Dear colleagues, Regarding Brian’s initial question, we do not know what is driving this volume of requests; we have explained our processes and our available data to this particular LEA multiple times. Kind regards, Theodoros Fyllaridis Legal Counsel RIPE NCC On Thu, 11 Apr 2024 at 02:11, Suresh Ramasubramanian <ops.lists@gmail.com> wrote:
I was expecting something like this for a long, long time, to be honest. What you now have is something created for want of that mythical beast, the internet police, which nobody ever seems to be.
--srs ------------------------------ *From:* anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Alex de Joode <adejoode@idgara.nl> *Sent:* Thursday, April 11, 2024 12:32:24 AM *To:* Serge Droz <serge.droz@first.org> *Cc:* anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> *Subject:* Re: [anti-abuse-wg] LEA Transparency Report 2023
The EU is working on implementing the e-Evidence directive.
This means any-and-all EU based LEO's can request data from RIPE NCC and RIPE NCC needs to supply the data if it has the data available. No 'let us check' no 'you can have this via our website' answers possible anymore. This will most likely be extended for signatories of the 'Budapest convention', the US is very eager to have access to this data also. (There is the public data, but to know who pays for a resource is of course easier to check as the banks know a lot more about their clients than RIPE).
https://commission.europa.eu/law/cross-border-cases/judicial-cooperation/typ... -- IDGARA | Alex de Joode | alex@idgara.nl | +31651108221
On Wed, 10-04-2024 19h 28min, Serge Droz via anti-abuse-wg < anti-abuse-wg@ripe.net> wrote:
Hi Randy
Agreed and I'm not saying we should just hand everything over on a gold plate to LE. Bien we cannot just say no all the time, but should actually come up with solutions we feel are good or a good compromise.
I expect LE to understand our issues, but we should understand theirs
Best Serge
On 10 April 2024 16:25:26 UTC, Randy Bush <randy@psg.com> wrote:
In a recent talk Jane Easterly said: "The private sector has promised better security for yeas but has not delivered. This has to change".
was this not in the context of software and platform safety? easterly has been riding that hobby horse for a few years, and with serious justification.
but i agree that the RIRs could be clearer in what they can and can not do for LE. and there needs to be a balance of visibility and privacy. LE is always gonna want more; that's their job, and we need them. but, as jeff schiller said (in the ietf protocol design context) "Law enforcement was not supposed to be easy. Where it is easy, it's called a police state."
randy
-- Dr. Serge Droz Director, Forum of Incident Response and Security Teams https://first.org --
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
--
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg