Re: Ownership of RIPE Database
- Date: Wed, 26 Aug 1992 18:39:32 MET
>Of course when formalising this the issue of data protection legislation
>regularly pops up as well.
>[...]
>Daniel
>
>PS: Also RIPE as a group might have a position on this.
As an entry in ripe@localhost my personal feelings are as follows:
/* #include community/general/disclaimer.h */
a) try to avoid discussing these issues as long as it seems to be feasable;
however if the question has been raised in the public, you really have to
make a move. Otherwise decisions are made be other bodies, not necessarily
to your comfort.
b) As we (RIPE!?) are apparently forced to act, my proposal is along the
lines of Fidonet, X.400-MHS and/or the Free Software Foundation/GNU etc.:
Have the RIPE-NCC with the endorsement of RIPE and/or RARE (?) hold the
Copyright. Then formally charge the holder of the copyright to provide
the information freely, within the limits of the usual restrictions (not
for profit, must not be restricted or altered if passed on, every copy
must carry these tags, etc.)
c) when it comes to the protection of personal data, then we are in deep ...
It still remains open what data is really personal/private and thus
subject to protection!
(Your healt record probably is private [though not part of an entry
in the database], affiliation of a networkmanager, address of your
office and telefone number probably is NOT personal ==> nonissue])
I think there is currently no European solution for this. Maybe we have to
formally move the DB to a country where this is not (yet) a problem? Or
we, once again, go along the RIPE Community Route as a kind of
"association". Everybody joining (personally or as the representative of
an organisation), explicitely agrees to have this data made publicly
available, even if this means that I have to sign a paper at a RIPE
Meeting.
d) The "German Situation": While I do not know anything in detail, my general
feeling is, that requests for privacy/keeping within a closed usergroup
are _wrong_ as well as technically _misleading_. I could for example tell
you stories about "keeping addresses secret" and at the same time they are
listed in official directories (eg. PSPDN X.25 :-)...
Every organisation that feels a need for such type of privacy eventually
has to set up it's own network and cut _all_ links to other networks. And
thus it becomes an _nonissue_. We should try to make this clear. I think
there is no real way of _sharing infrastructure_, _collaboratively
managing or trouble shooting_ and at the same time keeping _private or
hidden_ addresses, etc.
...my 10 pennis worth, Wilfried.