Another short discussion paper. As you see I'd like to keep this general issue separate from the immediate measures discussed in the other paper. Again comments are welcome. Daniel Some Toughts about an Acceptable Use Policy for the RIPE Database Scope This is a discussion paper intended to lay the groundwork for the development of a more explicit acceptable use policy (AUP) for the RIPE database. Motivation For the past six years we have been able to avoid the issue of codifying acceptable use of the RIPE database because the user community was limited. Conventions and peer pressure were sufficient to prevent abuse. This is changing rapidly. Therefore I believe we have to develop a written AUP and enforce it. Format As with any AUP is it difficult to anticipate any potential usage. It is even impractical to codify something for all usages that can be envisioned. In our case a good approach would be to list a number of common usages that are clearly acceptable, such as searching for contact points in case of operational problems or access by routing policy tools. Subsequently we can list a number of usages that are clearly not acceptable such as obtaining addresses for mass mailings or unauthorised changing of data. I think it will be rela- tively easy to obtain consensus about that. One can then state that any use which is comparable to one of those listed falls under the policy for the listed use. Any use not comparable at all will need to be determined by the database WG and added to the AUP. Enforcement If we have a written AUP and consensus that it should be enforced the NCC can get legal advice on how to best enforce it. However I would like to have the AUP defined first because otherwise thinking about enforcement tends to be less effective and also influences our goals, e.g. the desired AUP. Further Steps I'd like to see some discussion and resolution on two issues: Is an explicit AUP needed? and Is the format sug- gested above appropriate?