Niels, All,
I was looking at the RIPE Database Terms & Conditions, and i guess your
proposal/idea doesn't go against it, and may even roughly match with
"Scientific research into network operations and topology" on Article 3.
However i don't see how this can change anything in real life routing
ahead of cost and performance variables. Specifically about your
examples, GDPR compliance is mandatory for a broad set of orgs, so i
don't see any real value in adding an ASN to that as-set.
Is this "yet another quality seal/we're part of this bunch" approach?
Sorry for the lack of optimism here :-)
Regards,
Carlos
On Fri, 8 Mar 2019, Niels ten Oever via db-wg wrote:
Dear Database WG,
Recent public debates on the ethics and social implications of digital
technology, as well as the feedback I received on my presentation at RIPE77
[0], have stimulated me to think more about how value frameworks can inform
routing decisions.
Based on the analysis of several discussions in the IETF community [1], the
ICANN community [2], and the recent book by David Clarke [3], I thought a
voluntary declaration of values might be relevant for discussion in the RIPE
community. A way of doing this could be the discussion of the introduction of
two AS-SET objects in the routing database. This could enable Autonomous
Systems to declare the values frameworks they adhere to. An example of possible
objects would be:
[object0]
as-set: AS-GDPR
remarks: members of this set declare to be compliant with the General Data
Protection Regulation of the European Union
mbrs-by-ref: ANY
[/object0]
[object1]
as-set: AS-UNGP
remarks: members of this set declare to have adopted and implemented the United
Nations Guiding Principles on Business and Human Rights
mbrs-by-ref: ANY
[/object1]
Members of these sets would declare to live up to these values. Based on these
sets, other AS-es could, for example, choose to preferentially route via AS-es
that are member of (one of) these sets.
These value frameworks (the GDPR and UNGPs) were chosen because these are
widely known and adopted standards in our community [4], so the understanding
of these values should not be subject to a lot of interpretation and discussion.
Do you think this would be a reasonable approach, and if so, would you consider
becoming a member of (one of) these sets? Or do you think there are better ways
to achieve this?
Looking forward to hear what you think.
Best,
Niels
PS I posted a similar e-mail to the routing WG to discuss the routing
implications of this proposal. Please accept my apologies if this is considered
as cross-posting, but I thought both aspects of this proposal might be
interesting to discuss.
[0] https://ripe77.ripe.net/archives/video/2113/
[1] For instance in the discussions on RFC1958, RFC3935, RFC6873, RFC7258, and
RFC8280
[2] Most notably resulting in the addition of a commitment to human rights
during the IANA transition, but of course as well during the extensive WHOIS
discussions
[3] https://mitpress.mit.edu/books/designing-internet
[4] For instance SIDN has engaged in a Human Rights Impact Assessment
https://www.sidn.nl/a/over-sidn/mensenrechten-daar-voldoen-we-toch-aan , and Cisco,
Ericsson, Google, NTT, Orange, AT&T, IBM and many others have adopted the UNGPs
- Cisco https://www.business-humanrights.org/en/cisco-systems-0?keywords=cisco
- Ericsson
https://www.business-humanrights.org/en/ericsson-0?keywords=ericsson#a117755
- Google https://www.business-humanrights.org/en/google-0?keywords=google
- NTT
https://www.business-humanrights.org/en/nippon-telegraph-and-telephone-ntt-group-0
http://www.ntt.co.jp/csr_e/report.html
- Orange https://www.business-humanrights.org/en/orange-0
- AT&T https://www.business-humanrights.org/en/att-0?keywords=AT&T
- IBM https://www.business-humanrights.org/en/ibm-0?keywords=IBM
--
Niels ten Oever
Researcher and PhD Candidate
Datactive Research Group
University of Amsterdam
PGP fingerprint 2458 0B70 5C4A FD8A 9488
643A 0ED8 3F3A 468A C8B3
