On 16/Dec/11 22:32, russ@consumer.net wrote:
Security and privacy are things that need to be balanced so it is not off-topic to discuss privacy requirements for abuse systems.
The subject is on topic indeed. It has various facets, including unlimited access to abuse-mailboxes, anonymity of IP delegations, and possibly even redaction of spam complaints. For IP numbers, a privacy requirement is necessary to avoid tracking users. However, there has to be an exception for mail delivery (not submission). IIRC there is an exception for e-commerce, that limits a merchant's right to anonymity. Likewise, mail servers shouldn't be allowed to be anonymous. Most EU concerns are discussed within the coordination-wg, though. So I'm not clear on the worthiness of having this discussion here. jm2c