<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><br><div><div>On Jan 29, 2010, at 5:28 PM, Aaron Wendel wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div><br><blockquote type="cite">No it does not. Didn't you read your own proposal? It doesn't protect<br></blockquote><blockquote type="cite">hosted and collocated customers AT ALL. It protects the _ISP's_ that <br></blockquote><blockquote type="cite">sell services to those hosted and collocated customers.<br></blockquote><br>You must be reading something different. My proposal is about obscuring the<br>address, phone number and e-mail of a collocated or hosted customer to<br>prevent poaching by competition. I can use the rational that it protects<br>the ISPs customer list and I could also use the "it protects customer<br>privacy" argument that obviously won 2004-7.<br><br></div></blockquote>Except that businesses don't have such a right to privacy as residential customers</div><div>may. Generally, legitimate businesses do not intend to be anonymous (ServerVault's</div><div>special class(es) of arguably nefarious customers aside, which aren't exactly</div><div>businesses in most cases, either).</div><div><br></div><div>If it were intended to protect customer privacy, then, at best it should mention that</div><div>the choice is entirely up to the customer, and, in the case of non-residential services</div><div>I would argue that the default should clearly be in favor of publication absent a</div><div>specific customer request.</div><div><br></div><div>The ISP should be required to produce documentation of the customer request</div><div>for ARIN on request.</div><div><br></div><div><blockquote type="cite"><div><blockquote type="cite">Those hosted and collocated customers are businesses that are out there<br></blockquote><blockquote type="cite">paying good money to make themselves known to the world so they can<br></blockquote><blockquote type="cite">sell websites and whatever else they do. Your idea of "protecting" them<br></blockquote><blockquote type="cite">is to interfere with this process.<br></blockquote><br>Not all of them. I have a customer, Action Photo. It's a photography<br>studio run by two people. They colo a server with me and have a /29. I have<br>to SWIP their information even though they are the last people that should<br>be called if there's an issue and would just end up calling me anyway.<br><br></div></blockquote>So you run their antivirus software and clean their machines if they get</div><div>infected? If it's that level of managed service, then, arguably their machines</div><div>are part of your infrastructure from an administrative perspective. If you are</div><div>the end-user, you don't need to swip the space as a customer assignment.</div><div>If someone else administers the machines, then, that someone else should</div><div>be on the SWIP.</div><div><blockquote type="cite"><div><font class="Apple-style-span" color="#000000"><br></font></div></blockquote><div><br></div><div>Owen</div><div><br></div></div><br></body></html>