Hi Jeroen On Tue, 31 May 2022 at 16:20, Jeroen Massar via db-wg <db-wg@ripe.net> wrote:
On 31 May 2022, at 15:31, Ángel González Berdasco via db-wg <db-wg@ripe.net> wrote:
30-05-2022 a las 13:17 +0200, denis walker writes:
If no one is able to present the public interest case for publishing the name and address of natural persons holding resources then the privacy case takes priority. If we cannot justify publishing this personal information based on the purposes, then the GDPR says very clearly that we must not publish it. All personal details of natural persons holding resources will have to be removed from the database or hidden from public view. This will also apply to assignments as well. There are many assignments with name and full address details of natural persons in the "descr:" attributes. We will have to remove the "descr:" attributes where the assignee is a natural person or hide them from public view.
Please note that GDPR has the concept of processing based on consent. It might not be necessary to remove them. And some of those affected, may want them to stay published.
I agree, however, that *not* publishing the home address of those that hold a resource as a natural person is probably a good idea.
Consent is the key bit indeed. But people can also chose to not use the RIPE DB.
Personally, I don't mind having my name + email address in there, whois is for my purposes primarily a assignment DB ("is it an eyeball, is it a VPS network, it is a bunch of evil VPNs") but most importantly a "who is" database and thus contact: who to contact for a given resource, when one sees bad things coming out of it, when they have MTU issues, etc etc etc.
There was quite a discussion on contacts a few days ago on this mailing list. I am considering resource holders separate from contacts. It was generally accepted that contactable contacts are an important element of the database, but they don't need to be personal.
As such, I personally would love to see the options:
A) Publish name + email B) Publish name + email + phone C) Publish name + email + phone + address ('all')
Personally B would be my option, the internet does not need to know where I physically am, but mail forwarding exists for that, making it an option though makes it clear one does not want to share that data and that it is just a forwarding place.
For resource holders that are not natural persons and not operating a business from a home address, mandatory name, address and email with optional phone is probably a good option. Where the resource holder is a natural person, or operating a business from a home address, the question is, do we have a clearly defined purpose of the RIPE Database that requires the personal name and address to be published?
But the problem is that some (not me) people want is: D) Hide all details
Which would make whois for a person (they cannot have roles, otherwise they are not people) look like:
person: Anonymous Person 172784394902 remarks: RIPE anonymized person -- https://www.ripe.net/contact/hiddenperson remarks: Responsible LIR: xx.lirhandle -- <handle>-RIPE -- https://www.website.com # autopopulated from LIR email: person-172784394902@anon.ripe.net # forwarded mail nic-hdl: PERSON-172784394902-RIPE mnt-by: RIPE-NCC-ANON-MNT # Can't have own maintainer then either created: 2002-03-19T12:20:34Z last-modified: 2021-05-12T15:05:51Z source: RIPE # Filtered
I think maybe you are confusing resource holders and contacts here. There are different requirements for the two. cheers denis proposal author
Thus email forwarding to not expose that data but still allowing contact and still allowing statistics/associations to be made based on the handle, but not private details to be released. (note that people can still drop all mail in /dev/null and chose to remain ignorant independent if the address is valid or goes anywhere at all; bad folks do not fix things)
But I think it is a really bad idea; people who don't want to be named on the Internet already have options by hiding at a cloud provider or a VPS where they can borrow address space, they do not need to have their name in the RIPE DB.
Note that such a policy would cause address space for the rest of the lifetime of IPv6 to be handled that way too; then just do not get your own prefix in the database.
The above A/B/C ... yeah kinda makes sense; but option D, big nope from me.
Greets, Jeroen
--
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/db-wg