Irrespective of any view regarding rights holders, the lack of effective KYC procedures is also a problem in combating both malicious and illegal content. For example, you may be surprised that the Internet Watch Foundation finds a large percentage of illegal CSAM images hosted within Europe (here<https://www.iwf.org.uk/annual-data-insights-report-2024/data-and-insights/geographical-hosting-domains/>) – for transparency, I’m an IWF trustee. I am not a lawyer but I understand that KYC is a requirement under the EU’s NIS2 Directive. In my view, extending effective KYC processes across the ecosystem will add friction, making the life of malicious actors more difficult. Andrew From: Alex de Joode <alex@idgara.nl> Sent: 04 October 2025 16:36 To: ripe-list@ripe.net Subject: [ripe-list] beIN && RIPE NCC && Notorious Markets https://torrentfreak.com/bein-says-issues-at-ripe-ncc-help-piracy-as-a-servi... https://torrentfreak.com/images/USTR-2025-0018-0029-beIN_Miramax_2025-Notori... We had a nice presentation from beIN (rightsholder) at the Lisbon RIPE meeting, unfortunately it seems they are not very happy with the KYC procedure that RIPE NCC applies to their customers (I believe they mean the subsequent KYC for letting/renting (sub)resources). (from the article) “Poor governance and a non-existent know your customer” In the case of off-shore/bulletproof providers, beIN says that identifying the owner of an ASN using information held by RIPE NCC can prove impossible. “RIPE NCC requests its members or those who use RIPE NCC resources to provide accurate contact information. Some rogue providers abuse this system by posting false or incomplete information. This prevents rights owners and authorities from reaching them or successfully sending takedown notices,” beIN explains. Inaccurate information can include fake or unmonitored email addresses, false business addresses or shared locations with many tenants. This ultimately makes it impossible for beIN to identify the owners of off-shore hosting companies. If it’s unable to do that, targeting the operators of the PaaS platforms becomes impossible too. “In other words, the very concept of an offshore or bulletproof hosting provider seeks to rely on the ease by which this registration system can be misused through the provision of false or incomplete information,” the company adds. If RIPE NCC gets added to the Notorious Markets list, their Public Affairs and Regulatory team will be busy and as RIPE NCC is a Dutch and European association pressure from those directions cannot be ruled out (then change will happen whether or not the members agree (even as membership organisation the RIPE policies must be inline with the law)). The above statement of beIN does signal a important issue that not only facilitates copyright infringement but a larger enablement of criminal internet infrastructure, that can and is used for support for various nefarious activities. Renting ASN, IP blocks and not chancing to registration to the correct user makes it difficult to find the bad apples. Now the RIPE members can change the policies that deal with this themselves (I would guess this should be started in Bucarest) otherwise the likelyhood of RIPE NCC receiving a 'gatekeeper' assignment (as banks have in the financial industry) and the need for extra (expensive !) lawyers by the NCC will increase the membership contribution. (In NL Dutch banks have approx. 25% of their employees commited to this gatekeeper role) Cheers, Alex -- IDGARA | Alex de Joode | alex@idgara.nl<mailto:alex@idgara.nl> | +31651108221