[ppml] RE: [arin-announce] Policy Proposal 2003-3: Residential Customer Privacy

[Whipple, Scott (CCI-Atlanta)]

Seeing that there has not been any traffic with this proposal, it would seem not to many people really care.    What if we took this one a step further and did not show simple reassignments at all?  ISP's would still be required to swip showing utilization, but the records would no longer show up in a whois query.  If the ISP needed to see where their utilization statistics are they could send a message to hostmaster asking for a netinfo report.  

Simple reassignments have no DNS information or POC records associated with them, so if you are trying to trouble shoot a problem that happens to come from a range that has been assigned as a simple reassignment you still need to go to the upstream to get any information that may help.  To clarify, there is no useful information that comes from a simple reassignment.

What does everyone think?  

Scott

-----Original Message-----
From: Member Services [mailto:memsvcs at arin.net]
Sent: Tuesday, March 04, 2003 1:07 PM
To: arin-announce at arin.net; ppml at arin.net
Subject: [arin-announce] Policy Proposal 2003-3: Residential Customer
Privacy


ARIN welcomes feedback and discussion about the following policy 
proposal in the weeks leading to the ARIN Public Policy Meeting 
in Memphis, Tennessee, scheduled for April 7-8, 2003. All feedback 
received on the mailing list about this policy proposal will be 
included in the discussions that will take place at the upcoming 
Public Policy Meeting. 

This policy proposal discussion will take place on the ARIN Public 
Policy Mailing List (ppml at arin.net). Subscription information is 
available at http://www.arin.net/mailing_lists/index.html 

Richard Jimmerson 
Director of Operations 
American Registry for Internet Numbers (ARIN) 

### * ### 

Policy Proposal 2003-3: Residential Customer Privacy

Privacy of Residential Customer
Name and Address Information
In WHOIS

Policy Proposal Statement:

ARIN guidelines presently state that privacy of an individual's 
residential address information may be protected in WHOIS by 
indicating "Private Residence".  This policy proposal is intended 
to provide additional information privacy through omission of an 
individual's name from WHOIS, replacing their name with 
"Private Individual".

The proposed policy would amend and modify the existing ARIN 
guideline, forming a new, permanent policy. 

Rationale and Justification:

With the continued growth and popularity of DSL service,  increasing 
numbers of individuals and small home-based businesses are taking 
advantage of this technology.  Many of these customers require /29 
or larger assignments to support small networks.  Knowing that WHOIS 
is a public database, the majority of these customers have a viable 
concern regarding the publication of  their name and address information 
in WHOIS.  It is the responsibility of  an ISP to support the needs of 
their customers, and protect customer privacy whenever possible.  This 
policy specifically addresses the privacy issue on behalf of 
home/residential customers.

The omission of personal name and address information from WHOIS is 
analogous to residential telephone service.  When residential phone 
service is activated, the individual's name, address and phone number 
are listed in the telephone directory.  The individual may, however, 
request an "unlisted" number, and their information is omitted from the 
directory.  This policy proposes the "listing" of the IP subnet in WHOIS, 
but individual name and address information would be "unlisted".

It is the responsibility of the ISP to maintain complete and accurate 
information regarding the customer's name, address, etc.  This 
information would be made available to ARIN (if requested) for audit 
of netblock utilization in support of future allocations.

In these difficult times, home security and privacy is on everyone's mind.  
As internet users, service providers and overseers, it is our combined 
responsibility to do whatever is necessary to ensure the safety, and 
protect the privacy of the internet community at large.