[arin-ppml] Draft Policy ARIN-2017-5: Equalization of Assignment Registration requirements between IPv4 and IPv6
hostmaster at uneedus.com
hostmaster at uneedus.com
Mon Jul 17 01:04:26 EDT 2017
John,
I think this is the FCC ruling he speaks of, and it does seem to shut down
public disclosures of most of what is contained in SWIP/WHOIS without
customer consent. This has been the rule for regular phone calls for a
long time, called CPNI. Until today I did not realise the FCC extended
this to the internet. It also appears that even someone with a contract
with ARIN could require ARIN to restrict their data from third party
disclosure, as it states that private contract provisions cannot override
the right to insist on privacy.
http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-07-22A1.pdf
It looks like static and even dynamic IP addresses and MAC addresses are
considered protected information. IP addresses are the bread and butter of
ARIN. Domain names are protected, thus Email addresses are protected since
they contain a domain name, and they have also ruled that name, address
and telephone numbers are protected as well. They even talk of DNS
lookups being protected.
It kinda looks like the FCC has made a large part of SWIP/WHOIS unlawful
with this order unless ARIN has been given consent by each holder of the
information, even if they are a current member under contract.
Albert Erdmann
Network Administrator
Paradise On Line Inc.
On Mon, 17 Jul 2017, John Curran wrote:
> On 16 Jul 2017, at 8:46 PM, Paul McNary <pmcnary at cameron.net> wrote:
>>
>> Hello
>> This is probably targeted to John and the ARIN staff
>>
>> I was reading some articles today. Under the current net privacy rules and proposed
>> net neutrality rule making goes through or even if not, we are not allowed to put
>> customer data in a publicly accessible data base. I don't think we are even allowed
>> to provide that information to a third party without our customer's written opt-in.
>> You can only get the IP "address holder's" information because of the contract we
>> have with ARIN where we give up that right of privacy. So you can make us give you
>> that information but you can not force us to break the law, if the end user doesn't have a
>> contract with ARIN. Even if we would SWIP a current /24 and their information is
>> disclosed to a third party (ie ARIN) and the end user doesn't have a contract with
>> ARIN, I think we are in violation of the Internet privacy rules as they are and have been.
>>
>> John, can you and the ARIN staff get a written clarification from FCC about this.
>> It basically guts the privacy rule making if SWIP is performed on a customer
>> who does not give written approval.
>>
>> What am I missing? The WISPA lawyers say we are still required to follow the
>> Internet policy rule making.
>
> Paul -
>
> ARIN obviously does not require you “to break the law”, but to be able to further
> pursue this matter we’re going to need a bit more information.
>
> Do you have a reference for the particular law or rulemaking proceeding that
> the WISPA lawyers assert is in conflict? I would be happy to speak with them
> directly if that would help – email me appropriate contact information when you
> have a moment.
>
> Thanks!
> /John
>
> John Curran
> President and CEO
> ARIN
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
>
More information about the ARIN-PPML
mailing list