Ronald, On 03/12/2020 22.57, Ronald F. Guilmette via db-wg wrote:
Let's cut to the chase here. I'll start the ball rolling, and Denis can support or not support the following propoal as he sees fit...
Be it proposed that starting from January 1, 2021, public access to the RIPE WHOIS data base shall be terminated, and after that date only RIPE NCC staff members shall have access to any information contained within the RIPE data base.
Alternatively, starting from January 1, 2021, public access to the RIPE WHOIS data base shall be terminated, but the data will still be available, with all names of companies and individuals being redacted, only to dues-paying RIPE members.
The above proposals are maximally consistant with both GDPR and also with the twin overriding goals of privacy and security.
Can I get a second for my proposal?
One missing bit of this proposal is organizations who *want* their network information visible to other network operators. Back when we used phone books there were people who wanted their name and phone number published... sometimes including their physical address... and some people who did not. So I would not be terribly sad with the 2nd version if allowed an opt-in clause. Also, the RIPE PDP (Policy Development Process) does not allow for such a quick timeframe, so best to leave the date off at least until the RIPE NCC has completed their feasibility assessment. So maybe a version which looks like this: By default, the RIPE Whois Database will only return whether number resources are allocated or not in the public view. RIPE NCC members may opt to publish additional information in the public view of the database. RIPE NCC members will also be able to access contact information and other meta-data (such as date of allocation) of other members in a private view of the database. Cheers, -- Shane