[arin-ppml] Draft Policy 2008-7: Identify Invalid WHOIS POC's

[Orbeton, Jon]

All:

I understand most of this discussion has already taken place and I'm
coming late to the game, but I did have a question that was outside the
scope of what had been asked already.

Regarding this policy on the Invalid POCs, the draft makes this
statement:

"If ARIN staff deems a POC to be completely and permanently abandoned or
otherwise illegitimate, the record shall be deleted."

I understand this policy regards the process to identify an "Invalid
POC" by simply sending an email looking for a response within 60 days.
However, I wanted to focus on the "otherwise illegitimate" phrase in
this policy. 

I investigate cybercrime and constantly find bogus or fake information
placed into ARIN WHOIS IP space information. For example:

CustName:   Viss Technologies
Address:    vissvpn.com
City:       Ho Chi Minh
StateProv:  OH
PostalCode: 12345
Country:    US
RegDate:    2008-11-03
Updated:    2008-11-03
 
NetRange:   208.43.240.160 - 208.43.240.175 
CIDR:      208.43.240.160/28 
NetName:    NET-208-43-240-160
NetHandle:  NET-208-43-240-160-1
Parent:     NET-208-43-0-0-1
NetType:    Reassigned
Comment:    Send abuse issues to abuse at vissvpn.com
RegDate:    2008-11-03
Updated:    2008-11-03

This is obviously "illegitimate" information -- does this policy draft
actually address this type of problem wuth the "otherwise illegitimate"
phrase or is there some other policy that addresses this issue. We've
contact ICANN, they said contact ARIN, ARIN said they contact the net
block owner. However, there are net block owners who are not friendly
and are engaged in questionable activities who have no interest in
fixing or requiring legitimate information in these records.
Furthermore, reporting to the "abuse contact" results in non-action. 

What can be done about this?


Thanks,
Jon Orbeton

Electronic Crime & Threat Intelligence PayPal, an eBay Company