[arin-ppml] Policy Proposal: Customer Confidentiality

Jay Hennigan jay at impulse.net
Wed Jun 10 13:18:08 EDT 2009

David Farmer wrote:

> To be equally as honest and direct as you have been;
> If this is only about protecting the business interest of the ISPs then go away. 
> However, if we can both protect the business interest of the ISPs and the 
> privacy, confidentiality and other interests of Internet end users then maybe 
> we can do something.  
> If a customer has a business need to have the full information disclosed as it 
> is in the current policy then they should have that right, as the end user of 
> the address space their business need must out weigh your business need 
> as the ISP.  The reason you have been allocated address space in the first 
> place is to provide it to end users to meet their needs in connecting to the 
> Internet. 
> If we can find a way to disclose less information about the Internet end user 
> and protect the interest of the ISP, the end user, and the public interest in 
> proper use of address space then we will have a good proposal.
> I believe this could be a useful proposal that I can support, but if it remains 
> focused solely on the business interest of the ISPs then I will have to oppose 
> it. 

I view it as doing both, as well as in most cases assisting in the abuse 
resolution process.

* It prevents harvesting of customer contact addresses by spammers, 
telemarketers (*cough-Neustar-cough*), etc., thus enhancing customer 

* It is more likely to result in abuse complaints being routed to an 
entity technically able to deal with them.  This is both because the ISP 
is likely to have more technical expertise and because the end-user SWIP 
contact is likely to be stale and/or poisoned with junk going to that 
address.  These contacts are often an individual email address rather 
than a role account, as it's collected when IP addresses are first 
assigned and the end-user isn't likely to have put much thought into it.

* It protects the ISP's proprietary customer lists to some extent.  IMHO 
this is the least significant.  If an ISP's customer relationships are 
that fragile there are likely to be other problems.  However, customer 
resentment towards the ISP when an ISP publishes end-user SWIP/RWHOIS 
data and the customer gets spammed and telemarketed could be a problem. 
  I'm thinking of the "How dare you sell my phone and email to these 
sleazebags!?!" type of thing.

I agree that end-users who choose to have their information published 
should have that ability, but they should also be able to choose 
privacy.  IMHO, privacy should be the default but I'd leave that to each 
ISP to decide.

Jay Hennigan - CCIE #7880 - Network Engineering - jay at impulse.net
Impulse Internet Service  -  http://www.impulse.net/
Your local telephone and internet company - 805 884-6323 - WB6RDV

More information about the ARIN-PPML mailing list