@EXT: RE: 2018-05 New Policy Proposal (Publication of Legal Address of Internet Number Resource Holder)
Hi Nik, I think the car analogy would work better in assuming that if the car is a "company car" and not a private vehicle, then the identity should be publicly available. We are not talking of individual rights, but. For instance a lawyer's business address (or a dentist and so on) is publicly available - on registries, online, basically everywhere, however their home address not, and this without being a threat to a privacy, or individual rights. Does it make sense to you? Kind regards, Sara Veronica -----Original Message----- From: ncc-services-wg [mailto:ncc-services-wg-bounces@ripe.net] On Behalf Of Nik Soggia Sent: 28 September 2018 19:04 To: ncc-services-wg@ripe.net Subject: Re: [ncc-services-wg] 2018-05 New Policy Proposal (Publication of Legal Address of Internet Number Resource Holder) Il 28/09/18 17:36, Jeffrey Race ha scritto:
There must be a way to register the IP addresses to my company (that has much less privacy rights than me), still preserving my personal rights.
If you use a public resource your identity should be publicly available :)
Would it be ok for you to write your name and address on the windshield of your car whenever you park it in a public street? Isn't the number plate plenty enough? Yes, to know where you live will require an additional step, and yes, choosing who can access your data and who can't is the very foundation of privacy. In this example cops are ok, passers-by meh... My point is that sole proprietorships may become backdoors to sensitive data. Big companies are not required to register the home address of their legal representative, so why should small ones? Let's just find a mechanism to preserve personal data from becoming public domain. Regards, -- Nik Soggia - TELNET S.r.l. Phone: +39-0382-529751 Via Buozzi, 5 - 27100 Pavia, Italy Fax: +39-0382-528074 ******************* DISCLAIMER : This message is sent in confidence and is only intended for the named recipient. If you receive this message by mistake, you may not use, copy, distribute or forward this message, or any part of its contents or rely upon the information contained in it. Please notify the sender immediately by e-mail and delete the relevant e-mails from any computer. This message does not constitute a commitment by Europol unless otherwise indicated. *******************
Il 01/10/18 09:48, Marcolla, Sara Veronica ha scritto:
For instance a lawyer's business address (or a dentist and so on) is publicly available - on registries, online, basically everywhere, however their home address not, and this without being a threat to a privacy, or individual rights.
It makes a lot of sense for crafts that have business addresses. But what about painters, intrument players and bike delivery men? Think to the smallest business you can imagine. It's a person. With children. And a fish in a bowl, next to a old armchair. When he comes home he can smell boiled cabbage and old rag mats. You get the point. I read the rationale of the proposal, and I understand how useful and time saving it would be to have a tidy database. I like it. I am not against publising addresses, I am advocating good design in the hope that the rights of a minority will be protected not less than today. OSINT has become very accessibile and popular (think to Maltego), and we are potentially giving to malicious actors a sharp tool. Regards, -- Nik Soggia - TELNET S.r.l. Phone: +39-0382-529751 Via Buozzi, 5 - 27100 Pavia, Italy Fax: +39-0382-528074
I'm following this conversation, I understand the need, but I think that this proposal ignores GDPR. Publishing any persons' address falls under GDPR's protection. Please have a look at: https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-personal... If there is a certain way of identifying company vs personal data, then company data may be published. But there will be trouble if the company's name is "FirstName LastName company" as: *What constitutes personal data?* The GDPR applies to ‘personal data’, meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. This definition provides for a wide range of personal identifiers to constitute personal data, including name, identification number, location data or online identifier, reflecting changes in technology and the way organisations collect information about people. so -1 regards
I read the rationale of the proposal, and I understand how useful and time saving it would be to have a tidy database. I like it.
I am not against publising addresses, I am advocating good design in the hope that the rights of a minority will be protected not less than today.
-- Panagiotis SIKAS Systems and Networks Group Institute of Computer Science Foundation for Research and Technology Hellas email:sikas@ics.forth.gr Tel: +30.2810391647 Fax: +30.2810391641
participants (3)
-
Marcolla, Sara Veronica -
Nik Soggia -
Panagiotis Sikas