[ppml] /29 limit for ARIN SWIP whois

Ted Mittelstaedt tedm at ipinc.net
Wed Jan 9 20:35:21 EST 2008

>-----Original Message-----
>From: ppml-bounces at arin.net [mailto:ppml-bounces at arin.net]On Behalf Of
>Leo Bicknell
>Sent: Wednesday, January 09, 2008 3:50 PM
>To: Public Policy Mailing List
>Subject: Re: [ppml] /29 limit for ARIN SWIP whois

>I also want to stress the issue is not just vigilante mobs going
>against spammers though.  All the reasons people hate each other
>apply in the cyber world as well.  And it's not just vigilante mobs,
>it's also lone individual harasser.
>Consider cyberstalking, http://en.wikipedia.org/wiki/Cyberstalking.

>Has there ever been a case where a predator used whois data to help
>locate a victim?  When a battered woman moves across country and
>signs up for new internet access is there adequate disclosure from
>the provider her name address and phone number may be listed in a
>global, public database?

If the litmus test was if the woman's number was unlisted, then
are battered women who move across the country going to not have
unlisted phone numbers?

There are even many "Mittelstaedt's" in the country and that's
a pretty rare name.

>If her ex finds her through that information
>and kills her, is the ISP, or even ARIN partially liable?

No more than if her ex finds her through the telephone company's
white pages.

>To bring back a golden oldie: McGruff.org has "stay safe online"
>recommendations: http://www.mcgruff.org/Advice/online_safety.php
>   "Never give out personal information like your name, telephone number,
>    address, email, or school name."

OK so why is it not OK to give that out online, but OK to give it
out in the telephone directory?

>How many kids are giving out their name, address, and telephone
>number just by surfing the web from an IP with fairly specific whois
>information?  Who's using that information, and for what purpose?

Children are not of legal age to consent to ANYTHING including the
AUP of the ISP they are using, and parents who let children surf
the web unattended, without adequate training, ought to be shot.

>The sad part of all of this is the victims aren't going to speak
>up.  Spammers who have people come to their house and make a death
>threat aren't going to go to the police.

Criminals selling drugs aren't going to go to the police either.
That is an occupational risk of engaging in selling drugs.  As it is
for spamming, also in the US an illegal activity.  As a taxpayer who
supports both state and federal police, I frankly do not want those
organizations spending time making life safer for drug dealers and

Obviously if a spammer or drug dealer actually gets murdered, then I
want the cops to toss the murderer in jail for a long long time.  But,
until that happens, the drug dealers and spammers can take the advice
of the old doctor joke and "Don't do that"

>Battered women who need
>to remain anonymous to stay away from their ex aren't going to write
>front page articles on CNN about how their privacy was compromised.
>Child predators aren't going to let the world know whois is a
>goldmine for them.

Your examples are just not realistic.  I've been using my own real
name online since around 1982 and I've never had a problem.  Your
using your real name (I assume) on this forum, have you had a problem?

These things
your bringing up are marginal, border examples that are outweighed
by societies need for tracking and identifying people using the Internet.
(not applications on the Internet, the Internet itself)

>What percentage of people who buy service from a provide who lists
>their details in whois know that is the case?

That is really a different issue - and it is not that it's invalid, quite
the contrary.  It is that ARIN cannot set policy that makes an ISP
fully disclose to it's customers what is and isn't published.

I agree customers should be informed.  I just don't think that gutting
SWIPs usefulness is a way of solving the problem with ISP's that
don't inform their customers.

>I can buy a phone line for home and have it be unlisted.  I can buy
>5 phone lines for home and have them be unlisted.  I can buy 500
>phone lines for home and have them be unlisted.  Yet, to participate
>in the Internet at anything more than a basic level I must provide
>my information to the entire world?

You can buy a domain name and get it "unlisted" through a privacy guard
mechanism by many registrars.  I don't see a problem with ISP's offering
that.  I do see a problem with ARIN mandating that they offer that.


More information about the ARIN-PPML mailing list