On Sat 19/Oct/2024 01:16:49 +0200 denis walker wrote:
Colleagues
I am hoping there are some lawyers or legal experts in this WG. I would like to know if it is possible for me, as a private individual, to bring a civil case against an End User for damages because of some abusive behaviour? To do so I would need to know who the End User is. A consequence of the policy change 2023-04 means that the End User details may not be documented in the RIPE Database. As far as I can determine (from googling) a court order can only be served on the LIR to identify the End User by an LEA in a criminal case.
I have tried to find out what I can do in a civil case. Most of the information is such heavy legal stuff, I don't have the training to interpret it. For example:
https://www.unidroit.org/wp-content/uploads/2022/07/English-Black-letter-6-J...
Model European Rules of Civil Procedure
Rule 53 (5) A claimant may apply, in their statement of claim, for access to evidence under the custody or control of a defendant or nonparty and which are to be offered in support of the claimant’s allegations.
But this would mean taking the LIR to court in a separate civil legal action in order to identify the End User. Then I could start civil legal proceedings in court against the End User for damages. The LIR and the End User may be in separate countries, both different to the country I reside in.
So one of the consequences of 2023-04 was to close the door on any civil legal action against an End User who engages in abusive behaviour with an individual or small business that falls short of criminal activity. Would that be a reasonable conclusion?
IANAL, but I think legislation should consider the difference between push protocols and pull ones. In the former case (email) there is no reason to allow anonymity. LIRs should either close port 25 or publish full name and contact of the operator. Best Ale --