[arin-ppml] Policy Proposal: Customer Confidentiality

Michael K. Smith - Adhost mksmith at adhost.com
Tue Jun 9 15:58:17 EDT 2009



> > On Behalf Of Milton L Mueller
> > Sent: Tuesday, June 09, 2009 1:36 PM
> > To: 'William Herrin'
> > Cc: arin-ppml at arin.net
> > Subject: Re: [arin-ppml] Policy Proposal: Customer Confidentiality
> >
> > I don't understand how this is a consideration if the ISP continues
> to
> > be accurately identified in the whois. I don't understand how a
third
> > party's suspicion of an ISP gives them a right to access a
customers'
> > data as opposed to the ISP data. Recall that ARIN has access to the
> > customer information and would thus be accessible to any real fraud
> investigation.
> 
> To my mind the issue is not one of fraud investigation but one of
abuse
> resolution.  It is all too easy for a network host to broadcast a
> number of types of storm traffic from innocent causes such as hardware
> or software failure or mis-configuration.  Even things as simple as
> routing loops can be debilitating to more than the end user in
> question.
> 
> The end user need not be identified, but a contact to an administrator
> who can deal with routing and traffic issues should be required.
> 
> I am all for privacy, but reachability of an effective PoC needs to be
> maintained.  A PoC who calls a contact who relays a message to someone
> who knows who the administrator is cannot be effective.
> 

I would argue that I am the effective PoC for "my" address space.  In
fact, since the official abuse contact for the ARIN-assigned space is
listed as authoritative, that's the one that gets notified in the event
of issues, not the customer's address in SWIP.  However, having my
customer's contact information has proven to be helpful to my
competitors.  If you know how to scrape SWIP you know a lot, and I would
argue too much, about my business.

Mike



More information about the ARIN-PPML mailing list