[arin-ppml] Policy Proposal: Customer Confidentiality

Aaron Wendel aaron at wholesaleinternet.net
Tue Jun 9 15:33:41 EDT 2009

I purposely wrote the policy to be short, to the point, and easy to
understand.  The customer's communication with their provider should include
whether they want their personal information published in a publically
accessible database.

My point in writing this policy was to protect information that is
proprietary to any business.  Tell a realtor you know that you're thinking
about going into real estate and you'd like his customer list. Then tell him
that you actually need his customer list to make sure he's legit.  If all he
does is laugh at you then you got off lucky.  I can think of no other
private business that is required to publish customer information to the

Customers can ask to have their information included and many of ours
specifically do but many of them have no idea how to admin their own
networks.  That's why they come to us.

This is my first policy proposal and the first I've seen from a source
outside the usual suspects you see bating around the proposals on the list.
I am not sure how to change the wording or if it needs changing but I feel
this is an important issue and am open to suggestions and guidance on
changes that people feel need to be made to make this a workable policy.


-----Original Message-----
From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On
Behalf Of Milton L Mueller
Sent: Tuesday, June 09, 2009 1:36 PM
To: 'William Herrin'
Cc: arin-ppml at arin.net
Subject: Re: [arin-ppml] Policy Proposal: Customer Confidentiality

I don't understand how this is a consideration if the ISP continues to be
accurately identified in the whois. I don't understand how a third party's
suspicion of an ISP gives them a right to access a customers' data as
opposed to the ISP data. Recall that ARIN has access to the customer
information and would thus be accessible to any real fraud investigation. 

> -----Original Message-----
> It makes it possible for third parties to perform spot-checks which
> audit the ISP's honest use of address space. Whether used or not, this
> greatly impacts ARIN's process transparency. This is especially
> helpful when a supposed ISP is suspected of fraud. A name alone or
> fully private registrations are insufficient for auditing.
> Regards,
> Bill Herrin
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
Unsubscribe or manage your mailing list subscription at:
Please contact info at arin.net if you experience any issues.

More information about the ARIN-PPML mailing list