[arin-ppml] Petition Underway - Policy Proposal 95: Customer Confidentiality - Time Sensitive

Owen DeLong owen at delong.com
Sun Jan 31 04:14:17 EST 2010


On Jan 29, 2010, at 5:28 PM, Aaron Wendel wrote:

> 
>> No it does not.  Didn't you read your own proposal?  It doesn't protect
>> hosted and collocated customers AT ALL.  It protects the _ISP's_ that 
>> sell services to those hosted and collocated customers.
> 
> You must be reading something different.  My proposal is about obscuring the
> address, phone number and e-mail of a collocated or hosted customer to
> prevent poaching by competition.  I can use the rational that it protects
> the ISPs customer list and I could also use the "it protects customer
> privacy" argument that obviously won 2004-7.
> 
Except that businesses don't have such a right to privacy as residential customers
may.  Generally, legitimate businesses do not intend to be anonymous (ServerVault's
special class(es) of arguably nefarious customers aside, which aren't exactly
businesses in most cases, either).

If it were intended to protect customer privacy, then, at best it should mention that
the choice is entirely up to the customer, and, in the case of non-residential services
I would argue that the default should clearly be in favor of publication absent a
specific customer request.

The ISP should be required to produce documentation of the customer request
for ARIN on request.

>> Those hosted and collocated customers are businesses that are out there
>> paying good money to make themselves known to the world so they can
>> sell websites and whatever else they do.  Your idea of "protecting" them
>> is to interfere with this process.
> 
> Not all of them.  I have a customer, Action Photo.  It's a photography
> studio run by two people.  They colo a server with me and have a /29. I have
> to SWIP their information even though they are the last people that should
> be called if there's an issue and would just end up calling me anyway.
> 
So you run their antivirus software and clean their machines if they get
infected? If it's that level of managed service, then, arguably their machines
are part of your infrastructure from an administrative perspective. If you are
the end-user, you don't need to swip the space as a customer assignment.
If someone else administers the machines, then, that someone else should
be on the SWIP.
> 

Owen


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20100131/8f18bb24/attachment.html>


More information about the ARIN-PPML mailing list