[ripe-db-requirements-tf] Notes from 20 April 2021 Meeting

Dear all,

Here's the meeting notes from our last call.

*RIPE Requirements Database Task Force Meeting Notes*
20 April 2021 Meeting

Attendees: Boris Duval, Nick Hilliard, James Kennedy, Shane Kerr, Peter Koch, Bijal Sanghani, Ed Shryane

1.  Reviewing the legal address recommendation
The task force reviewed the following recommendation:
“The task force recommends that the legal address of resource holders who are legal persons be published in the RIPE Database. This will clarify which organisation holds which Internet number resources and ensure quick action from incident responders such as CSIRTs and LEAs in case of abuse.”

The task force discussed having a third option where LEAs could have access to the legal address upon request without a court order. However, this option would be difficult to implement because it will fall on the RIPE NCC to decide who can access the information and who qualifies as an LEA.

Shane proposed to publish the corporate identifier rather the legal address as a stepping stone. Boris added that NWI-10 could also be considered as a stepping stone.

Peter mentioned that it is unclear who will benefit from this recommendation being implemented. Looking at the Law Enforcement Agency Requests 2020 report, there was only one request about non-public information.

Nick mentioned that resource holders should be able to have their legal address removed from the RIPE Database if they request it. He added that this would help make this recommendation compatible with the current privacy regulations (e.g. GDPR).

Peter asked why the RIPE NCC decided to keep legal addresses private in the first place and if whether or not the task force or the membership could legally act on this topic. Nick mentioned that the RIPE NCC could probably decline to publish this information under GDPR or another privacy legislation. Peter mentioned that it would be good to clarify this point before going forward with the recommendation. Boris will follow up with the RIPE NCC legal team.

Bijal mentioned that there wasn’t enough feedback from the community on this topic to take a decision. Bijal asked the RIPE Chair, Mirjam Kühne, to follow up with CSIRTs to get their input. Bijal also proposed to invite Dick Leaning to one of the DBTF calls. Dick previously worked for the RIPE NCC as an External Relations consultant and liaison to LEAs, and might have an interesting perspective to share on this topic. Parallel to that, Boris will coordinate with the RIPE NCC External Relations department and ask them to reach out to their CSIRTs and LEAs contacts about this recommendation.


2.  Next Meeting
The DBTF next meeting will take place in April.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: Message signed with OpenPGP
URL: </ripe/mail/archives/ripe-db-requirements-tf/attachments/20210504/eb760cb0/attachment.sig>