The crux of the matter appears to be that the legal address of a sole trader
> is precisely and inevitably personal data.
>
> Best regards,
> Niall O'Reilly
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: signature.asc
> Type: application/pgp-signature
> Size: 903 bytes
> Desc: OpenPGP digital signature
> URL: </ripe/mail/archives/ncc-services-wg/attachments/20181009/179eef5c/attachment-0001.sig>
>
> ------------------------------
>
> Message: 2
> Date: Tue, 9 Oct 2018 17:03:23 +0100 (WEST)
> From: Carlos Fria?as <cfriacas at fccn.pt>
> To: ROBINOT Stephane DCPJ SDLC <stephane.robinot at interieur.gouv.fr>
> Cc: ncc-services-wg at ripe.net
> Subject: Re: [ncc-services-wg] sara proposal and question to Randy
> Message-ID:
> 	<alpine.LRH.2.21.1810091700510.29142 at gauntlet.corp.fccn.pt>
> Content-Type: text/plain; charset="iso-8859-1"; Format="flowed"
>
>
> On Tue, 9 Oct 2018, ROBINOT Stephane DCPJ SDLC wrote:
>
> (...)
>> To randy, I would like to say that I don't understand what he pmeans by
>> "whois is useless and should die".
>> As I am new in this group, I might have missed something. Could you
>> explain what you mean ?
>>
>> regards
>>
>>
>> cv
> Greetings,
>
> I'm also curious about if he meant "whois should die, let's get everything 
> onto rdap quickly", or if he means: "whois and all other registration 
> information protocols should die, so that nobody sees anything anymore".
>
> :-)))
>
>
> Regards,
> Carlos
>
>
>
>> Pour une administration exemplaire, pr?servons l'environnement.
>> N'imprimons que si n?cessaire.
>>
>> -------- Message original --------
>> *Sujet: *[INTERNET] ncc-services-wg Digest, Vol 79, Issue 3
>> *De : *ncc-services-wg-request at ripe.net
>> *Pour : *ncc-services-wg at ripe.net
>> *Date : *09/10/2018 12:00
>>> Send ncc-services-wg mailing list submissions to
>>> 	ncc-services-wg at ripe.net
>>>
>>> To subscribe or unsubscribe via the World Wide Web, visit
>>> 	https://mailman.ripe.net/
>>> or, via email, send a message with subject or body 'help' to
>>> 	ncc-services-wg-request at ripe.net
>>>
>>> You can reach the person managing the list at
>>> 	ncc-services-wg-owner at ripe.net
>>>
>>> When replying, please edit your Subject line so it is more specific
>>> than "Re: Contents of ncc-services-wg digest..."
>>>
>>>
>>> Today's Topics:
>>>
>>>    1. @EXT: 2018-05 New Policy Proposal (Publication of Legal
>>>       Address of Internet Number Resource Holder) - updating the
>>>       proposal? (Marcolla, Sara Veronica)
>>>    2. Re: @EXT: 2018-05 New Policy Proposal (Publication of Legal
>>>       Address of Internet Number Resource Holder) - updating the
>>>       proposal? (Randy Bush)
>>>    3. Re: @EXT: 2018-05 New Policy Proposal (Publication of Legal
>>>       Address of Internet Number Resource Holder) - updating the
>>>       proposal? (Carlos Fria?as)
>>>    4. @EXT: RE: 2018-05 New Policy Proposal (Publication of Legal
>>>       Address of Internet Number Resource Holder) - updating the
>>>       proposal? (Marcolla, Sara Veronica)
>>>    5. Re: @EXT: 2018-05 New Policy Proposal (Publication of Legal
>>>       Address of Internet Number Resource Holder) - updating the
>>>       proposal? (Nik Soggia)
>>>
>>>
>>> ----------------------------------------------------------------------
>>>
>>> Message: 1
>>> Date: Mon, 8 Oct 2018 15:46:47 +0000
>>> From: "Marcolla, Sara Veronica" <Sara.Marcolla at europol.europa.eu>
>>> To: "'ncc-services-wg at ripe.net'" <ncc-services-wg at ripe.net>
>>> Subject: [ncc-services-wg] @EXT: 2018-05 New Policy Proposal
>>> 	(Publication of Legal Address of Internet Number Resource Holder) -
>>> 	updating the proposal?
>>> Message-ID:
>>> 	<ED32B03A4D1A7448B86844EED9D4845D4EA5BF82 at COIMBRA.europol.eu.int>
>>> Content-Type: text/plain; charset="us-ascii"
>>>
>>> Hi everyone,
>>>
>>> All the comments exchanged in the list made me thinking a lot about the wording of this proposal. I have noticed that the lively discussion around the policy is bringing a lot of attention on the dichotomy between the individual (which I agree completely, should be protected in their fundamental rights, with provisions such as the GDPR and others), and the company/corporation. It seems to me so far that many of us would indeed support the idea of having the legal address published of companies, but having concerns about personal data. The aim of this proposal is indeed to focus on companies, not individuals, and even the smallest company has to be registered as such (if not for other reasons, for tax reasons). Individuals will be anyways protected by a hierarchically higher set of rules: the fundamental rights, such as those championed by GDPR for example.
>>>
>>> At this point I am asking whether you support a proposal, the clarifies that only the legal address of companies will be published, and that states clearly that individuals information will be protected? After all, the reasoning here is that if a resource holder is registered with a national company registry, they have a legal address which can be published. This legal address is usually publicly available anyhow and can be then validated by the RIPE NCC.
>>>
>>> Looking forward to hear the feedback to this idea for an amendment to the proposal.
>>>
>>> Sara
>>> *******************
>>>
>>> DISCLAIMER : This message is sent in confidence and is only intended for the named recipient. If you receive this message by mistake, you may not use, copy, distribute or forward this message, or any part of its contents or rely upon the information contained in it.
>>> Please notify the sender immediately by e-mail and delete the relevant e-mails from any computer. This message does not constitute a commitment by Europol unless otherwise indicated.
>>>
>>> *******************
>>>
>>>
>>>
>>>
>>> ------------------------------
>>>
>>> Message: 2
>>> Date: Mon, 08 Oct 2018 09:30:39 -0700
>>> From: Randy Bush <randy at psg.com>
>>> To: "Marcolla, Sara Veronica" <Sara.Marcolla at europol.europa.eu>
>>> Cc: "'ncc-services-wg at ripe.net'" <ncc-services-wg at ripe.net>
>>> Subject: Re: [ncc-services-wg] @EXT: 2018-05 New Policy Proposal
>>> 	(Publication of Legal Address of Internet Number Resource Holder) -
>>> 	updating the proposal?
>>> Message-ID: <m2y3b8e6z4.wl-randy at psg.com>
>>> Content-Type: text/plain; charset=US-ASCII
>>>
>>>> At this point I am asking whether you support a proposal, the
>>>> clarifies that only the legal address of companies will be published
>>> not particularly
>>>
>>> the contract is between the ncc and the registrant; not the community
>>> and the registrant.
>>>
>>> whois (not the irr, which is confuddled with it in the ripe registry)
>>> is useless and should die.
>>>
>>> randy
>>>
>>>
>>>
>>> ------------------------------
>>>
>>> Message: 3
>>> Date: Mon, 8 Oct 2018 22:50:25 +0100 (WEST)
>>> From: Carlos Fria?as <cfriacas at fccn.pt>
>>> To: "Marcolla, Sara Veronica" <Sara.Marcolla at europol.europa.eu>
>>> Cc: "'ncc-services-wg at ripe.net'" <ncc-services-wg at ripe.net>
>>> Subject: Re: [ncc-services-wg] @EXT: 2018-05 New Policy Proposal
>>> 	(Publication of Legal Address of Internet Number Resource Holder) -
>>> 	updating the proposal?
>>> Message-ID:
>>> 	<alpine.LRH.2.21.1810082238040.25543 at gauntlet.corp.fccn.pt>
>>> Content-Type: text/plain; charset=US-ASCII; format=flowed
>>>
>>>
>>>
>>> On Mon, 8 Oct 2018, Marcolla, Sara Veronica wrote:
>>>
>>>> Hi everyone,
>>> Greetings,
>>>
>>>
>>>> All the comments exchanged in the list made me thinking a lot about the
>>>> wording of this proposal. I have noticed that the lively discussion
>>>> around the policy is bringing a lot of attention on the dichotomy
>>>> between the individual (which I agree completely, should be protected
>>>> in their fundamental rights, with provisions such as the GDPR and
>>>> others), and the company/corporation. It seems to me so far that many of
>>>> us would indeed support the idea of having the legal address published
>>>> of companies, but having concerns about personal data. The aim of this
>>>> proposal is indeed to focus on companies, not individuals, and even the
>>>> smallest company has to be registered as such (if not for other reasons,
>>>> for tax reasons). Individuals will be anyways protected by a
>>>> hierarchically higher set of rules: the fundamental rights, such as
>>>> those championed by GDPR for example.
>>> Well, LIR addresses are already published on the RIPE NCC's website.
>>> LIR's customers addresses may not be part of whois.ripe.net... well...
>>> i know some LIRs tend to protect their customers identity, to prevent
>>> competitors to approach them with better contractual conditions (this is
>>> not the case of the LIR i work for, which is a NREN)
>>>
>>>
>>>> At this point I am asking whether you support a proposal, the clarifies
>>>> that only the legal address of companies will be published, and that
>>>> states clearly that individuals information will be protected? After
>>>> all, the reasoning here is that if a resource holder is registered with
>>>> a national company registry, they have a legal address which can be
>>>> published. This legal address is usually publicly available anyhow and
>>>> can be then validated by the RIPE NCC.
>>> I see added value in "validation by the RIPE NCC", despite the natural
>>> cost this will bring...
>>>
>>> However, i wonder what should be the procedure if RIPE NCC finds that
>>> company X registers a new company Y in a different country/economy
>>> resorting to a "virtual office" address.
>>>
>>>
>>>> Looking forward to hear the feedback to this idea for an amendment to the proposal.
>>> Good luck!
>>>
>>>
>>> Best Regards,
>>> Carlos
>>>
>>>
>>>> Sara
>>>> *******************
>>>>
>>>> DISCLAIMER : This message is sent in confidence and is only intended for the named recipient. If you receive this message by mistake, you may not use, copy, distribute or forward this message, or any part of its contents or rely upon the information contained in it.
>>>> Please notify the sender immediately by e-mail and delete the relevant e-mails from any computer. This message does not constitute a commitment by Europol unless otherwise indicated.
>>>>
>>>> *******************
>>>>
>>>>
>>>
>>> ------------------------------
>>>
>>> Message: 4
>>> Date: Tue, 9 Oct 2018 07:41:15 +0000
>>> From: "Marcolla, Sara Veronica" <Sara.Marcolla at europol.europa.eu>
>>> To: 'Carlos Fria?as' <cfriacas at fccn.pt>, "'ncc-services-wg at ripe.net'"
>>> 	<ncc-services-wg at ripe.net>
>>> Subject: [ncc-services-wg] @EXT: RE: 2018-05 New Policy Proposal
>>> 	(Publication of Legal Address of Internet Number Resource Holder) -
>>> 	updating the proposal?
>>> Message-ID:
>>> 	<ED32B03A4D1A7448B86844EED9D4845D4EA5C59B at COIMBRA.europol.eu.int>
>>> Content-Type: text/plain; charset="iso-8859-1"
>>>
>>> Hi Carlos,
>>>
>>> I understand the logic behind the protection of LIRs for competition reasons - however I am positively sure that this right cannot be considered anywhere close to the right to privacy and protection of individuals.
>>>
>>> Regarding your comment on the company change, I believe that the case of change of holdership should firstly have  to pass the existing RIPE NCC due diligence checks for transfers/mergers. It would then  still be useful to actually have the legal address of this new company, as it helps to identify the company who is the registered resource holder.
>>>
>>> Sara
>>>
>>> -----Original Message-----
>>> From: Carlos Fria?as [mailto:cfriacas at fccn.pt]
>>> Sent: 08 October 2018 23:50
>>> To: Marcolla, Sara Veronica
>>> Cc: 'ncc-services-wg at ripe.net'
>>> Subject: Re: [ncc-services-wg] @EXT: 2018-05 New Policy Proposal (Publication of Legal Address of Internet Number Resource Holder) - updating the proposal?
>>>
>>>
>>>
>>> On Mon, 8 Oct 2018, Marcolla, Sara Veronica wrote:
>>>
>>>> Hi everyone,
>>> Greetings,
>>>
>>>
>>>> All the comments exchanged in the list made me thinking a lot about the
>>>> wording of this proposal. I have noticed that the lively discussion
>>>> around the policy is bringing a lot of attention on the dichotomy
>>>> between the individual (which I agree completely, should be protected
>>>> in their fundamental rights, with provisions such as the GDPR and
>>>> others), and the company/corporation. It seems to me so far that many of
>>>> us would indeed support the idea of having the legal address published
>>>> of companies, but having concerns about personal data. The aim of this
>>>> proposal is indeed to focus on companies, not individuals, and even the
>>>> smallest company has to be registered as such (if not for other reasons,
>>>> for tax reasons). Individuals will be anyways protected by a
>>>> hierarchically higher set of rules: the fundamental rights, such as
>>>> those championed by GDPR for example.
>>> Well, LIR addresses are already published on the RIPE NCC's website.
>>> LIR's customers addresses may not be part of whois.ripe.net... well...
>>> i know some LIRs tend to protect their customers identity, to prevent
>>> competitors to approach them with better contractual conditions (this is
>>> not the case of the LIR i work for, which is a NREN)
>>>
>>>
>>>> At this point I am asking whether you support a proposal, the clarifies
>>>> that only the legal address of companies will be published, and that
>>>> states clearly that individuals information will be protected? After
>>>> all, the reasoning here is that if a resource holder is registered with
>>>> a national company registry, they have a legal address which can be
>>>> published. This legal address is usually publicly available anyhow and
>>>> can be then validated by the RIPE NCC.
>>> I see added value in "validation by the RIPE NCC", despite the natural
>>> cost this will bring...
>>>
>>> However, i wonder what should be the procedure if RIPE NCC finds that
>>> company X registers a new company Y in a different country/economy
>>> resorting to a "virtual office" address.
>>>
>>>
>>>> Looking forward to hear the feedback to this idea for an amendment to the proposal.
>>> Good luck!
>>>
>>>
>>> Best Regards,
>>> Carlos
>>>
>>>> Sara
>>>> *******************
>>>>
>>>> DISCLAIMER : This message is sent in confidence and is only intended for the named recipient. If you receive this message by mistake, you may not use, copy, distribute or forward this message, or any part of its contents or rely upon the information contained in it.
>>>> Please notify the sender immediately by e-mail and delete the relevant e-mails from any computer. This message does not constitute a commitment by Europol unless otherwise indicated.
>>>>
>>>> *******************
>>>>
>>>>
>>> *******************
>>>
>>> DISCLAIMER : This message is sent in confidence and is only intended for the named recipient. If you receive this message by mistake, you may not use, copy, distribute or forward this message, or any part of its contents or rely upon the information contained in it.
>>> Please notify the sender immediately by e-mail and delete the relevant e-mails from any computer. This message does not constitute a commitment by Europol unless otherwise indicated.
>>>
>>> *******************
>>>
>>>
>>>
>>>
>>> ------------------------------
>>>
>>> Message: 5
>>> Date: Tue, 9 Oct 2018 10:13:48 +0200
>>> From: Nik Soggia <registry at telnetwork.it>
>>> To: "'ncc-services-wg at ripe.net'" <ncc-services-wg at ripe.net>
>>> Subject: Re: [ncc-services-wg] @EXT: 2018-05 New Policy Proposal
>>> 	(Publication of Legal Address of Internet Number Resource Holder) -
>>> 	updating the proposal?
>>> Message-ID: <e3905e73-8c1d-6784-e3a5-aacf47215507 at telnetwork.it>
>>> Content-Type: text/plain; charset=iso-8859-15; format=flowed
>>>
>>> Il 08/10/18 17:46, Marcolla, Sara Veronica ha scritto:
>>>
>>>> After all, the reasoning here is that if a resource holder is registered with a national company registry, they have a legal address which can be published.
>>> Maybe the key to make everyone happy is the word "can" instead of
>>> "must". Why not make it optional?
>>>
>>> If companies are in good faith or they like the idea then they will use
>>> it, and they will also be happy to maintain the data.
>>> Otherwise it will be just a waste of time on another
>>> wrong/outdated/malicious dataset.
>>> How fun it is to check the validity of a validated address?
>>> Life is too short, right?
>>>
>>>> This legal address is usually publicly available anyhow and can be then validated by the RIPE NCC.
>>> Duplicating data instead of referencing it breaks the first database
>>> design rule.
>>> Companies are forced by law to keep their chamber of commerce data up to
>>> date. THAT is the best source of information and it is readily
>>> available. Don't reinvent the wheel.
>>>
>>> This proposal is can of worms:
>>> - same data in many places is difficult to maintain and prone to errors
>>> - doesn't stop bad actors
>>> - quickly provides massive information to data harvesters and scammers
>>>
>>> In my opinion this proposal is not the right way to identify a resource
>>> holder the way you dreamt.
>>> It's not a elegant solution and in general I have a bad feeling about
>>> it, imagine a blunt tool that not only will make a poor job but also
>>> will bring a lot of frustration.
>>>
>>> Ok for me if it is optional, otherwise I'm against.
>>> Regards,
>>>
>>
> ------------------------------
>
> Message: 3
> Date: Tue, 09 Oct 2018 09:28:54 -0700
> From: Randy Bush <randy at psg.com>
> To: ROBINOT Stephane DCPJ SDLC <stephane.robinot at interieur.gouv.fr>
> Cc: ncc-services-wg at ripe.net
> Subject: Re: [ncc-services-wg] sara proposal and question to Randy
> Message-ID: <m2in2bcce1.wl-randy at psg.com>
> Content-Type: text/plain; charset=US-ASCII
>
>> To randy, I would like to say that I don't understand what he pmeans by
>> "whois is useless and should die".
>> As I am new in this group, I might have missed something. Could you
>> explain what you mean ?
> i already did
>
> https://www.ripe.net/ripe/mail/archives/db-wg/2018-September/006036.html
>
> randy
>
>
>
> ------------------------------
>
> Message: 4
> Date: Tue, 09 Oct 2018 09:33:56 -0700
> From: Randy Bush <randy at psg.com>
> To: ROBINOT Stephane DCPJ SDLC <stephane.robinot at interieur.gouv.fr>
> Cc: ncc-services-wg at ripe.net
> Subject: Re: [ncc-services-wg] sara proposal and question to Randy
> Message-ID: <m2h8hvcc5n.wl-randy at psg.com>
> Content-Type: text/plain; charset=US-ASCII
>
> and, just to make clear from whence i come, let me quote another old
> dog.
>
>     We should not be building surveillance technology into standards.
>     Law enforcement was not supposed to be easy.  Where it is easy, it's
>     called a police state.  -- Jeff Schiller
>
> i.e., if you want the details of my company's contract with the ncc,
> show up in amsterdam with a warrant.
>
> randy
>
>
>
> ------------------------------
>
> Message: 5
> Date: Wed, 10 Oct 2018 09:20:07 +0200
> From: ROBINOT Stephane DCPJ SDLC <stephane.robinot at interieur.gouv.fr>
> To: Randy Bush <randy at psg.com>
> Cc: ncc-services-wg at ripe.net
> Subject: [ncc-services-wg] back to randy
> Message-ID: <5BBDA827.5030906 at interieur.gouv.fr>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hello Randy,
>
> I think there is a tiny difference between a police state and what is
> really happening today within LEA (meaning Police but also prosecutor,
> investigative judges...) and the national and international legal
> safeguards.
>
> We are just thinking on how to agree on a common understanding before
> some cohercitives actions are to be taken such as seizure of an entire
> network within a company.
>
> In my day to day job, and i'm not saying this universal TRUTH, I have
> build relationship with companies that really happy to be informed about
> what I'm working on and what is currently running thru their servers,
> what, in others countries, could be identified as providing assistance
> to a criminal.
>
> I think that what RGPD is bringing is terrific for the good of all,
> including LEA that will have to create partnerships with stakeholders in
> order to keep the work done.
>
> have a nice day.
>
>
> Pour une administration exemplaire, pr?servons l'environnement.
> N'imprimons que si n?cessaire.
>
> -------- Message original --------
> *Sujet: *[INTERNET] Re: [ncc-services-wg] sara proposal and question to
> Randy
> *De : *Randy Bush <randy at psg.com>
> *Pour : *ROBINOT Stephane DCPJ SDLC <stephane.robinot at interieur.gouv.fr>
> *Copie ? : *ncc-services-wg at ripe.net
> *Date : *09/10/2018 18:33
>> and, just to make clear from whence i come, let me quote another old
>> dog.
>>
>>     We should not be building surveillance technology into standards.
>>     Law enforcement was not supposed to be easy.  Where it is easy, it's
>>     called a police state.  -- Jeff Schiller
>>
>> i.e., if you want the details of my company's contract with the ncc,
>> show up in amsterdam with a warrant.
>>
>> randy
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: </ripe/mail/archives/ncc-services-wg/attachments/20181010/0018245e/attachment.html>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: C:\Users\0693451\Pictures\carte de visite num?rique.jpg
> Type: image/jpeg
> Size: 54496 bytes
> Desc: not available
> URL: </ripe/mail/archives/ncc-services-wg/attachments/20181010/0018245e/attachment.jpg>
>
> End of ncc-services-wg Digest, Vol 79, Issue 5
> **********************************************

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/ncc-services-wg/attachments/20181010/1dc30651/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: C:\Users\0693451\Pictures\carte de visite num?rique.jpg
Type: image/jpeg
Size: 54496 bytes
Desc: not available
URL: </ripe/mail/archives/ncc-services-wg/attachments/20181010/1dc30651/attachment.jpg>