[arin-ppml] Draft Policy ARIN-2017-5: Equalization of Assignment Registration requirements between IPv4 and IPv6

[Paul McNary]

Hello John

It would be the CPNI non-disclosure rules from the FCC.
WISPA's counsel which does not represent me personally but WISPA as an
organization is and expert on this. He knows the FCC inside and out and has
been warning us about our CPNI requirements for non-disclosure and says
it is not exempted from the small provider exclusion.
His contact information is
Stephen E. Coran
Lerman Senter PLLC
2001 L Street, NW, Suite 400
Washington, DC 20036
202-416-6744 – office
202-669-3288 – mobile
scoran at lermansenter.com – email
www.lermansenter.com
@stevecoran – twitter

IANAL so I can only comment as such. But it does look like an issue.
A law/regulation from the federal government vs an non government
entity contract. It still appears to me that SWIP'ing CPNI information
and displaying it in public WHOIS is a violation of law unless ARIN
has an exemption that would gut the privacy for Internet users.
I guess we could SWIP the IP but put in Customer one and our
POC information.

I am sure Steve can tell page and verse about this.

Thanks you
Take care
Paul McNary
McNary Computer Service
pmcnary at cameron.net


On 7/16/2017 9:38 PM, John Curran wrote:
> On 16 Jul 2017, at 8:46 PM, Paul McNary <pmcnary at cameron.net> wrote:
>> Hello
>> This is probably targeted to John and the ARIN staff
>>
>> I was reading some articles today. Under the current net privacy rules and proposed
>> net neutrality rule making goes through or even if not, we are not allowed to put
>> customer data in a publicly accessible  data base. I don't think we are even allowed
>> to provide that information to a third party without our customer's written opt-in.
>> You can only get the IP "address holder's" information because of the contract we
>> have with ARIN where we give up that right of privacy. So you can make us give you
>> that information but you can not force us to break the law, if the end user doesn't have a
>> contract with ARIN. Even if we would SWIP a current /24 and their information is
>> disclosed to a third party (ie ARIN) and the end user doesn't have a contract with
>> ARIN, I think we are in violation of the Internet privacy rules as they are and have been.
>>
>> John, can you and the ARIN staff get a written clarification from FCC about this.
>> It basically guts the privacy rule making if SWIP is performed on a customer
>> who does not give written approval.
>>
>> What am I missing? The WISPA lawyers say we are still required to follow the
>> Internet policy rule making.
> Paul -
>   
>      ARIN obviously does not require you “to break the law”, but to be able to further
>      pursue this matter we’re going to need a bit more information.
>      
>      Do you have a reference for the particular law or rulemaking proceeding that
>      the WISPA lawyers assert is in conflict?   I would be happy to speak with them
>      directly if that would help – email me appropriate contact information when you
>      have a moment.
>
> Thanks!
> /John
>
> John Curran
> President and CEO
> ARIN