[arin-ppml] Policy Manual : Customer Privacy

McTim dogwallah at gmail.com
Sun Sep 28 00:18:22 EDT 2008

Hi Chris,

On Sun, Sep 28, 2008 at 2:52 AM, chris mr <chris.misztur at yahoo.com> wrote:
> Hello,
> Reference: http://www.arin.net/policy/nrpm.html#four2376
> I have recently noticed that ISPs such as ATT(SIS-80) and Comcast(CBCI) publish their customers' personal information in /29 reassignments.  For my residential DSL service I was told to contact ipadmin at att.com to hide my personal information, which they did.
> What are your thoughts as to why ISPs do not protect their residential customers' privacy by default?

The operative word in the document you cite is "may", as in "an
organization with downstream residential customers may substitute that
organization's name for the customer's name"

In other words, they are not required to do this, but they can.

The IPv6 section of the same doc says:

"Internet address space must be registered in a registry database
accessible to appropriate members of the Internet community. This is
necessary to ensure the uniqueness of each Internet address and to
provide reference information for Internet troubleshooting at all
levels, ranging from all RIRs and IRs to end users.

The goal of registration should be applied within the context of
reasonable privacy considerations and applicable laws."

This applies to IPv4 addresses as well.

So it's a balance between providing POC info for IP space and privacy.

ISPs may find it easier to handle all the abuse/trouble tickets for
their customers, or they may prefer to pass on these duties to the
actual users of the space.  PPML allows them to do either.  This
flexibility is useful IMHO.



More information about the ARIN-PPML mailing list