Hi Malcolm, all: Thanks for sharing this. I encourage anyone interested in this topic and potential areas of collaboration to check out a session organized by the RIPE NCC's own Richard Learning at EuroDIG 2017 earlier this month: https://eurodigwiki.org/wiki/Criminal_justice_on_the_Internet_%E2%80%93_identifying_common_solutions_%E2%80%93_WS_4_2017
Best, -Michael __________________ Michael J. Oghia Independent #netgov consultant & editor Belgrade, Serbia Skype: mikeoghia Twitter <https://www.twitter.com/MikeOghia> *|* LinkedIn <https://www.linkedin.com/in/mikeoghia> On Wed, Jun 28, 2017 at 1:04 PM, Malcolm Hutty <[email protected]> wrote: > The Co-operation WG may be interested in the following report of a reply > by a European Commissioner to a European Parliamentary question about > Carrier Grade NAT - not least because the reply refers to this WG by name. > > > -------- Forwarded Message -------- > Subject: (CGN) European Commission PQ response > Date: Wed, 28 Jun 2017 08:37:47 +0000 > From: Owen Bennett <[email protected]> > To: DG-Euroispa cybersecurity <[email protected]> > > > > Dear EuroISPA Cybersecurity committee, > > > The European Commission has published its answer to a recent European > Parliament parliamentary question*concerning ISPs’ deployment of CGN > (carrier-grade network access translation) and the so-called > ‘going-dark’ problem.* > > > To remind, ISPs are under increasing pressure from law enforcement with > regard to their use of CGN technology – the fact of putting multiple > users behind individual IP addresses is said to stifle law enforcement > investigations of crimes with an online component. > > > The Commission’s response to the parliamentary question is pertinent for > EuroISPA in that it is one of the first times where the Institution has > addressed the CGN matter in an official /on the record /capacity. > > > As you will see, the Commission’s response falls short of calling for > regulatory intervention to limit CGN deployment, and even goes as far as > to label CGN deployment ‘unavoidable’. > > > We will continue to monitor this matter at EU-level and keep members > updated. > > > Kind regards, > > Owen > > > *** > > *Question of MEP Agnew (EFDD, UK), Carrier Grade Network Access > Translation > <http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-% > 2f%2fEP%2f%2fTEXT%2bWQ%2bE-2017-001101%2b0%2bDOC%2bXML% > 2bV0%2f%2fEN&language=EN>, > 17 February 2017* > > /[Europol recently held a meeting to discuss CGN technologies that have > long been used by ISPs to delay the capex required to extend the current > pool of IP addresses (CGN technologies are used by ISPs to share one > single IP address among multiple subscribers at the same time)./ > > /Does the Commission agree that restricting the continued use of CGN, > simply on the grounds that Europol finds it inconvenient to monitor, is > a retrograde step and an unacceptable interference with current > commercial practice and freedom of technological choice?]/ > > *Answer given by Commissioner Avramopoulos > <http://www.europarl.europa.eu/sides/getAllAnswers.do? > reference=E-2017-001101&language=EN> > on behalf of the European Commission, 26 June 2017 * > > > /[The Commission is aware that law enforcement authorities have raised > certain concerns regarding the increasing use of Carrier-Grade Network > Address Translation (CGN) technology. CGN enables a single Internet > Protocol (IP) address to be shared by potentially thousands or hundreds > of thousands of subscribers at the same time since there is not enough > capacity under the current IP version 4 (IPv) to meet demand. This makes > it technically very difficult for an internet service provider to > identify an individual subscriber in response to legitimate requests > from law enforcement authorities. Consequently, it is difficult to > attribute crime and identify criminals using that particular IP address. > Europol thus has legitimate concerns regarding CGN or other forms of > address sharing, which may also have a negative impact on fraud > detection or intrusion detection systems. They may also have other > negative consequences, such as overall performance degradation of > connections or even, in some cases, certain applications not working at > all. / > > / / > > /The expedited deployment of IP version 6 (IPv6)//on a global scale and > by all stakeholders would mitigate the problems and also offer new > opportunities to service providers. In the short term, however, the use > of IPv4 address-sharing is unavoidable, as there are still a significant > number of users, services and applications that function only with IPv4. > At the same time, the Commission is not aware of any proposals to > restrict the continued use of CGN, but rather of efforts being made to > raise awareness about the issue, share best practices and find ways to > facilitate the attribution of crime. It intends to raise the issue to > RIPE (Réseaux IP Européens) via its representative who is chairing > RIPE's Cooperation Working Group.]/ > > > *** > > > *Owen Bennett* > > Policy Executive > *EuroISPA - European Internet Services Providers Association * > Rue du Commerce 124/5 - 1000 Brussels > T: +32 (0)2 550 41 22 > www.euroispa.org <http://www.euroispa.org/> > > Follow us on Twitter *@euroispa <https://twitter.com/euroispa>* > > > *EuroISPA is the world's largest association of Internet Services > Providers, representing over 2500 ISPs across Europe.* > > EU Transparency Register ID Number: 54437813115-56 > > > > >
