LEA Transparency Report 2023
Dear colleagues, We have published a transparency report that details the nature and number of requests we received from Law Enforcement Agencies in 2023. You can find the report at: https://www.ripe.net/publications/docs/ripe-819/ . Kind regards, Theodoros Fyllaridis Legal Counsel RIPE NCC
Thank you for this, very interesting! It really seems that French LEAs are asking for lots of information the NCC does not have. It really would be very interesting to understand why they're doing that! I'm not asking you, Theodoros, unless you do know and are able to share? But maybe someone else knows? Brian Brian Nisbet (he/him) Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network North Dock Two, 93-94 North Wall Quay, Dublin 1, D01 V8Y6 +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270 ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Theodoros Fyllaridis <tfyllaridis@ripe.net> Sent: Monday 8 April 2024 10:34 To: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: [anti-abuse-wg] LEA Transparency Report 2023 CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe. Dear colleagues, We have published a transparency report that details the nature and number of requests we received from Law Enforcement Agencies in 2023. You can find the report at: https://www.ripe.net/publications/docs/ripe-819/. Kind regards, Theodoros Fyllaridis Legal Counsel RIPE NCC
Hi Brian Just a guess: But governments get increasingly dissatisfied with the laissez faire attitude of the technical community and the private sector in fighting cyber crime. In a recent talk Jane Easterly said: "The private sector has promised better security for yeas but has not delivered. This has to change". I don't know what French LE asked, but it may well just trying to mae point. Ans states will up the game, regardless of our insisting that a given thing is not or responsibility. Non state actors keep talking about shared responsibilities, but I fear what they mean by this is some one else's responsibility. Personally I feel this attitude leads to a bad outcome. Times have changed, and so we need to change too, or we'll be forced to change, which seems much more unpleasant. As I said, just some thoughts, no evidence here for the concrete reasons. But I hear authorities here in Switzerland, and they are not happy. The less we do, the more they feel they need to start doing something. Best Serge On 09.04.24 17:59, Brian Nisbet wrote:
Thank you for this, very interesting!
It really seems that French LEAs are asking for lots of information the NCC does not have. It really would be very interesting to understand why they're doing that! I'm not asking you, Theodoros, unless you do know and are able to share? But maybe someone else knows?
Brian
Brian Nisbet (he/him) Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network North Dock Two, 93-94 North Wall Quay, Dublin 1, D01 V8Y6 +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270 ------------------------------------------------------------------------ *From:* anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Theodoros Fyllaridis <tfyllaridis@ripe.net> *Sent:* Monday 8 April 2024 10:34 *To:* anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> *Subject:* [anti-abuse-wg] LEA Transparency Report 2023
CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe.
Dear colleagues,
We have published a transparency report that details the nature and number of requests we received from Law Enforcement Agencies in 2023.
You can find the report at: https://www.ripe.net/publications/docs/ripe-819/ <https://www.ripe.net/publications/docs/ripe-819/>.
Kind regards,
Theodoros Fyllaridis Legal Counsel RIPE NCC
-- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org
Serge The report speaks about French LEA asking RIPE for data that RIPE does not have. You then go off on some complete tangent about governments not being satisfied with tech companies. How are the two related? What purpose does asking RIPE (or anyone else) for data they simply do not have serve? A much more rational explanation is that LEA simply do not understand what data RIPE (or others) have and that maybe the solution is to educate them. I have heard from some in LEA that the amount of engagement from RIPE, ICANN etc., in the past couple of years has reduced, though that’s purely anecdotal. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours.
LEA especially the computer crime part of LEA has been dealing with RIRs for some decades now? The specifics of this case would be interesting. --srs ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Michele Neylon - Blacknight via anti-abuse-wg <anti-abuse-wg@ripe.net> Sent: Wednesday, April 10, 2024 3:02:51 PM To: Serge Droz <serge.droz@first.org>; anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] LEA Transparency Report 2023 Serge The report speaks about French LEA asking RIPE for data that RIPE does not have. You then go off on some complete tangent about governments not being satisfied with tech companies. How are the two related? What purpose does asking RIPE (or anyone else) for data they simply do not have serve? A much more rational explanation is that LEA simply do not understand what data RIPE (or others) have and that maybe the solution is to educate them. I have heard from some in LEA that the amount of engagement from RIPE, ICANN etc., in the past couple of years has reduced, though that’s purely anecdotal. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours.
Suresh The devil is in the details…. Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours. From: Suresh Ramasubramanian <ops.lists@gmail.com> Date: Wednesday, 10 April 2024 at 10:38 To: Michele Neylon - Blacknight <michele@blacknight.com>, Serge Droz <serge.droz@first.org>, anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] LEA Transparency Report 2023 [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. LEA especially the computer crime part of LEA has been dealing with RIRs for some decades now? The specifics of this case would be interesting. --srs ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Michele Neylon - Blacknight via anti-abuse-wg <anti-abuse-wg@ripe.net> Sent: Wednesday, April 10, 2024 3:02:51 PM To: Serge Droz <serge.droz@first.org>; anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] LEA Transparency Report 2023 Serge The report speaks about French LEA asking RIPE for data that RIPE does not have. You then go off on some complete tangent about governments not being satisfied with tech companies. How are the two related? What purpose does asking RIPE (or anyone else) for data they simply do not have serve? A much more rational explanation is that LEA simply do not understand what data RIPE (or others) have and that maybe the solution is to educate them. I have heard from some in LEA that the amount of engagement from RIPE, ICANN etc., in the past couple of years has reduced, though that’s purely anecdotal. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours.
Hi Michele As I said: They may make a point. Maybe they don't understand what RIPS dies. But that's an assumption, and the tech community tends to underrate authorities, so don't count on it. Best Serge On 10.04.24 11:32, Michele Neylon - Blacknight wrote:
Serge
The report speaks about French LEA asking RIPE for data that RIPE does not have.
You then go off on some complete tangent about governments not being satisfied with tech companies.
How are the two related?
What purpose does asking RIPE (or anyone else) for data they simply do not have serve?
A much more rational explanation is that LEA simply do not understand what data RIPE (or others) have and that maybe the solution is to educate them.
I have heard from some in LEA that the amount of engagement from RIPE, ICANN etc., in the past couple of years has reduced, though that’s purely anecdotal.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/ <https://www.blacknight.com/>
https://blacknight.blog/ <https://blacknight.blog/>
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/ <https://michele.blog/>
Some thoughts: https://ceo.hosting/ <https://ceo.hosting/>
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours.
-- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org
Serge As I said, it’s an odd attempt at making a point, if that’s what it is. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours. From: Serge Droz <serge.droz@first.org> Date: Wednesday, 10 April 2024 at 10:38 To: Michele Neylon - Blacknight <michele@blacknight.com>, anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] LEA Transparency Report 2023 [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. Hi Michele As I said: They may make a point. Maybe they don't understand what RIPS dies. But that's an assumption, and the tech community tends to underrate authorities, so don't count on it. Best Serge On 10.04.24 11:32, Michele Neylon - Blacknight wrote:
Serge
The report speaks about French LEA asking RIPE for data that RIPE does not have.
You then go off on some complete tangent about governments not being satisfied with tech companies.
How are the two related?
What purpose does asking RIPE (or anyone else) for data they simply do not have serve?
A much more rational explanation is that LEA simply do not understand what data RIPE (or others) have and that maybe the solution is to educate them.
I have heard from some in LEA that the amount of engagement from RIPE, ICANN etc., in the past couple of years has reduced, though that’s purely anecdotal.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/ <https://www.blacknight.com/>
https://blacknight.blog/ <https://blacknight.blog/>
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/ <https://michele.blog/>
Some thoughts: https://ceo.hosting/ <https://ceo.hosting/>
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours.
-- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org
In a recent talk Jane Easterly said: "The private sector has promised better security for yeas but has not delivered. This has to change".
was this not in the context of software and platform safety? easterly has been riding that hobby horse for a few years, and with serious justification. but i agree that the RIRs could be clearer in what they can and can not do for LE. and there needs to be a balance of visibility and privacy. LE is always gonna want more; that's their job, and we need them. but, as jeff schiller said (in the ietf protocol design context) "Law enforcement was not supposed to be easy. Where it is easy, it's called a police state." randy
Hi Randy Agreed and I'm not saying we should just hand everything over on a gold plate to LE. Bien we cannot just say no all the time, but should actually come up with solutions we feel are good or a good compromise. I expect LE to understand our issues, but we should understand theirs Best Serge On 10 April 2024 16:25:26 UTC, Randy Bush <randy@psg.com> wrote:
In a recent talk Jane Easterly said: "The private sector has promised better security for yeas but has not delivered. This has to change".
was this not in the context of software and platform safety? easterly has been riding that hobby horse for a few years, and with serious justification.
but i agree that the RIRs could be clearer in what they can and can not do for LE. and there needs to be a balance of visibility and privacy. LE is always gonna want more; that's their job, and we need them. but, as jeff schiller said (in the ietf protocol design context) "Law enforcement was not supposed to be easy. Where it is easy, it's called a police state."
randy
--
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
-- Dr. Serge Droz Director, Forum of Incident Response and Security Teams https://first.org
The EU is working on implementing the e-Evidence directive. This means any-and-all EU based LEO's can request data from RIPE NCC and RIPE NCC needs to supply the data if it has the data available. No 'let us check' no 'you can have this via our website' answers possible anymore. This will most likely be extended for signatories of the 'Budapest convention', the US is very eager to have access to this data also. (There is the public data, but to know who pays for a resource is of course easier to check as the banks know a lot more about their clients than RIPE). https://commission.europa.eu/law/cross-border-cases/judicial-cooperation/types-judicial-cooperation/e-evidence-cross-border-access-electronic-evidence_en-- IDGARA | Alex de Joode | alex@idgara.nl | +31651108221 On Wed, 10-04-2024 19h 28min, Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> wrote:
Hi Randy
Agreed and I'm not saying we should just hand everything over on a gold plate to LE. Bien we cannot just say no all the time, but should actually come up with solutions we feel are good or a good compromise.
I expect LE to understand our issues, but we should understand theirs
Best Serge
On 10 April 2024 16:25:26 UTC, Randy Bush <randy@psg.com> wrote:
In a recent talk Jane Easterly said: "The private sector has promised better security for yeas but has not delivered. This has to change".
was this not in the context of software and platform safety? easterly has been riding that hobby horse for a few years, and with serious justification. but i agree that the RIRs could be clearer in what they can and can not do for LE. and there needs to be a balance of visibility and privacy. LE is always gonna want more; that's their job, and we need them. but, as jeff schiller said (in the ietf protocol design context) "Law enforcement was not supposed to be easy. Where it is easy, it's called a police state." randy -- Dr. Serge Droz Director, Forum of Incident Response and Security Teams https://first.org -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
I was expecting something like this for a long, long time, to be honest. What you now have is something created for want of that mythical beast, the internet police, which nobody ever seems to be. --srs ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Alex de Joode <adejoode@idgara.nl> Sent: Thursday, April 11, 2024 12:32:24 AM To: Serge Droz <serge.droz@first.org> Cc: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] LEA Transparency Report 2023 The EU is working on implementing the e-Evidence directive. This means any-and-all EU based LEO's can request data from RIPE NCC and RIPE NCC needs to supply the data if it has the data available. No 'let us check' no 'you can have this via our website' answers possible anymore. This will most likely be extended for signatories of the 'Budapest convention', the US is very eager to have access to this data also. (There is the public data, but to know who pays for a resource is of course easier to check as the banks know a lot more about their clients than RIPE). https://commission.europa.eu/law/cross-border-cases/judicial-cooperation/typ... -- IDGARA | Alex de Joode | alex@idgara.nl | +31651108221 On Wed, 10-04-2024 19h 28min, Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net> wrote: Hi Randy Agreed and I'm not saying we should just hand everything over on a gold plate to LE. Bien we cannot just say no all the time, but should actually come up with solutions we feel are good or a good compromise. I expect LE to understand our issues, but we should understand theirs Best Serge On 10 April 2024 16:25:26 UTC, Randy Bush <randy@psg.com> wrote: In a recent talk Jane Easterly said: "The private sector has promised better security for yeas but has not delivered. This has to change". was this not in the context of software and platform safety? easterly has been riding that hobby horse for a few years, and with serious justification. but i agree that the RIRs could be clearer in what they can and can not do for LE. and there needs to be a balance of visibility and privacy. LE is always gonna want more; that's their job, and we need them. but, as jeff schiller said (in the ietf protocol design context) "Law enforcement was not supposed to be easy. Where it is easy, it's called a police state." randy -- Dr. Serge Droz Director, Forum of Incident Response and Security Teams https://first.org -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
Dear colleagues, Regarding Brian’s initial question, we do not know what is driving this volume of requests; we have explained our processes and our available data to this particular LEA multiple times. Kind regards, Theodoros Fyllaridis Legal Counsel RIPE NCC On Thu, 11 Apr 2024 at 02:11, Suresh Ramasubramanian <ops.lists@gmail.com> wrote:
I was expecting something like this for a long, long time, to be honest. What you now have is something created for want of that mythical beast, the internet police, which nobody ever seems to be.
--srs ------------------------------ *From:* anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Alex de Joode <adejoode@idgara.nl> *Sent:* Thursday, April 11, 2024 12:32:24 AM *To:* Serge Droz <serge.droz@first.org> *Cc:* anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> *Subject:* Re: [anti-abuse-wg] LEA Transparency Report 2023
The EU is working on implementing the e-Evidence directive.
This means any-and-all EU based LEO's can request data from RIPE NCC and RIPE NCC needs to supply the data if it has the data available. No 'let us check' no 'you can have this via our website' answers possible anymore. This will most likely be extended for signatories of the 'Budapest convention', the US is very eager to have access to this data also. (There is the public data, but to know who pays for a resource is of course easier to check as the banks know a lot more about their clients than RIPE).
https://commission.europa.eu/law/cross-border-cases/judicial-cooperation/typ... -- IDGARA | Alex de Joode | alex@idgara.nl | +31651108221
On Wed, 10-04-2024 19h 28min, Serge Droz via anti-abuse-wg < anti-abuse-wg@ripe.net> wrote:
Hi Randy
Agreed and I'm not saying we should just hand everything over on a gold plate to LE. Bien we cannot just say no all the time, but should actually come up with solutions we feel are good or a good compromise.
I expect LE to understand our issues, but we should understand theirs
Best Serge
On 10 April 2024 16:25:26 UTC, Randy Bush <randy@psg.com> wrote:
In a recent talk Jane Easterly said: "The private sector has promised better security for yeas but has not delivered. This has to change".
was this not in the context of software and platform safety? easterly has been riding that hobby horse for a few years, and with serious justification.
but i agree that the RIRs could be clearer in what they can and can not do for LE. and there needs to be a balance of visibility and privacy. LE is always gonna want more; that's their job, and we need them. but, as jeff schiller said (in the ietf protocol design context) "Law enforcement was not supposed to be easy. Where it is easy, it's called a police state."
randy
-- Dr. Serge Droz Director, Forum of Incident Response and Security Teams https://first.org --
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
--
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
Thank you for coming back. It's a pity we don't know, but I do wonder, given the outlier level of French LEA interaction over two years, if it's worth trying to find out? Brian Brian Nisbet (he/him) Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network North Dock Two, 93-94 North Wall Quay, Dublin 1, D01 V8Y6 +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270 ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Theodoros Fyllaridis <tfyllaridis@ripe.net> Sent: Friday 12 April 2024 10:33 To: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] LEA Transparency Report 2023 CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe. Dear colleagues, Regarding Brian’s initial question, we do not know what is driving this volume of requests; we have explained our processes and our available data to this particular LEA multiple times. Kind regards, Theodoros Fyllaridis Legal Counsel RIPE NCC On Thu, 11 Apr 2024 at 02:11, Suresh Ramasubramanian <ops.lists@gmail.com<mailto:ops.lists@gmail.com>> wrote: I was expecting something like this for a long, long time, to be honest. What you now have is something created for want of that mythical beast, the internet police, which nobody ever seems to be. --srs ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net<mailto:anti-abuse-wg-bounces@ripe.net>> on behalf of Alex de Joode <adejoode@idgara.nl<mailto:adejoode@idgara.nl>> Sent: Thursday, April 11, 2024 12:32:24 AM To: Serge Droz <serge.droz@first.org<mailto:serge.droz@first.org>> Cc: anti-abuse-wg@ripe.net<mailto:anti-abuse-wg@ripe.net> <anti-abuse-wg@ripe.net<mailto:anti-abuse-wg@ripe.net>> Subject: Re: [anti-abuse-wg] LEA Transparency Report 2023 The EU is working on implementing the e-Evidence directive. This means any-and-all EU based LEO's can request data from RIPE NCC and RIPE NCC needs to supply the data if it has the data available. No 'let us check' no 'you can have this via our website' answers possible anymore. This will most likely be extended for signatories of the 'Budapest convention', the US is very eager to have access to this data also. (There is the public data, but to know who pays for a resource is of course easier to check as the banks know a lot more about their clients than RIPE). https://commission.europa.eu/law/cross-border-cases/judicial-cooperation/typ... -- IDGARA | Alex de Joode | alex@idgara.nl<mailto:alex@idgara.nl> | +31651108221 On Wed, 10-04-2024 19h 28min, Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net<mailto:anti-abuse-wg@ripe.net>> wrote: Hi Randy Agreed and I'm not saying we should just hand everything over on a gold plate to LE. Bien we cannot just say no all the time, but should actually come up with solutions we feel are good or a good compromise. I expect LE to understand our issues, but we should understand theirs Best Serge On 10 April 2024 16:25:26 UTC, Randy Bush <randy@psg.com<mailto:randy@psg.com>> wrote: In a recent talk Jane Easterly said: "The private sector has promised better security for yeas but has not delivered. This has to change". was this not in the context of software and platform safety? easterly has been riding that hobby horse for a few years, and with serious justification. but i agree that the RIRs could be clearer in what they can and can not do for LE. and there needs to be a balance of visibility and privacy. LE is always gonna want more; that's their job, and we need them. but, as jeff schiller said (in the ietf protocol design context) "Law enforcement was not supposed to be easy. Where it is easy, it's called a police state." randy -- Dr. Serge Droz Director, Forum of Incident Response and Security Teams https://first.org -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
Hi Brian, In the past, we have already communicated with this particular LEA and offered training to help resolve the situation. Unfortunately, there was no follow up. But we monitor developments on this matter closely and will reach out to them again if necessary. * Kind regards,* *Theodoros FyllaridisLegal CounselRIPE NCC* On Mon, 15 Apr 2024 at 10:13, Brian Nisbet <brian.nisbet@heanet.ie> wrote:
Thank you for coming back.
It's a pity we don't know, but I do wonder, given the outlier level of French LEA interaction over two years, if it's worth trying to find out?
Brian
Brian Nisbet (he/him) Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network North Dock Two, 93-94 North Wall Quay, Dublin 1, D01 V8Y6 +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270 ------------------------------ *From:* anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Theodoros Fyllaridis <tfyllaridis@ripe.net> *Sent:* Friday 12 April 2024 10:33 *To:* anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> *Subject:* Re: [anti-abuse-wg] LEA Transparency Report 2023
CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe.
Dear colleagues,
Regarding Brian’s initial question, we do not know what is driving this volume of requests; we have explained our processes and our available data to this particular LEA multiple times.
Kind regards,
Theodoros Fyllaridis Legal Counsel RIPE NCC
On Thu, 11 Apr 2024 at 02:11, Suresh Ramasubramanian <ops.lists@gmail.com> wrote:
I was expecting something like this for a long, long time, to be honest. What you now have is something created for want of that mythical beast, the internet police, which nobody ever seems to be.
--srs ------------------------------ *From:* anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Alex de Joode <adejoode@idgara.nl> *Sent:* Thursday, April 11, 2024 12:32:24 AM *To:* Serge Droz <serge.droz@first.org> *Cc:* anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> *Subject:* Re: [anti-abuse-wg] LEA Transparency Report 2023
The EU is working on implementing the e-Evidence directive.
This means any-and-all EU based LEO's can request data from RIPE NCC and RIPE NCC needs to supply the data if it has the data available. No 'let us check' no 'you can have this via our website' answers possible anymore. This will most likely be extended for signatories of the 'Budapest convention', the US is very eager to have access to this data also. (There is the public data, but to know who pays for a resource is of course easier to check as the banks know a lot more about their clients than RIPE).
https://commission.europa.eu/law/cross-border-cases/judicial-cooperation/typ... -- IDGARA | Alex de Joode | alex@idgara.nl | +31651108221
On Wed, 10-04-2024 19h 28min, Serge Droz via anti-abuse-wg < anti-abuse-wg@ripe.net> wrote:
Hi Randy
Agreed and I'm not saying we should just hand everything over on a gold plate to LE. Bien we cannot just say no all the time, but should actually come up with solutions we feel are good or a good compromise.
I expect LE to understand our issues, but we should understand theirs
Best Serge
On 10 April 2024 16:25:26 UTC, Randy Bush <randy@psg.com> wrote:
In a recent talk Jane Easterly said: "The private sector has promised better security for yeas but has not delivered. This has to change".
was this not in the context of software and platform safety? easterly has been riding that hobby horse for a few years, and with serious justification.
but i agree that the RIRs could be clearer in what they can and can not do for LE. and there needs to be a balance of visibility and privacy. LE is always gonna want more; that's their job, and we need them. but, as jeff schiller said (in the ietf protocol design context) "Law enforcement was not supposed to be easy. Where it is easy, it's called a police state."
randy
-- Dr. Serge Droz Director, Forum of Incident Response and Security Teams https://first.org --
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
--
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
Thank you! B. Brian Nisbet (he/him) Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network North Dock Two, 93-94 North Wall Quay, Dublin 1, D01 V8Y6 +35316609040 brian.nisbet@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270 ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Theodoros Fyllaridis <tfyllaridis@ripe.net> Sent: Thursday 18 April 2024 16:46 To: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] LEA Transparency Report 2023 CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe. Hi Brian, In the past, we have already communicated with this particular LEA and offered training to help resolve the situation. Unfortunately, there was no follow up. But we monitor developments on this matter closely and will reach out to them again if necessary. Kind regards, Theodoros Fyllaridis Legal Counsel RIPE NCC On Mon, 15 Apr 2024 at 10:13, Brian Nisbet <brian.nisbet@heanet.ie<mailto:brian.nisbet@heanet.ie>> wrote: Thank you for coming back. It's a pity we don't know, but I do wonder, given the outlier level of French LEA interaction over two years, if it's worth trying to find out? Brian Brian Nisbet (he/him) Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network North Dock Two, 93-94 North Wall Quay, Dublin 1, D01 V8Y6 +35316609040 brian.nisbet@heanet.ie<mailto:brian.nisbet@heanet.ie> www.heanet.ie<http://www.heanet.ie> Registered in Ireland, No. 275301. CRA No. 20036270 ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net<mailto:anti-abuse-wg-bounces@ripe.net>> on behalf of Theodoros Fyllaridis <tfyllaridis@ripe.net<mailto:tfyllaridis@ripe.net>> Sent: Friday 12 April 2024 10:33 To: anti-abuse-wg@ripe.net<mailto:anti-abuse-wg@ripe.net> <anti-abuse-wg@ripe.net<mailto:anti-abuse-wg@ripe.net>> Subject: Re: [anti-abuse-wg] LEA Transparency Report 2023 CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe. Dear colleagues, Regarding Brian’s initial question, we do not know what is driving this volume of requests; we have explained our processes and our available data to this particular LEA multiple times. Kind regards, Theodoros Fyllaridis Legal Counsel RIPE NCC On Thu, 11 Apr 2024 at 02:11, Suresh Ramasubramanian <ops.lists@gmail.com<mailto:ops.lists@gmail.com>> wrote: I was expecting something like this for a long, long time, to be honest. What you now have is something created for want of that mythical beast, the internet police, which nobody ever seems to be. --srs ________________________________ From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net<mailto:anti-abuse-wg-bounces@ripe.net>> on behalf of Alex de Joode <adejoode@idgara.nl<mailto:adejoode@idgara.nl>> Sent: Thursday, April 11, 2024 12:32:24 AM To: Serge Droz <serge.droz@first.org<mailto:serge.droz@first.org>> Cc: anti-abuse-wg@ripe.net<mailto:anti-abuse-wg@ripe.net> <anti-abuse-wg@ripe.net<mailto:anti-abuse-wg@ripe.net>> Subject: Re: [anti-abuse-wg] LEA Transparency Report 2023 The EU is working on implementing the e-Evidence directive. This means any-and-all EU based LEO's can request data from RIPE NCC and RIPE NCC needs to supply the data if it has the data available. No 'let us check' no 'you can have this via our website' answers possible anymore. This will most likely be extended for signatories of the 'Budapest convention', the US is very eager to have access to this data also. (There is the public data, but to know who pays for a resource is of course easier to check as the banks know a lot more about their clients than RIPE). https://commission.europa.eu/law/cross-border-cases/judicial-cooperation/typ... -- IDGARA | Alex de Joode | alex@idgara.nl<mailto:alex@idgara.nl> | +31651108221 On Wed, 10-04-2024 19h 28min, Serge Droz via anti-abuse-wg <anti-abuse-wg@ripe.net<mailto:anti-abuse-wg@ripe.net>> wrote: Hi Randy Agreed and I'm not saying we should just hand everything over on a gold plate to LE. Bien we cannot just say no all the time, but should actually come up with solutions we feel are good or a good compromise. I expect LE to understand our issues, but we should understand theirs Best Serge On 10 April 2024 16:25:26 UTC, Randy Bush <randy@psg.com<mailto:randy@psg.com>> wrote: In a recent talk Jane Easterly said: "The private sector has promised better security for yeas but has not delivered. This has to change". was this not in the context of software and platform safety? easterly has been riding that hobby horse for a few years, and with serious justification. but i agree that the RIRs could be clearer in what they can and can not do for LE. and there needs to be a balance of visibility and privacy. LE is always gonna want more; that's their job, and we need them. but, as jeff schiller said (in the ietf protocol design context) "Law enforcement was not supposed to be easy. Where it is easy, it's called a police state." randy -- Dr. Serge Droz Director, Forum of Incident Response and Security Teams https://first.org -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
participants (7)
-
Alex de Joode -
Brian Nisbet -
Michele Neylon - Blacknight -
Randy Bush -
Serge Droz -
Suresh Ramasubramanian -
Theodoros Fyllaridis