[arin-ppml] Policy Proposal: Customer Confidentiality
tvest at pch.net
Tue Jun 9 10:27:30 EDT 2009
I was think thinking something very similar.
Regardless of which party initiates the action, if the end result is
the use of ISP contact information to mask the identity of the end
customer, then by definition the ISP is effectively agreeing to act as
the customer's proxy (or at least proxy of last resort) in any/all
recognized legitimate interactions are mediated by whois, for as long
as that identity substitution remains in effect.
I imagine that "recognized legitimate" uses of whois could/should be
imported by reference to broader established policies, and the actual
scope/details of discretionary proxy services should be left to
specific bilateral arrangements -- but I think that the "proxy of last
resort" language should probably be added to the proposal.
On Jun 9, 2009, at 10:07 AM, David Farmer wrote:
> In general, the concept of privacy or confidentially attaches to
> the client or customer not to the agent or service provider. An
> example, attorney client privilege is a right of the client and a
> duty of the attorney, it is for the benefit of the client not the
> If withholding such information is solely in the business interest
> of the agent or service provider, the ISP in this case, and
> especially if it in anyway damages the interest of client or
> customer, then I'm opposed to such policies.
> Customer information is not solely the property of the agent or
> service provider, the client or customer should have the
> controlling interest in such information.
> I generally support an effort to increased Customer
> Confidentially, but it needs to focus on the Customer's interest
> not solely on the ISP's interest. So I am worried about how
> this proposal is written and that it seems to focus on the ISP's
> interest not the Customer's interest.
> It maybe as simple as requiring an ISP to provide the actual
> customer information in Whois if direct by the customer to do
> so. That might be all it takes to put the customer's interest
> ahead of the ISP's interest.
> I'm fine with an ISP choosing the default action, but the
> customer should have a choice about their information, not
> solely the ISP.
> On 9 Jun 2009 Member Services wrote:
>> 1. Policy Proposal Name: Customer Confidentiality
>> 2. Proposal Originator: Aaron Wendel
>> 3. Proposal Version: 1.0
>> 4. Date: 9 June 2009
>> 5. Proposal type: new
>> 6. Policy term: permanent
>> 7. Policy statement:
>> ISPs may choose to enter their own address and phone number in
>> reassignments and reallocations in lieu of the customer's address and
>> phone number. The customer's actual information must be provided to
>> ARIN on request and will be held in the strictest confidence.
>> 8. Rationale:
>> Customer contact lists are one of the most proprietary and
>> confidential pieces of information in any business. The requirements
>> for ISPs to publish those lists via SWIP or RWHOIS runs contrary to
>> good business practices and invites competitors and others to solicit
>> both individuals and companies receiving reassignments and sub
>> allocations from upstream providers.
>> 9. Timetable for implementation: immediate
> David Farmer Email:farmer at umn.edu
> Office of Information Technology
> Networking & Telecomunication Services
> University of Minnesota Phone: 612-626-0815
> 2218 University Ave SE Cell: 612-812-9952
> Minneapolis, MN 55414-3029 FAX: 612-626-1818
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> Please contact info at arin.net if you experience any issues.
More information about the ARIN-PPML