[arin-ppml] ARIN-prop-180 ISP Private Reassignment
cblecker at gmail.com
Thu Aug 9 15:26:25 EDT 2012
On Thu, Aug 9, 2012 at 11:58 AM, Martin Hannigan <hannigan at gmail.com> wrote:
> On Thu, Aug 9, 2012 at 1:53 PM, Christoph Blecker <cblecker at gmail.com> wrote:
>> On Thu, Aug 9, 2012 at 9:15 AM, Jeffrey Lyon
>> <jeffrey.lyon at blacklotus.net> wrote:
> [ clip ]
>> Here's a scenario to think about. In many cases, ISPs are really tight
>> with their customer data and will not release it without a court
>> order. Say there is some sort of time sensitive issue that law
>> enforcement needs to track down an IP address. Getting a court order
>> for the ISP to release their customer information, then getting
>> another court order against the entity takes time. At least having a
>> clue if they're on the right track as far as the owner of an IP can
>> help law enforcement speed things up.
> In order to issue a subpoena for subscriber data, an officer of the
> court needs an open case and typically the signature of a supervisor
> in many jurisdictions in order to serve for documents or appearance at
> their offices. Your argument about the time disparity is unfortunately
> inaccurate, but I hope this helps a bit. I'm not a lawyer, so as with
> any legal issue you should consider asking a real lawyer to validate
> that for the most part.
The argument presented by the Canadian government as to why the Lawful
Access provisions of Bill C-30 are required, is to speed up law
enforcement access to data. What I'm suggesting is that a change like
this would play in to such an argument. The goal of this proposal is
to increase the privacy of this data, but I'm saying is that there is
the possibility that this may actually serve to accomplish the
opposite. While yes, it's speculation, it's important to consider all
the possible consequences of a proposed change.
> Using inaccurate WHOIS data to "help" in addressing exigent
> situations is a red-herring in the argument against the proposed
> policy in my opinion. Your mileage may vary, of course.
While I realize that whois data in reality can be unreliable and out
of date, it's "supposed" to be accurate. It's listed as a
responsibility under the RSA. That's really what we're talking about
here -- entities who are actually diligent to their responsibilities
under the RSA. However, you're right in that the same facts could be
used in an argument to remove the SWIPing requirement as well.
It's still my opinion though that more information is a good thing. If
the SWIP is inaccurate, the upstream ISP's contact information is
still available in other ways, such as in the larger Direct Allocation
block, or in the whois for the AS number.
More information about the ARIN-PPML