Hi Mark, 

I read your concern about individual privacy and I am sure that in the implementation of the policy, the safeguards and guarantees that are aimed at protecting personal privacy and individual rights, especially following the provisions of the GDPR, will be guaranteed. On this point, I believe that even in this strong disagreement, we do agree. 

The aim of the policy, as you indeed understand, is to publish the location of where to address non-technical concerns. That we like it or not, there are other reasons that call for the need of quickly contacting a resource holder other than a merely technical issue. And as Internet is global but chamber of commerce databases are local, it is to be welcome an addition to a database that can serve this purpose. Do you agree? 

In this sense, it is indeed helping to speed up legal processes - and it speeds up the most basic first hurdle, that is “to whom can I address my concerns that are not of (purely) technical nature”? I am not only speaking here of Law Enforcers - but I am also speaking here of all those entities that have to put into practice provisions coming from the NIS Directive for example, or perhaps even the GDPR. All these require to immediately contact for legal reason an entity, and this policy proposal would be a step into this direction. All what can be done on the technical level (and you rightfully mention RPKI and other measures surely effective technically) needs to be complemented by what can be done to facilitate certain processes in place  that require actions other than technical. There are as well as you say other actions to speed up other parts of the legal process and they are being explored, but this proposal complements them, does not substitute them. I know. It might sound a little philosophical but is in the end reflecting the reality of what internet is now: not only a community of technicians and enthusiasts, but a wider one. 

Kind regards,
Sara Marcolla

Typed with a very tiny keyboard this mistakes can occur

From: Mark Scholten <mark@mscholten.eu>
Date: Thursday, 27 Sep 2018, 10:12 PM
To: ncc-services-wg@ripe.net <ncc-services-wg@ripe.net>
Subject: Re: [ncc-services-wg] 2018-05 New Policy Proposal (Publication of Legal Address of Internet Number Resource Holder)

Hello,

This should have come from my personal account.

This are my personal opinions.

Regards, Mark

> -----Original Message-----
> From: ncc-services-wg [mailto:ncc-services-wg-bounces@ripe.net] On Behalf
> Of Stream Service
> Sent: Thursday, September 27, 2018 23:08
> To: ncc-services-wg@ripe.net
> Subject: Re: [ncc-services-wg] 2018-05 New Policy Proposal (Publication of
> Legal Address of Internet Number Resource Holder)
>
> Hello,
>
> I'm against this policy. Publishing the a number that refers to some local
> chamber of commerce registration is not a problem for me (if the resource
> holder is a company). However having an extra location to publish the
> address is something I'm against. Especially when the address/building is
> also the home of someone. If someone has a genuine right to obtain the
> address they will likely be able to get it anyway.
>
> Also in some cases the resource holder is a natural person. Please keep
this
> in mind with any policy that is created.
>
> This policy greatly violates any privacy law that might apply. At least
when
> the home address of someone is published. If it is a private person that
is
> the resource holder publishing the address is also a privacy violation I
> believe.
>
> Now about the rationale:
>
> > To make it more difficult for malicious actors to hijack block of IP
> addresses and therefore play a preventive role in protecting the community
> against malicious actors
>
> I don't believe this to be true. The only thing that really helps against
> malicious actors are technical actions that can be taken by networks to
> prevent accepting any routes that are not good. RPKI might help and other
> options might exist or can be created in the future when there is a
problem.
> A non-technical solution will not help in this situation.
>
> > Competent authorities to serve legal process to the party responsible
for
> the resources
>
> There are already legal options to get the relevant information and to
> contact the resource holder. No change for this is required to make it
> possible.
>
> > To reduce delays in serving legal process, avoid lost leads and evidence
>
> A better option for this is to look into the legal process and try to
speed
> that up in general. This doesn't help for it.
>
> In short: I'm strongly against the policy.
>
> Regards, Mark
>
> > -----Original Message-----
> > From: ncc-services-wg [mailto:ncc-services-wg-bounces@ripe.net] On
> Behalf
> > Of Marco Schmidt
> > Sent: Thursday, September 27, 2018 15:11
> > To: ncc-services-wg@ripe.net
> > Subject: [ncc-services-wg] 2018-05 New Policy Proposal (Publication of
> Legal
> > Address of Internet Number Resource Holder)
> >
> > Dear colleagues,
> >
> > A new RIPE Policy proposal, 2018-05, "Publication of Legal Address of
> > Internet Number Resource Holder", is now available for discussion.
> >
> > The goal of the proposal is for the RIPE NCC to publish the validated
> > legal address information of holders of Internet number resources.
> >
> > You can find the full proposal at:
> > https://www.ripe.net/participate/policies/proposals/2018-05
> >
> > As per the RIPE Policy Development Process (PDP), the purpose of this
> > four-week Discussion Phase is to discuss the proposal and provide
> > feedback to the proposer.
> >
> > At the end of the Discussion Phase, the proposer, with the agreement of
> > the RIPE Working Group Chairs, decides how to proceed with the proposal.
> >
> > We encourage you to review this proposal and send your comments to
> > <ncc-services-wg@ripe.net> before 26 October 2018.
> >
> > Kind regards,
> >
> > Marco Schmidt
> > Policy Officer
> > RIPE NCC
> >
> > Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum
>
>




*******************

DISCLAIMER : This message is sent in confidence and is only intended for the named recipient. If you receive this message by mistake, you may not use, copy, distribute or forward this message, or any part of its contents or rely upon the information contained in it.
Please notify the sender immediately by e-mail and delete the relevant e-mails from any computer. This message does not constitute a commitment by Europol unless otherwise indicated.

*******************