Shane,
In France there is such a thing as unlisted phone numbers which remain private and unknown. Further, the RIPE DB is becoming the best spam list in the world. So yes, responsability lays with LIR, yes let's clean the DB, yes respect privacy.
I think there are two sides to this issue.
One is what the RIPE NCC can and has done to increase the privacy of people who have contact information in the Database. We have been trying to increase the privacy protections in the Database over time:
- person/role objects removed from public FTP site - DB automatically rate limits access to person/role objects - mntner/irt objects removed from public FTP site - .DE person object deletion - automatic cleanup of unreferenced person/role objects
The Allocation Editor on the LIR Portal should allow LIRs to keep their contact data up-to-date.
We have talked with the Dutch Data Protection Authority about the Database as well, to make sure that we don't run afoul of the EU privacy directives.
I think that issue is somewhat more problematic than that. I guess that what Katri is actually asking for is the Swedish data protection law. I am no expert on this law but from what I know / remember, the law requires the direct consent of the registered party as well as certain guarantees that the data is not passed on (within some limits). This means that the Swedish ISPs in order to register these customers actually needs written consent from the customer, as well as to solve the issue on passing that data on further by registering the data in the RIPE DB. Perhaps someone that knows the issue better could comment? Best regards, - kurtis -