[db-wg] 2022-01 New Version Policy Proposal (Personal Data in the RIPE Database)
- Previous message (by thread): [db-wg] 2022-01 New Version Policy Proposal (Personal Data in the RIPE Database)
- Next message (by thread): [db-wg] 2022-01 New Version Policy Proposal (Personal Data in the RIPE Database)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
denis walker
ripedenis at gmail.com
Sun Jun 19 16:02:07 CEST 2022
Ronald On Sun, 19 Jun 2022, 11:50 Ronald F. Guilmette via db-wg, <db-wg at ripe.net> wrote: > I have already and on multiple occasions made my views known regarding the > currently pending proposal to have RIPE NCC perform a unrequested and > blanket > redaction of all natural person snail-mail address information from the > RIPE > data base. The RIPE NCC will not be redacting anything. And let's be clear, we are talking here about 'postal' addresses. Nontheless, I will now attempt to briefly recap my objections > to this proposal, and then, in a separate email to follow, I will attempt > to repsond directly to some of the points made most recently by the main > proponent of this proposal, denis. > > In brief, I am opposed because: > > *) This change, if adopted, would materially damage transparency in a > manner that is unambiguously detrimental to the interests of law > enforcement, private anti-abuse researchers, and the community as a > whole. This change, if implemented, would be of benefit primarily > and perhaps even exclusively to cybercriminals and other types of > Internet miscreants. > There is no transparency in undefined, unverified data. > *) Any member who wishes to have his, or her, or its actual physical > address concealed 'actual' is an interesting choice of wording. This 'actual' address is actually undefined to anyone but the person who entered it. in the public-facing WHOIS data base can effect > that exact change for themselves, easily and cheaply, without any > assistance or intervention of the part of RIPE NCC. This can be > accomplished by renting a P.O. box and/or by any number of other > and similar means, as I have previously noted. > Similar means, ie entering false, meaningless free text data. Or a PO box which Europol considered a dead end in their video I referenced. > The very fact that nobody, or essentially nobody has, to date, > elected > to hide their physical address via such means itself supports the > validity of my next point. > Many people do use a PO box or misleading addresses, as mentioned by Europol in their video. > *) Essentially nobody is asking for this change. This proposal is an > example of the tail waging the dog, i.e. a tiny, vocal, and > otherwise > insignificant but noisy minority dictating a poor policy choice > which, if adopted, the entire RIPE community (and indeed the entire > planet) will have to pay the price for, forever after -- that price > being not only the effort needed on RIPE NCC's part to implement > this > change, Nothing more than their normal ARCs but more importantly the price of a loss of transparency, and > the short and long term implications of that. > Loss of false and misleading data. > (I expect that if this scheme of forced and unrequested redactions > is > adopted, it will not be the last such change, and that the ultimate > endpoint actually desired by those opposed to transparency will be > that the entire RIPE WHOIS data base will eventually be placed > under > lock and key, never again to be seen by anyone not possessing a > formal > legal warrant. This, of course, would be an absolute disaster for > the community of actual network operators, as differentiated from > armchair privacy warriors.) > Please stop these emotive, utter nonsense, slippery slope, scare mongering arguments. > *) Contrary to the ill-informed and fuzzy legal musings of the lone > two > proponents of this proposal, there exists no legal basis for such > a change to the public facing data base. The postulated legal > mandate > regarding the content of the data base (or, more accurately, on > the absence of content) simply does not exist, and no such legal > mandate has existed at any time since GDRP came into full effect, > way back in May 2018, over four full years ago now. If any such > legal mandate had in fact existed, then we all would have known > about it long before now. > I actually presented on this very point at a RIPE meeting a few years ago, shortly after the introduction of GDPR. > If there either is or was any actual legal basis or compelling > legal > motivation for this policy change, then this total obfsucation of > natural person mailing addresses would have been implemented > already, > and some time ago. But as we here in the real world all know, > there > are no actual GDPR policemen banging on RIPE's door and demanding > this dramatic departure from literally all historical practice, > both > in the RIPE region and in all orther regions -- historical practice > that dates back even well more than 20 years, since before even the > formation of ARIN in 1997. > > I advocated this in my presentation a few years ago. Everything takes time > to effect on the RIPE community. If the appropriate authorities were to > study the RIPE Database purposes, content and operation in detail they > would indeed be knocking on some doors... > 'Historical' practise is no guarantee of 'for life'. cheers denis Proposal author > > > Regards, > rfg > > -- > > To unsubscribe from this mailing list, get a password reminder, or change > your subscription options, please visit: > https://lists.ripe.net/mailman/listinfo/db-wg > -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.ripe.net/ripe/mail/archives/db-wg/attachments/20220619/81272ac5/attachment.html>
- Previous message (by thread): [db-wg] 2022-01 New Version Policy Proposal (Personal Data in the RIPE Database)
- Next message (by thread): [db-wg] 2022-01 New Version Policy Proposal (Personal Data in the RIPE Database)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]