[arin-ppml] Clarify /29 assignment identification requirement
Cameron Byrne
cb.list6 at gmail.com
Sat Apr 28 16:38:04 EDT 2012
On Sat, Apr 28, 2012 at 12:50 PM, William Herrin <bill at herrin.us> wrote:
> On 4/28/12, John Curran <jcurran at arin.net> wrote:
>> Please do not assume that ARIN will not request information regarding
>> actual customers assigned to dynamic IP pools; we do ask for this level
>> of detail if necessary for verification (i.e. while we are generally
>> satisfied by growth in customer counts, spot checking of those counts
>> also occurs.)
>>
>> The same standard applies in either case: if you do not have an established
>> record of growth and/or have unusual change in growth rate and/or show
>> signs associated with common fraudulent requests, you will get asked for
>> additional details.
>
> Hi John,
>
> Of the four folks across this conversation who've levied complaints
> about ARIN asking for customer identities for /32 users, none have
> expressed that ARIN inquired into customer identities for their
> dynamic pools and one expressly stated that ARIN didn't ask about the
> much larger dynamic pools at all. Four does not make a statistical
> sample but it does suggest a pattern.
>
> That having been said, you raise an issue I'd like to put to the floor:
>
> Per your statement above, ARIN considers itself at liberty to inquire
> into the personally identifiable information (PII) of the smallest and
> most ephemeral consumers of addresses among the ISP's customers during
> an ISP's application for addresses. Is that correct?
>
> Folks, is that what we want?
>
No, i do not want that.
Furthermore, i do not want ARIN storing this data about my customers
indefinitely in their systems with no policy to ever purge the data.
As it stands, if i understand it correctly, ARIN may demand and store
the name and address of every person in the ARIN region who has an
internet connection of any sort (cable, DSL, wireless, FTTH, e-reader
...)
Frankly, this revelation is so shocking and unnerving i don't even
feel comfortable discussing it on an open list.
Audit is one thing. Storing PII on every broadband consumer in the
ARIN region is quite another.
CB
> Regards,
> Bill Herrin
>
>
> --
> William D. Herrin ................ herrin at dirtside.com bill at herrin.us
> 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
> Falls Church, VA 22042-3004
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
More information about the ARIN-PPML
mailing list