@Niall : i understand your point and clearly this is not an easy topic when it comes to define what is personal data. But here is my question : If, to you, the legal adress is a personal data, are you also thinking the same way about the telephone number which is so far kept for registrar abuse contact phone ?
Speaking about sole trader, if i understand well your point and go beyond, the name by itself might also be considerated as a personal data as it is also a way to identify the person. To me, legal adress is just a way to be assured that the official request are sent to the correct place Pour une administration exemplaire, préservons l'environnement. N'imprimons que si nécessaire. -------- Message original -------- *Sujet: *[INTERNET] ncc-services-wg Digest, Vol 79, Issue 5 *De : *[email protected] *Pour : *[email protected] *Date : *10/10/2018 09:20 > Send ncc-services-wg mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.ripe.net/mailman/listinfo/ncc-services-wg > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of ncc-services-wg digest..." > > > Today's Topics: > > 1. Re: sara proposal and question to Randy (Niall O'Reilly) > 2. Re: sara proposal and question to Randy (Carlos Fria?as) > 3. Re: sara proposal and question to Randy (Randy Bush) > 4. Re: sara proposal and question to Randy (Randy Bush) > 5. back to randy (ROBINOT Stephane DCPJ SDLC) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 09 Oct 2018 15:16:58 +0100 > From: "Niall O'Reilly" <[email protected]> > To: [email protected] > Subject: Re: [ncc-services-wg] sara proposal and question to Randy > Message-ID: <[email protected]> > Content-Type: text/plain; charset="us-ascii" > > On 9 Oct 2018, at 14:43, ROBINOT Stephane DCPJ SDLC wrote: > >> If we all agree that personnal ie individual data has to be removed from >> direct access and that the legal address has to be published, > It is difficult to agree in general to both of these points, as they may, > in specific cases, contradict each other. > > The crux of the matter appears to be that the legal address of a sole trader > is precisely and inevitably personal data. > > Best regards, > Niall O'Reilly > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 903 bytes > Desc: OpenPGP digital signature > URL: > <https://lists.ripe.net/ripe/mail/archives/ncc-services-wg/attachments/20181009/179eef5c/attachment-0001.sig> > > ------------------------------ > > Message: 2 > Date: Tue, 9 Oct 2018 17:03:23 +0100 (WEST) > From: Carlos Fria?as <[email protected]> > To: ROBINOT Stephane DCPJ SDLC <[email protected]> > Cc: [email protected] > Subject: Re: [ncc-services-wg] sara proposal and question to Randy > Message-ID: > <[email protected]> > Content-Type: text/plain; charset="iso-8859-1"; Format="flowed" > > > On Tue, 9 Oct 2018, ROBINOT Stephane DCPJ SDLC wrote: > > (...) >> To randy, I would like to say that I don't understand what he pmeans by >> "whois is useless and should die". >> As I am new in this group, I might have missed something. Could you >> explain what you mean ? >> >> regards >> >> >> cv > Greetings, > > I'm also curious about if he meant "whois should die, let's get everything > onto rdap quickly", or if he means: "whois and all other registration > information protocols should die, so that nobody sees anything anymore". > > :-))) > > > Regards, > Carlos > > > >> Pour une administration exemplaire, pr?servons l'environnement. >> N'imprimons que si n?cessaire. >> >> -------- Message original -------- >> *Sujet: *[INTERNET] ncc-services-wg Digest, Vol 79, Issue 3 >> *De : *[email protected] >> *Pour : *[email protected] >> *Date : *09/10/2018 12:00 >>> Send ncc-services-wg mailing list submissions to >>> [email protected] >>> >>> To subscribe or unsubscribe via the World Wide Web, visit >>> https://lists.ripe.net/mailman/listinfo/ncc-services-wg >>> or, via email, send a message with subject or body 'help' to >>> [email protected] >>> >>> You can reach the person managing the list at >>> [email protected] >>> >>> When replying, please edit your Subject line so it is more specific >>> than "Re: Contents of ncc-services-wg digest..." >>> >>> >>> Today's Topics: >>> >>> 1. @EXT: 2018-05 New Policy Proposal (Publication of Legal >>> Address of Internet Number Resource Holder) - updating the >>> proposal? (Marcolla, Sara Veronica) >>> 2. Re: @EXT: 2018-05 New Policy Proposal (Publication of Legal >>> Address of Internet Number Resource Holder) - updating the >>> proposal? (Randy Bush) >>> 3. Re: @EXT: 2018-05 New Policy Proposal (Publication of Legal >>> Address of Internet Number Resource Holder) - updating the >>> proposal? (Carlos Fria?as) >>> 4. @EXT: RE: 2018-05 New Policy Proposal (Publication of Legal >>> Address of Internet Number Resource Holder) - updating the >>> proposal? (Marcolla, Sara Veronica) >>> 5. Re: @EXT: 2018-05 New Policy Proposal (Publication of Legal >>> Address of Internet Number Resource Holder) - updating the >>> proposal? (Nik Soggia) >>> >>> >>> ---------------------------------------------------------------------- >>> >>> Message: 1 >>> Date: Mon, 8 Oct 2018 15:46:47 +0000 >>> From: "Marcolla, Sara Veronica" <[email protected]> >>> To: "'[email protected]'" <[email protected]> >>> Subject: [ncc-services-wg] @EXT: 2018-05 New Policy Proposal >>> (Publication of Legal Address of Internet Number Resource Holder) - >>> updating the proposal? >>> Message-ID: >>> <[email protected]> >>> Content-Type: text/plain; charset="us-ascii" >>> >>> Hi everyone, >>> >>> All the comments exchanged in the list made me thinking a lot about the >>> wording of this proposal. I have noticed that the lively discussion around >>> the policy is bringing a lot of attention on the dichotomy between the >>> individual (which I agree completely, should be protected in their >>> fundamental rights, with provisions such as the GDPR and others), and the >>> company/corporation. It seems to me so far that many of us would indeed >>> support the idea of having the legal address published of companies, but >>> having concerns about personal data. The aim of this proposal is indeed to >>> focus on companies, not individuals, and even the smallest company has to >>> be registered as such (if not for other reasons, for tax reasons). >>> Individuals will be anyways protected by a hierarchically higher set of >>> rules: the fundamental rights, such as those championed by GDPR for example. >>> >>> At this point I am asking whether you support a proposal, the clarifies >>> that only the legal address of companies will be published, and that states >>> clearly that individuals information will be protected? After all, the >>> reasoning here is that if a resource holder is registered with a national >>> company registry, they have a legal address which can be published. This >>> legal address is usually publicly available anyhow and can be then >>> validated by the RIPE NCC. >>> >>> Looking forward to hear the feedback to this idea for an amendment to the >>> proposal. >>> >>> Sara >>> ******************* >>> >>> DISCLAIMER : This message is sent in confidence and is only intended for >>> the named recipient. If you receive this message by mistake, you may not >>> use, copy, distribute or forward this message, or any part of its contents >>> or rely upon the information contained in it. >>> Please notify the sender immediately by e-mail and delete the relevant >>> e-mails from any computer. This message does not constitute a commitment by >>> Europol unless otherwise indicated. >>> >>> ******************* >>> >>> >>> >>> >>> ------------------------------ >>> >>> Message: 2 >>> Date: Mon, 08 Oct 2018 09:30:39 -0700 >>> From: Randy Bush <[email protected]> >>> To: "Marcolla, Sara Veronica" <[email protected]> >>> Cc: "'[email protected]'" <[email protected]> >>> Subject: Re: [ncc-services-wg] @EXT: 2018-05 New Policy Proposal >>> (Publication of Legal Address of Internet Number Resource Holder) - >>> updating the proposal? >>> Message-ID: <[email protected]> >>> Content-Type: text/plain; charset=US-ASCII >>> >>>> At this point I am asking whether you support a proposal, the >>>> clarifies that only the legal address of companies will be published >>> not particularly >>> >>> the contract is between the ncc and the registrant; not the community >>> and the registrant. >>> >>> whois (not the irr, which is confuddled with it in the ripe registry) >>> is useless and should die. >>> >>> randy >>> >>> >>> >>> ------------------------------ >>> >>> Message: 3 >>> Date: Mon, 8 Oct 2018 22:50:25 +0100 (WEST) >>> From: Carlos Fria?as <[email protected]> >>> To: "Marcolla, Sara Veronica" <[email protected]> >>> Cc: "'[email protected]'" <[email protected]> >>> Subject: Re: [ncc-services-wg] @EXT: 2018-05 New Policy Proposal >>> (Publication of Legal Address of Internet Number Resource Holder) - >>> updating the proposal? >>> Message-ID: >>> <[email protected]> >>> Content-Type: text/plain; charset=US-ASCII; format=flowed >>> >>> >>> >>> On Mon, 8 Oct 2018, Marcolla, Sara Veronica wrote: >>> >>>> Hi everyone, >>> Greetings, >>> >>> >>>> All the comments exchanged in the list made me thinking a lot about the >>>> wording of this proposal. I have noticed that the lively discussion >>>> around the policy is bringing a lot of attention on the dichotomy >>>> between the individual (which I agree completely, should be protected >>>> in their fundamental rights, with provisions such as the GDPR and >>>> others), and the company/corporation. It seems to me so far that many of >>>> us would indeed support the idea of having the legal address published >>>> of companies, but having concerns about personal data. The aim of this >>>> proposal is indeed to focus on companies, not individuals, and even the >>>> smallest company has to be registered as such (if not for other reasons, >>>> for tax reasons). Individuals will be anyways protected by a >>>> hierarchically higher set of rules: the fundamental rights, such as >>>> those championed by GDPR for example. >>> Well, LIR addresses are already published on the RIPE NCC's website. >>> LIR's customers addresses may not be part of whois.ripe.net... well... >>> i know some LIRs tend to protect their customers identity, to prevent >>> competitors to approach them with better contractual conditions (this is >>> not the case of the LIR i work for, which is a NREN) >>> >>> >>>> At this point I am asking whether you support a proposal, the clarifies >>>> that only the legal address of companies will be published, and that >>>> states clearly that individuals information will be protected? After >>>> all, the reasoning here is that if a resource holder is registered with >>>> a national company registry, they have a legal address which can be >>>> published. This legal address is usually publicly available anyhow and >>>> can be then validated by the RIPE NCC. >>> I see added value in "validation by the RIPE NCC", despite the natural >>> cost this will bring... >>> >>> However, i wonder what should be the procedure if RIPE NCC finds that >>> company X registers a new company Y in a different country/economy >>> resorting to a "virtual office" address. >>> >>> >>>> Looking forward to hear the feedback to this idea for an amendment to the >>>> proposal. >>> Good luck! >>> >>> >>> Best Regards, >>> Carlos >>> >>> >>>> Sara >>>> ******************* >>>> >>>> DISCLAIMER : This message is sent in confidence and is only intended for >>>> the named recipient. If you receive this message by mistake, you may not >>>> use, copy, distribute or forward this message, or any part of its contents >>>> or rely upon the information contained in it. >>>> Please notify the sender immediately by e-mail and delete the relevant >>>> e-mails from any computer. This message does not constitute a commitment >>>> by Europol unless otherwise indicated. >>>> >>>> ******************* >>>> >>>> >>> >>> ------------------------------ >>> >>> Message: 4 >>> Date: Tue, 9 Oct 2018 07:41:15 +0000 >>> From: "Marcolla, Sara Veronica" <[email protected]> >>> To: 'Carlos Fria?as' <[email protected]>, "'[email protected]'" >>> <[email protected]> >>> Subject: [ncc-services-wg] @EXT: RE: 2018-05 New Policy Proposal >>> (Publication of Legal Address of Internet Number Resource Holder) - >>> updating the proposal? >>> Message-ID: >>> <[email protected]> >>> Content-Type: text/plain; charset="iso-8859-1" >>> >>> Hi Carlos, >>> >>> I understand the logic behind the protection of LIRs for competition >>> reasons - however I am positively sure that this right cannot be considered >>> anywhere close to the right to privacy and protection of individuals. >>> >>> Regarding your comment on the company change, I believe that the case of >>> change of holdership should firstly have to pass the existing RIPE NCC due >>> diligence checks for transfers/mergers. It would then still be useful to >>> actually have the legal address of this new company, as it helps to >>> identify the company who is the registered resource holder. >>> >>> Sara >>> >>> -----Original Message----- >>> From: Carlos Fria?as [mailto:[email protected]] >>> Sent: 08 October 2018 23:50 >>> To: Marcolla, Sara Veronica >>> Cc: '[email protected]' >>> Subject: Re: [ncc-services-wg] @EXT: 2018-05 New Policy Proposal >>> (Publication of Legal Address of Internet Number Resource Holder) - >>> updating the proposal? >>> >>> >>> >>> On Mon, 8 Oct 2018, Marcolla, Sara Veronica wrote: >>> >>>> Hi everyone, >>> Greetings, >>> >>> >>>> All the comments exchanged in the list made me thinking a lot about the >>>> wording of this proposal. I have noticed that the lively discussion >>>> around the policy is bringing a lot of attention on the dichotomy >>>> between the individual (which I agree completely, should be protected >>>> in their fundamental rights, with provisions such as the GDPR and >>>> others), and the company/corporation. It seems to me so far that many of >>>> us would indeed support the idea of having the legal address published >>>> of companies, but having concerns about personal data. The aim of this >>>> proposal is indeed to focus on companies, not individuals, and even the >>>> smallest company has to be registered as such (if not for other reasons, >>>> for tax reasons). Individuals will be anyways protected by a >>>> hierarchically higher set of rules: the fundamental rights, such as >>>> those championed by GDPR for example. >>> Well, LIR addresses are already published on the RIPE NCC's website. >>> LIR's customers addresses may not be part of whois.ripe.net... well... >>> i know some LIRs tend to protect their customers identity, to prevent >>> competitors to approach them with better contractual conditions (this is >>> not the case of the LIR i work for, which is a NREN) >>> >>> >>>> At this point I am asking whether you support a proposal, the clarifies >>>> that only the legal address of companies will be published, and that >>>> states clearly that individuals information will be protected? After >>>> all, the reasoning here is that if a resource holder is registered with >>>> a national company registry, they have a legal address which can be >>>> published. This legal address is usually publicly available anyhow and >>>> can be then validated by the RIPE NCC. >>> I see added value in "validation by the RIPE NCC", despite the natural >>> cost this will bring... >>> >>> However, i wonder what should be the procedure if RIPE NCC finds that >>> company X registers a new company Y in a different country/economy >>> resorting to a "virtual office" address. >>> >>> >>>> Looking forward to hear the feedback to this idea for an amendment to the >>>> proposal. >>> Good luck! >>> >>> >>> Best Regards, >>> Carlos >>> >>>> Sara >>>> ******************* >>>> >>>> DISCLAIMER : This message is sent in confidence and is only intended for >>>> the named recipient. If you receive this message by mistake, you may not >>>> use, copy, distribute or forward this message, or any part of its contents >>>> or rely upon the information contained in it. >>>> Please notify the sender immediately by e-mail and delete the relevant >>>> e-mails from any computer. This message does not constitute a commitment >>>> by Europol unless otherwise indicated. >>>> >>>> ******************* >>>> >>>> >>> ******************* >>> >>> DISCLAIMER : This message is sent in confidence and is only intended for >>> the named recipient. If you receive this message by mistake, you may not >>> use, copy, distribute or forward this message, or any part of its contents >>> or rely upon the information contained in it. >>> Please notify the sender immediately by e-mail and delete the relevant >>> e-mails from any computer. This message does not constitute a commitment by >>> Europol unless otherwise indicated. >>> >>> ******************* >>> >>> >>> >>> >>> ------------------------------ >>> >>> Message: 5 >>> Date: Tue, 9 Oct 2018 10:13:48 +0200 >>> From: Nik Soggia <[email protected]> >>> To: "'[email protected]'" <[email protected]> >>> Subject: Re: [ncc-services-wg] @EXT: 2018-05 New Policy Proposal >>> (Publication of Legal Address of Internet Number Resource Holder) - >>> updating the proposal? >>> Message-ID: <[email protected]> >>> Content-Type: text/plain; charset=iso-8859-15; format=flowed >>> >>> Il 08/10/18 17:46, Marcolla, Sara Veronica ha scritto: >>> >>>> After all, the reasoning here is that if a resource holder is registered >>>> with a national company registry, they have a legal address which can be >>>> published. >>> Maybe the key to make everyone happy is the word "can" instead of >>> "must". Why not make it optional? >>> >>> If companies are in good faith or they like the idea then they will use >>> it, and they will also be happy to maintain the data. >>> Otherwise it will be just a waste of time on another >>> wrong/outdated/malicious dataset. >>> How fun it is to check the validity of a validated address? >>> Life is too short, right? >>> >>>> This legal address is usually publicly available anyhow and can be then >>>> validated by the RIPE NCC. >>> Duplicating data instead of referencing it breaks the first database >>> design rule. >>> Companies are forced by law to keep their chamber of commerce data up to >>> date. THAT is the best source of information and it is readily >>> available. Don't reinvent the wheel. >>> >>> This proposal is can of worms: >>> - same data in many places is difficult to maintain and prone to errors >>> - doesn't stop bad actors >>> - quickly provides massive information to data harvesters and scammers >>> >>> In my opinion this proposal is not the right way to identify a resource >>> holder the way you dreamt. >>> It's not a elegant solution and in general I have a bad feeling about >>> it, imagine a blunt tool that not only will make a poor job but also >>> will bring a lot of frustration. >>> >>> Ok for me if it is optional, otherwise I'm against. >>> Regards, >>> >> > ------------------------------ > > Message: 3 > Date: Tue, 09 Oct 2018 09:28:54 -0700 > From: Randy Bush <[email protected]> > To: ROBINOT Stephane DCPJ SDLC <[email protected]> > Cc: [email protected] > Subject: Re: [ncc-services-wg] sara proposal and question to Randy > Message-ID: <[email protected]> > Content-Type: text/plain; charset=US-ASCII > >> To randy, I would like to say that I don't understand what he pmeans by >> "whois is useless and should die". >> As I am new in this group, I might have missed something. Could you >> explain what you mean ? > i already did > > https://www.ripe.net/ripe/mail/archives/db-wg/2018-September/006036.html > > randy > > > > ------------------------------ > > Message: 4 > Date: Tue, 09 Oct 2018 09:33:56 -0700 > From: Randy Bush <[email protected]> > To: ROBINOT Stephane DCPJ SDLC <[email protected]> > Cc: [email protected] > Subject: Re: [ncc-services-wg] sara proposal and question to Randy > Message-ID: <[email protected]> > Content-Type: text/plain; charset=US-ASCII > > and, just to make clear from whence i come, let me quote another old > dog. > > We should not be building surveillance technology into standards. > Law enforcement was not supposed to be easy. Where it is easy, it's > called a police state. -- Jeff Schiller > > i.e., if you want the details of my company's contract with the ncc, > show up in amsterdam with a warrant. > > randy > > > > ------------------------------ > > Message: 5 > Date: Wed, 10 Oct 2018 09:20:07 +0200 > From: ROBINOT Stephane DCPJ SDLC <[email protected]> > To: Randy Bush <[email protected]> > Cc: [email protected] > Subject: [ncc-services-wg] back to randy > Message-ID: <[email protected]> > Content-Type: text/plain; charset="iso-8859-1" > > Hello Randy, > > I think there is a tiny difference between a police state and what is > really happening today within LEA (meaning Police but also prosecutor, > investigative judges...) and the national and international legal > safeguards. > > We are just thinking on how to agree on a common understanding before > some cohercitives actions are to be taken such as seizure of an entire > network within a company. > > In my day to day job, and i'm not saying this universal TRUTH, I have > build relationship with companies that really happy to be informed about > what I'm working on and what is currently running thru their servers, > what, in others countries, could be identified as providing assistance > to a criminal. > > I think that what RGPD is bringing is terrific for the good of all, > including LEA that will have to create partnerships with stakeholders in > order to keep the work done. > > have a nice day. > > > Pour une administration exemplaire, pr?servons l'environnement. > N'imprimons que si n?cessaire. > > -------- Message original -------- > *Sujet: *[INTERNET] Re: [ncc-services-wg] sara proposal and question to > Randy > *De : *Randy Bush <[email protected]> > *Pour : *ROBINOT Stephane DCPJ SDLC <[email protected]> > *Copie ? : *[email protected] > *Date : *09/10/2018 18:33 >> and, just to make clear from whence i come, let me quote another old >> dog. >> >> We should not be building surveillance technology into standards. >> Law enforcement was not supposed to be easy. Where it is easy, it's >> called a police state. -- Jeff Schiller >> >> i.e., if you want the details of my company's contract with the ncc, >> show up in amsterdam with a warrant. >> >> randy > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > <https://lists.ripe.net/ripe/mail/archives/ncc-services-wg/attachments/20181010/0018245e/attachment.html> > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: C:\Users\0693451\Pictures\carte de visite num?rique.jpg > Type: image/jpeg > Size: 54496 bytes > Desc: not available > URL: > <https://lists.ripe.net/ripe/mail/archives/ncc-services-wg/attachments/20181010/0018245e/attachment.jpg> > > End of ncc-services-wg Digest, Vol 79, Issue 5 > **********************************************
