Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Ronald F. Guilmette]

In message , Brian Nisbet  wrote:

>Thank your words on this. I have no problem with occasional intemperance,
>but there is a marked difference between that and some of the repeated
>language and references that have marked some of this thread.
>
>You wish for a line to be drawn at references to babies (and after our
>recent referendum in Ireland, there has been a lot of that), whereas (and I
>don't disagree with you particularly) one of my issues relates to repeated
>use of the term 'shy transvestites' and also the accusations of mental
>illness/disease.

With respect to my use of the term "shy transvestites" I believe that it
was clear, or at the very least, that it should have been clear, to all
readers here, that I have used this particular turn of a phrase merely
as a retorical shorthand for the infinitesimally small... or perhaps even
non-existant... groups of natural persons for whom the application of the
GDPR to WHOIS is alleged to be of some benefit.

Who are these people?  Who are the people who supposedly will benefit
from this absurd and massive upheaval to long established norms on the
Internet?  Even the ardent proponents of the destruction of the open
WHOIS system have failed to identify even a single actual beneficiary
of this massive global change, thus leaving detractors, such as myself,
to speculate about who... other than cybercriminals, lazy/greedy
registrars, and state-sponsored fake new purveyors... will actually
benefit from this change.  In the utter absence of any group of law-
abiding non-financially-motivated natural persons who can be pointed
to as "beneficiaries" of this change, one is forced to try to concoct
some theoretical set of beneficiaries, even just to be able to question
the size of that set and/or the size of the alleged/purported benefit
that will accrue to to them.

The beneficiaries, if any, of the application of GDPR to WHOIS must,
by definition, be some natural persons who (a) need to have their own
domain names and who also (b) have a -reasonable- fear of -serious-
persecution, for their beliefs, for their lifestyles, or for whatever.

For the proponents of applying GDPR to WHOIS, the mere vague possiblity
of some kind of persecution is not enough to make their case.  Nor is
it sufficient to assert a concern about inconsequential types of
persecution.  I, for example, could assert, perhaps even reasonably,
that I am being "persecuted", right here, on this mailing list as a
result of my unpopular and minority viewpoints.  But I would never
claim that this "persecution" of me personally rises to the level where
any planet-wide system of accountability should be thrown out the
window in order to protect me from it.  Nor would I personally ever
even want that.  I am not shy, and I am happy to express my views, in
public, and with my name attached to them.

So, in order to justify the application of GDPR to WHOIS, the proponents
of this global change must be able to point to at least -some- actual
identifiable group of natural persons who -will- materially benefit from
this change.  That group or groups of natural persons, if it exists at
all, must have a reasonable expectation of -material- persecution -and-
they must also lack the intestinal fortitude to stand up, as I and
millions of others do, and publically declare "I am a member of group X
and proud of it!"

So what group of natural persons fits both of the above conditions?

In our modern enlightened era (and with the exception of certain backward
countries, e.g. Russia) merely being gay is not enough to cause one to
experience serious persecution.  Tranvestism, on the other hand, is
still likely to result in material persecution in many parts of the globe.
Despite this, an increasing number of transvestites live openly as such,
and willingly accept the kinds of persecution that are, unfortunately,
heaped upon them as a result of their openness.  So really, it appears
that -at best- the proponents of applying GDPR to WHOIS can -only- claim
that -only- that subset of the world's transvestites who are "shy" (for
lack of a better term) are the beneficiaries of applying GDPR to WHOIS.

If there are any other purported or alleged beneficiaries of the destruction
of the open WHOIS system, then let the proponents of that destruction come
forward now and identify them.  In lieu of such identification, I hope and
believe that we can and should all agree that even the set of -theoretical-
beneficiaries is vanishingly small.

For those who may have missed it, my contention is, and remains, that
the application of GDPR to WHOIS will foster and support dramatically
more spamming and outright cybercrime than currently exists, that the
price of these new ills will fall upon, quite literally, *billions* of
ordinary Internet users, and that, at most, only a few very small and
select handfuls of people are ever likely to derive any benefit whatsoever
from this massive destruction of a reasonable social contract that has

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Brian Nisbet]

Folks,

Right, nobody, right now, is talking about banning anyone.

Can we all please step back from the way this conversation is going and discuss 
the facts around what is happening. Your opinions on governments or groups are 
yours, that's fine, but the discussion is not enhanced by them becoming the 
focus.

Please remember, as I said, that this mailing list is covered by the RIPE 
Community Code of Conduct which is here:

https://www.ripe.net/participate/mail/ripe-mailing-list-ripe-forum-code-of-conduct

I would really prefer if we could ensure that everyone feels welcome to 
participate in discussion on this mailing list. 

Thanks,

Brian
Co-Chair, RIPE AA-WG

Brian Nisbet 
Network Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nis...@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270


> -Original Message-
> From: anti-abuse-wg  On Behalf Of ox
> Sent: Wednesday 30 May 2018 13:59
> To: anti-abuse-wg@ripe.net
> Subject: Re: [anti-abuse-wg] GDPR - positive effects on email abuse
> 
> On Wed, 30 May 2018 13:37:20 +0100
> Malcolm Hutty  wrote:
> 
> > Please stop. This is not helpful.
> >
> 
> so, what you are saying is that I should stop sending email?
> or, whatever my opinions are, has to only be helpful?
> 
> or if you say something, then it has to be accepted?
> 
> I am a human person, I have feelings and when my feelings are insulted, I
> react.  I am not a particularly helpful person.
> 
> 
> 
> But, I do not tell other people, in public, that their opinions are rubbish.
> 
> 
> 
> In fact, I do not recall personally insulting anyone on this list, over many
> years.
> 
> I also do not compare the opinions of other people to evil people in my
> country.
> 
> I am tired of people demanding respect but treating other people like crap.
> 
> I am tired of wolves hiding in sheep clothing.
> 
> I am tired of being quiet.
> 
> I am tired of people twisting words, making up fake news.
> 
> Like you just did Malcolm,
> 
> Simply saying: "accusations that your political opponents abduct babies"
> 
> Without being responsible for your words.
> 
> You should apologise Malcolm, but you will not.
> 
> There is no reason why I should simply accept your word from on high.
> 
> So, ban me from this wg and this email list then. Even though I have not
> abused anyone.
> 
> 
> ban me for taking offense, feeling hurt and speaking the truth.
> 
> 
> Please do that. Show me you can? You know you want to.
> 
> 
> > On 30/05/2018 13:36, ox wrote:
> > > On Wed, 30 May 2018 13:06:57 +0100
> > > Malcolm Hutty  wrote:
> > >>
> > >> But can we please leave out accusations that your political
> > >> opponents abduct babies? That surely crosses the line. The trope
> > >> is, at least,
> > >
> > > there are no accusations of any kind.
> > >
> > > and, to be more clear, nobody said anything about abducting.
> > >
> > > Factually:
> > > https://www.nytimes.com/2018/05/28/us/trump-immigrant-children-
> lost.
> > > html
> > >
> > > The USA does forcefully remove babies from the arms of their
> > > mothers.
> > >
> > > Furthermore: The US Government does "lose"  000 these children.
> > >
> > > This is not accusations. And, mentioning the facts, as they are,
> > > undisputed, does not cross any line.
> > >
> > > And who are 'political opponents' ?
> > >
> > > Please do bother actually reading the argument? or ask if you did
> > > not understand it?
> > >
> > > Simply stating that, in your opinion, there are accusations and
> > > abductions are pathetic in itself as it completely ignores or
> > > addresses the salient fact that Ronald said my opinion is 'rubbish'
> > > and that my opinion is equal to what "Fox" blasts out and "Fox" (by
> > > implication, Republicans, in America states.
> > >
> > > It is my choice to find that offensive as by implication my opinion
> > > equates that which the USA (and Fox) is promoting.
> > >
> > > As it disgusts me, it is an insult and it is offensive.
> > >
> > >
> > >> Older Than Feudalism, and very likely Older Than Dirt, and as
> > >> always raising it serves no purpose other than to demonise one
> > >> group of people and to smear another by association, thereby
> > >> shutting down the conversation. It's not an argument, it's a
> > >> transparent attempt to exclude. Please stop.
> > >>
> > > Please stop what? Speaking the truth?
> > >
> > > Taking offense at people equating my opinions to rubbish?
> > >
> > > Please be more clear in what you are stating Malcolm? What would you
> > > like to stop?
> > >
> > >> More generally, I believe this discussion would be improved if
> > >> people stopped throwing around terms like "European" and
> > >> "Republican" as though they are terms of abuse. Our community is,
> > >> and should be, open to all.
> > >>
> > > Who said anything to the contrary?
> > >
> > > Andre
> > >
> > >
> > >
> >
> >
> 

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[ox]

On Wed, 30 May 2018 13:37:20 +0100
Malcolm Hutty  wrote:

> Please stop. This is not helpful.
> 

so, what you are saying is that I should stop sending email?
or, whatever my opinions are, has to only be helpful?

or if you say something, then it has to be accepted?

I am a human person, I have feelings and when my feelings are insulted,
I react.  I am not a particularly helpful person.



But, I do not tell other people, in public, that their opinions are rubbish.



In fact, I do not recall personally insulting anyone on this list, over
many years.

I also do not compare the opinions of other people to evil people in my
country.

I am tired of people demanding respect but treating other people like
crap.

I am tired of wolves hiding in sheep clothing.

I am tired of being quiet.

I am tired of people twisting words, making up fake news.

Like you just did Malcolm, 

Simply saying: "accusations that your political opponents abduct babies"

Without being responsible for your words.

You should apologise Malcolm, but you will not. 

There is no reason why I should simply accept your word from on high.

So, ban me from this wg and this email list then. Even though I have
not abused anyone.


ban me for taking offense, feeling hurt and speaking the truth.


Please do that. Show me you can? You know you want to. 


> On 30/05/2018 13:36, ox wrote:
> > On Wed, 30 May 2018 13:06:57 +0100
> > Malcolm Hutty  wrote:  
> >>
> >> But can we please leave out accusations that your political
> >> opponents abduct babies? That surely crosses the line. The trope
> >> is, at least,  
> > 
> > there are no accusations of any kind.
> > 
> > and, to be more clear, nobody said anything about abducting.
> > 
> > Factually: 
> > https://www.nytimes.com/2018/05/28/us/trump-immigrant-children-lost.html
> > 
> > The USA does forcefully remove babies from the arms of their
> > mothers.
> > 
> > Furthermore: The US Government does "lose"  000 these children.
> > 
> > This is not accusations. And, mentioning the facts, as they are,
> > undisputed, does not cross any line.
> > 
> > And who are 'political opponents' ? 
> > 
> > Please do bother actually reading the argument? or ask if you did
> > not understand it?
> > 
> > Simply stating that, in your opinion, there are accusations and
> > abductions are pathetic in itself as it completely ignores or
> > addresses the salient fact that Ronald said my opinion is 'rubbish'
> > and that my opinion is equal to what "Fox" blasts out and "Fox" (by
> > implication, Republicans, in America states.
> > 
> > It is my choice to find that offensive as by implication my opinion
> > equates that which the USA (and Fox) is promoting.
> > 
> > As it disgusts me, it is an insult and it is offensive.
> > 
> >   
> >> Older Than Feudalism, and very likely Older Than Dirt, and as
> >> always raising it serves no purpose other than to demonise one
> >> group of people and to smear another by association, thereby
> >> shutting down the conversation. It's not an argument, it's a
> >> transparent attempt to exclude. Please stop.
> >>  
> > Please stop what? Speaking the truth?
> > 
> > Taking offense at people equating my opinions to rubbish?
> > 
> > Please be more clear in what you are stating Malcolm? What would you
> > like to stop?
> >   
> >> More generally, I believe this discussion would be improved if
> >> people stopped throwing around terms like "European" and
> >> "Republican" as though they are terms of abuse. Our community is,
> >> and should be, open to all.
> >>  
> > Who said anything to the contrary?
> > 
> > Andre
> > 
> > 
> >   
> 
> 

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Michele Neylon - Blacknight]

It's also not relevant



--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
http://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/ 
---
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

On 30/05/2018, 13:37, "anti-abuse-wg on behalf of Malcolm Hutty" 
 wrote:

Please stop. This is not helpful.

On 30/05/2018 13:36, ox wrote:
> On Wed, 30 May 2018 13:06:57 +0100
> Malcolm Hutty  wrote:
>>
>> But can we please leave out accusations that your political opponents
>> abduct babies? That surely crosses the line. The trope is, at least,
> 
> there are no accusations of any kind.
> 
> and, to be more clear, nobody said anything about abducting.
> 
> Factually: 
> https://www.nytimes.com/2018/05/28/us/trump-immigrant-children-lost.html
> 
> The USA does forcefully remove babies from the arms of their mothers.
> 
> Furthermore: The US Government does "lose"  000 these children.
> 
> This is not accusations. And, mentioning the facts, as they are,
> undisputed, does not cross any line.
> 
> And who are 'political opponents' ? 
> 
> Please do bother actually reading the argument? or ask if you did not
> understand it?
> 
> Simply stating that, in your opinion, there are accusations and
> abductions are pathetic in itself as it completely ignores or
> addresses the salient fact that Ronald said my opinion is 'rubbish'
> and that my opinion is equal to what "Fox" blasts out and "Fox" (by
> implication, Republicans, in America states.
> 
> It is my choice to find that offensive as by implication my opinion
> equates that which the USA (and Fox) is promoting.
> 
> As it disgusts me, it is an insult and it is offensive.
> 
> 
>> Older Than Feudalism, and very likely Older Than Dirt, and as always
>> raising it serves no purpose other than to demonise one group of
>> people and to smear another by association, thereby shutting down the
>> conversation. It's not an argument, it's a transparent attempt to
>> exclude. Please stop.
>>
> Please stop what? Speaking the truth?
> 
> Taking offense at people equating my opinions to rubbish?
> 
> Please be more clear in what you are stating Malcolm? What would you
> like to stop?
> 
>> More generally, I believe this discussion would be improved if people
>> stopped throwing around terms like "European" and "Republican" as
>> though they are terms of abuse. Our community is, and should be, open
>> to all.
>>
> Who said anything to the contrary?
> 
> Andre
> 
> 
> 


-- 
Malcolm Hutty | tel: +44 20 7645 3523
   Head of Public Affairs | Read the LINX Public Affairs blog
 London Internet Exchange | http://publicaffairs.linx.net/

 London Internet Exchange Ltd
   Monument Place, 24 Monument Street London EC3R 8AJ

 Company Registered in England No. 3137929
   Trinity Court, Trinity Street, Peterborough PE1 1DA

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Brian Nisbet]

Malcolm,

Thank your words on this. I have no problem with occasional intemperance, but 
there is a marked difference between that and some of the repeated language and 
references that have marked some of this thread.

You wish for a line to be drawn at references to babies (and after our recent 
referendum in Ireland, there has been a lot of that), whereas (and I don't 
disagree with you particularly) one of my issues relates to repeated use of the 
term 'shy transvestites' and also the accusations of mental illness/disease.

As I said, occasional intemperance, sure. Heated discussion, grand. However as 
I said I believe this thread has gone past both of those in a number of 
instances and I would ask everyone involved to take a step back and focus on 
the facts of the discussion.

Thanks again,

Brian



Brian Nisbet 
Network Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nis...@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270


> -Original Message-
> From: anti-abuse-wg  On Behalf Of
> Malcolm Hutty
> Sent: Wednesday 30 May 2018 13:07
> To: anti-abuse-wg@ripe.net
> Subject: Re: [anti-abuse-wg] GDPR - positive effects on email abuse
> 
> On 30/05/2018 04:47, it was written:
> > Well, many people. let me start with myself: You claim that my
> > opinions are rubbish and you compare my opinions to those same people
> > (Fox/Republicans) whom:
> >
> > violently take babies away from mommies - yes, at a border Americans
> > grab little babies from the hands of their mothers and take the mommy
> > and the little baby to different "detention" facilities.
> 
> I have been following this thread with great interest, and have found points I
> find persuasive and unpersuasive on both sides.
> 
> It could be said that the thread is wandering off into unproductive 
> theorising,
> but in the circumstances of the advent of GDPR, whether public WHOIS really
> is a necessary or important component of anti-abuse activities seems a broad
> topic worth debating fully. Some light has even been shed on GDPR's
> meaning.
> 
> I also consider myself highly tolerant of passionate and occasionally
> intemperate comments. It seems to me that it is better to have it out, and to
> show the respect of tolerating less well mannered arguments, than to try to
> aggressively police language and so exclude many people from full
> participation in the debate. Usually those that go over the top do more harm
> to their own case than to others, and that has been how I have reacted to
> some of the comments in this thread.
> 
> But can we please leave out accusations that your political opponents abduct
> babies? That surely crosses the line. The trope is, at least, Older Than
> Feudalism, and very likely Older Than Dirt, and as always raising it serves no
> purpose other than to demonise one group of people and to smear another
> by association, thereby shutting down the conversation. It's not an
> argument, it's a transparent attempt to exclude. Please stop.
> 
> More generally, I believe this discussion would be improved if people
> stopped throwing around terms like "European" and "Republican" as though
> they are terms of abuse. Our community is, and should be, open to all.
> 
> Regards,
> 
> Malcolm.
> --
> Malcolm Hutty | tel: +44 20 7645 3523
>Head of Public Affairs | Read the LINX Public Affairs blog  London Internet
> Exchange | http://publicaffairs.linx.net/
> 
>  London Internet Exchange Ltd
>Monument Place, 24 Monument Street London EC3R 8AJ
> 
>  Company Registered in England No. 3137929
>Trinity Court, Trinity Street, Peterborough PE1 1DA

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Malcolm Hutty]

Please stop. This is not helpful.

On 30/05/2018 13:36, ox wrote:
> On Wed, 30 May 2018 13:06:57 +0100
> Malcolm Hutty  wrote:
>>
>> But can we please leave out accusations that your political opponents
>> abduct babies? That surely crosses the line. The trope is, at least,
> 
> there are no accusations of any kind.
> 
> and, to be more clear, nobody said anything about abducting.
> 
> Factually: 
> https://www.nytimes.com/2018/05/28/us/trump-immigrant-children-lost.html
> 
> The USA does forcefully remove babies from the arms of their mothers.
> 
> Furthermore: The US Government does "lose"  000 these children.
> 
> This is not accusations. And, mentioning the facts, as they are,
> undisputed, does not cross any line.
> 
> And who are 'political opponents' ? 
> 
> Please do bother actually reading the argument? or ask if you did not
> understand it?
> 
> Simply stating that, in your opinion, there are accusations and
> abductions are pathetic in itself as it completely ignores or
> addresses the salient fact that Ronald said my opinion is 'rubbish'
> and that my opinion is equal to what "Fox" blasts out and "Fox" (by
> implication, Republicans, in America states.
> 
> It is my choice to find that offensive as by implication my opinion
> equates that which the USA (and Fox) is promoting.
> 
> As it disgusts me, it is an insult and it is offensive.
> 
> 
>> Older Than Feudalism, and very likely Older Than Dirt, and as always
>> raising it serves no purpose other than to demonise one group of
>> people and to smear another by association, thereby shutting down the
>> conversation. It's not an argument, it's a transparent attempt to
>> exclude. Please stop.
>>
> Please stop what? Speaking the truth?
> 
> Taking offense at people equating my opinions to rubbish?
> 
> Please be more clear in what you are stating Malcolm? What would you
> like to stop?
> 
>> More generally, I believe this discussion would be improved if people
>> stopped throwing around terms like "European" and "Republican" as
>> though they are terms of abuse. Our community is, and should be, open
>> to all.
>>
> Who said anything to the contrary?
> 
> Andre
> 
> 
> 


-- 
Malcolm Hutty | tel: +44 20 7645 3523
   Head of Public Affairs | Read the LINX Public Affairs blog
 London Internet Exchange | http://publicaffairs.linx.net/

 London Internet Exchange Ltd
   Monument Place, 24 Monument Street London EC3R 8AJ

 Company Registered in England No. 3137929
   Trinity Court, Trinity Street, Peterborough PE1 1DA

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[ox]

On Wed, 30 May 2018 13:06:57 +0100
Malcolm Hutty  wrote:
> 
> But can we please leave out accusations that your political opponents
> abduct babies? That surely crosses the line. The trope is, at least,

there are no accusations of any kind.

and, to be more clear, nobody said anything about abducting.

Factually: 
https://www.nytimes.com/2018/05/28/us/trump-immigrant-children-lost.html

The USA does forcefully remove babies from the arms of their mothers.

Furthermore: The US Government does "lose"  000 these children.

This is not accusations. And, mentioning the facts, as they are,
undisputed, does not cross any line.

And who are 'political opponents' ? 

Please do bother actually reading the argument? or ask if you did not
understand it?

Simply stating that, in your opinion, there are accusations and
abductions are pathetic in itself as it completely ignores or
addresses the salient fact that Ronald said my opinion is 'rubbish'
and that my opinion is equal to what "Fox" blasts out and "Fox" (by
implication, Republicans, in America states.

It is my choice to find that offensive as by implication my opinion
equates that which the USA (and Fox) is promoting.

As it disgusts me, it is an insult and it is offensive.


> Older Than Feudalism, and very likely Older Than Dirt, and as always
> raising it serves no purpose other than to demonise one group of
> people and to smear another by association, thereby shutting down the
> conversation. It's not an argument, it's a transparent attempt to
> exclude. Please stop.
> 
Please stop what? Speaking the truth?

Taking offense at people equating my opinions to rubbish?

Please be more clear in what you are stating Malcolm? What would you
like to stop?

> More generally, I believe this discussion would be improved if people
> stopped throwing around terms like "European" and "Republican" as
> though they are terms of abuse. Our community is, and should be, open
> to all.
> 
Who said anything to the contrary?

Andre

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Malcolm Hutty]

On 30/05/2018 04:47, it was written:
> Well, many people. let me start with myself: You claim that my opinions
> are rubbish and you compare my opinions to those same people
> (Fox/Republicans) whom:
> 
> violently take babies away from mommies - yes, at a border Americans
> grab little babies from the hands of their mothers and take the mommy
> and the little baby to different "detention" facilities.

I have been following this thread with great interest, and have found
points I find persuasive and unpersuasive on both sides.

It could be said that the thread is wandering off into unproductive
theorising, but in the circumstances of the advent of GDPR, whether
public WHOIS really is a necessary or important component of anti-abuse
activities seems a broad topic worth debating fully. Some light has even
been shed on GDPR's meaning.

I also consider myself highly tolerant of passionate and occasionally
intemperate comments. It seems to me that it is better to have it out,
and to show the respect of tolerating less well mannered arguments, than
to try to aggressively police language and so exclude many people from
full participation in the debate. Usually those that go over the top do
more harm to their own case than to others, and that has been how I have
reacted to some of the comments in this thread.

But can we please leave out accusations that your political opponents
abduct babies? That surely crosses the line. The trope is, at least,
Older Than Feudalism, and very likely Older Than Dirt, and as always
raising it serves no purpose other than to demonise one group of people
and to smear another by association, thereby shutting down the
conversation. It's not an argument, it's a transparent attempt to
exclude. Please stop.

More generally, I believe this discussion would be improved if people
stopped throwing around terms like "European" and "Republican" as though
they are terms of abuse. Our community is, and should be, open to all.

Regards,

Malcolm.
-- 
Malcolm Hutty | tel: +44 20 7645 3523
   Head of Public Affairs | Read the LINX Public Affairs blog
 London Internet Exchange | http://publicaffairs.linx.net/

 London Internet Exchange Ltd
   Monument Place, 24 Monument Street London EC3R 8AJ

 Company Registered in England No. 3137929
   Trinity Court, Trinity Street, Peterborough PE1 1DA

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Vittorio Bertola]

> Il 29 maggio 2018 alle 22.00 "Ronald F. Guilmette"  
> ha scritto:
> As I understand it, the binding contractual obligations which all individual
> domain name registrants have committed to include the requirment to provide
> accurate WHOIS data, with the understanding that this information will be
> published.

It is illegal to require people in a contract to agree to supply or publish 
their data if they want to receive a service, unless you can prove that it 
would not be in any way practically possible to supply the service without 
receiving and/or publishing those data (and I stress: practically, not by 
policy). In this case, you can argue that it is necessary for the users to 
supply their information, for example to be able to pay and get an invoice, but 
publishing it is another matter: there is really no argument to support the 
idea that the DNS cannot technically work without Whois.

So, at this point in time, any contractual clause by anyone (ICANN, registry, 
registrar...) requiring a EU citizen to agree to publish data in Whois is (very 
likely to be) void in Europe.

> Also and similarly, as I understand it, domain name registrars and registries
> (with the exception of the ccTLDs) have all contractually committed themselves
> (to ICANN) to actually publish this data.

And similarly, those provisions are now void in Europe.

> Could someone please explain to me then how these pre-existing contractual
> obligations somehow fall outside of the exception stated in GDPR Art 6 I c?
> 
> In what sense are these pre-existing contractual obligations not "legal
> obligations", as defined, presumably, within the GDPR framework?

Because a "legal obligation" can only be imposed by a law-making body, i.e. the 
European or national parliament. Contracts are not laws, and private parties 
cannot make, change, ignore, grant exemptions from, or enforce laws. Whenever 
you have a public registry in Europe, you have a national or European law that 
creates it, and thus bypasses the privacy laws. So what you should actually do 
is to lobby the European Parliament to pass a regulation that institutes a 
public registry of domain name owners - then it would work.

Regards,
-- 

Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
vittorio.bert...@open-xchange.com
Office @ Via Treviso 12, 10144 Torino, Italy

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

Two parties cannot agree in a contract to take away the privacy right of 
a third. Art 6 I c) only refers to obligations with regulatory power, 
not private agreements.


So if a state my company is subject to makes a valid law that requiresa 
certain type of processing, that is binding. If I am bound by a contract 
with a contract, that is not a valid reason for processing in accordance 
with Art 6 I c). It is really easy, actually...


Volker


Am 29.05.2018 um 22:00 schrieb Ronald F. Guilmette:

In message ,
Volker Greimann  wrote:


If you buy land, there is a legal requirement to get yourself
registered. This legal basis is sufficient grounds for data processing
under the GDPR under Art 6 I c) ("processing is necessary for compliance
with a legal obligation to which the controller is subject").

I am very glad that you have explicitly clarified this exception to the
GDPR rules, as it allows me to ask a question which has, quite frankly,
befuddled me ever since this whole GDPR versus WHOIS lunacy began.

As I understand it, the binding contractual obligations which all individual
domain name registrants have committed to include the requirment to provide
accurate WHOIS data, with the understanding that this information will be
published.

Also and similarly, as I understand it, domain name registrars and registries
(with the exception of the ccTLDs) have all contractually committed themselves
(to ICANN) to actually publish this data.

Could someone please explain to me then how these pre-existing contractual
obligations somehow fall outside of the exception stated in GDPR Art 6 I c?

In what sense are these pre-existing contractual obligations not "legal
obligations", as defined, presumably, within the GDPR framework?


Regards,
rfg



--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.



Should you have any further questions, please do not hesitate to contact us.

Best regards,

Volker A. Greimann
- legal department -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.twitter.com/key_systems

CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

This e-mail and its attachments is intended only for the person to whom it is 
addressed. Furthermore it is not permitted to publish any content of this 
email. You must not use, disclose, copy, print or rely on this e-mail. If an 
addressing or transmission error has misdirected this e-mail, kindly notify the 
author by replying to this e-mail or contacting us by telephone.

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[ox]

Sascha, this is a very good point and the RR is probably very keen on
understanding the issues related to your point, so let us chat about it
please.

If there is a test case about this, it could be taken down to AS level,
and then in which case, the 'complainant' may have other issues as well.

Anyway, as we now all, mostly, agree and understand: No abuse is
possible without an IP number.

IP numbers are public resources that belong to society and currently
these resources are not sold, licensed or supplied but 'assigned'

I would argue that;

As far as these public resources are concerned, the public has a right
to know to whom public resources has been assigned. 

The assignee has a right to data privacy - but when using a public
resource has can have no expectation of privacy as it is a public
resource. 

As the public resources are also used to inter operate with other
public resources, the public therefore has a stronger right to the data
than the owner of the data and in order to be assigned public resources
the data owner would have to assign the ownership of the public
resource data to the RR.

Your point though is very valid and if it was not for the fact that
public resources are used for inter operation and without this inter
operation there would be no network and no data would be able to be
transmitted in itself, the rights to the public data is stronger on the
side of the public. (public = society)

All rights, including privacy, has to be in balance with the responsibility of 
those 
same rights and the rights of others, including society.

Which is why the GDPR has an exception for law enforcement, courts,
etc. 

At worst an exception may also be required for RR or for public resources
at best it will be found that the data in the case of RR is public data
to begin with and the public is the owner thereof.

Andre

On Tue, 29 May 2018 16:54:57 +0100
"Sascha Luck [ml]"  wrote:

> Hi Carlos,
> 
> On Tue, May 29, 2018 at 03:38:08PM +0100, Carlos Friaas wrote:
> >One can argue that a "real abuse contact" related to a DNS domain is 
> >necessary for the contract's performance, no?
> >The same is valid about the contract between RIPE/NCC and LIRs over 
> >assigned IP address space, right?  
> 
> You can argue that - it's the meat of the noyb ./. FB and Google
> cases, aiui. 
> You can also argue that publishing this data without any access
> control is *not* necessary to the operation of the registry and
> therefore access to services can't be made contingent on consent
> to this. I predict there will be a court case over this very
> soon.
> 
> cheers,
> Sascha Luck
> 
> 
> 
> >
> >Cheers,
> >Carlos
> >
> >
> >On Tue, 29 May 2018, Sascha Luck [ml] wrote:
> >  
> >>On Tue, May 29, 2018 at 02:50:09PM +0200, Simon Forster wrote:  
> >>>Would you be able to point to the section of the GDPR which states 
> >>>this? Admission: I have yet to make it to the end of the 88 pages 
> >>>of the act without falling asleep.  
> >>
> >>It derives (also the tenor of NOYB's filing, aiui) from Article
> >>7(4):
> >>
> >>"4. When assessing whether consent is freely given, utmost
> >>account shall be taken of whether, inter alia, the performance of
> >>a contract, including the provision of a service, is conditional
> >>on consent to the processing of personal data that is not
> >>necessary for the performance of that contract."
> >>
> >>http://www.privacy-regulation.eu/en/article-7-conditions-for-consent-GDPR.htm
> >>
> >>cheers,
> >>Sascha Luck
> >>  
> >>>  
> The first case regarding this has already been filed:
> https://www.irishtimes.com/business/technology/max-schrems-files-first-cases-under-gdpr-against-facebook-and-google-1.3508177
> 
>   
> >>>I appreciate a motion has been filed. However, I???d surprised if 
> >>>the case purely revolved around this single point.
> >>>
> >>>It is positive that some of this stuff is going to be tested in 
> >>>court sooner rather than later. Having said that, it may be 
> >>> a day or two  before we get to see a final 
> >>>judgement with no further appeals.
> >>>
> >>>All the best
> >>>
> >>>Simon  
> >>  
> 

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[ox]

On Tue, 29 May 2018 19:43:08 -0700
"Ronald F. Guilmette"  wrote:
> As you personally have leveled the charge, I ask you personally Brian,
> what person, specifically, have I insulted?  What person,
> specifically, has been the alleged victim of my alleged ad hominum?
> 

Well, many people. let me start with myself: You claim that my opinions
are rubbish and you compare my opinions to those same people
(Fox/Republicans) whom:

violently take babies away from mommies - yes, at a border Americans
grab little babies from the hands of their mothers and take the mommy
and the little baby to different "detention" facilities.

and then go on and LOSE the babies, 

in the past some of the children were sold into slavery. 

In America. 

And you compare my opinion, about the EU, to these people?

That is completely unacceptable, insulting and most definately a
perfect example of ad hominum. (and ignorance)

Here is the exchange:
>The EU has truly become a world and global leader in the reclamation of
>individual rights and the free Internet.   
Here on this side of the pond, one usually has to turn on Fox News in
order to be treated to this level of rubbish.
+++

Then, you go on to insult and abuse all Europeans (which also, by the
way, includes me)

You type:

"due to the supreme arogance and idiocy of europeans... europeans who, 
in their religious fervor, have come to view it as their holy obligation to 
foist 
their demented notions onto the rest of the world, whether any of the rest of 
us like it or not."

Now, I am not saying that I did not insult anyone, and for my part, I
do apologise and I did stop.

But your ongoing attacks and personal attacks, here now against Brian
directly, is not only upsetting but is uncalled for and is disgusting.

Andre

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Ronald F. Guilmette]

In message , Brian Nisbet  wrote:

>We understand that you are against the application of GDPR to the ICANN Whois.
>So noted.
>
>However your language below repeatedly goes beyond what I believe is acceptable
>under the RIPE Community Code of Conduct. You are insulting people both
>in broad swathes and specific instances.

That is clearly not the case.  I have insulted no individual and you cannot
show otherwise.

I do take issue... as do numerous polititians -and- a majority of the voters
in the UK... with the absurditities being doled out by unelected European
Council regulators.  To call their unilateral edicts idiotic is actually
an example of admirable restraint on my part.  I could have been, and
arguably should have been considerably more blunt.

>As I said, there is no problem expressing your opinion of any law, proposal
> or idea, but please do so without any ad hominem attacks nor repeated
>references to imagined groups.

Brian, I can only suggest that you refresh your understanding of the term
"ad hominem", which you clearly misapply here.  Google provides a generally
accepted definition:

ad ho.mi.nem
adverb & adjective
adverb: ad hominem; adjective: ad hominem

1.
(of an argument or reaction) directed against a person rather than the
position they are maintaining.
"vicious ad hominem attacks"
2.
relating to or associated with a particular person.
"the office was created ad hominem for Fenton"

As you personally have leveled the charge, I ask you personally Brian,
what person, specifically, have I insulted?  What person, specifically,
has been the alleged victim of my alleged ad hominum?

In this case your objection seems altogether less about my alleged lack of
proper decorum, and altogether more about the fact that you personally
don't agree with the message.

And by the way, none of the following groups, about which I have commented,
are in any sense "imagined":

  domain registrants
  domain registrars
  domain registries
  ICANN
  The European Council

If you believe that any of these groups are illusory, then perhaps you will
be kind enough to explain that view for the benefit and enlightment of all
here.


Regards,
rfg

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Ronald F. Guilmette]

In message <20180529190447.gh99...@cilantro.c4inet.net>, 
"Sascha Luck [ml]"  wrote:

>On Tue, May 29, 2018 at 11:43:03AM -0700, Ronald F. Guilmette wrote:
>>
>
>
>...
>
>Sucks when all the free stuff you've been using to make money
>gets taken away, doesn't it?
>
>LOL,


It is said that he who laughs last laughs best.

The joke is on you, Mr. Luck.  I have never made a dime out of my volunteer
work chasing spammers and cybercriminals off the Internet.

I have no direct personal financial interest in the final dispositions of
the various issues discussed here, unlike you Mr. Luck.


Regards,
rfg

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Ronald F. Guilmette]

In message , 
Volker Greimann  wrote:

>If you buy land, there is a legal requirement to get yourself 
>registered. This legal basis is sufficient grounds for data processing 
>under the GDPR under Art 6 I c) ("processing is necessary for compliance 
>with a legal obligation to which the controller is subject").

I am very glad that you have explicitly clarified this exception to the
GDPR rules, as it allows me to ask a question which has, quite frankly,
befuddled me ever since this whole GDPR versus WHOIS lunacy began.

As I understand it, the binding contractual obligations which all individual
domain name registrants have committed to include the requirment to provide
accurate WHOIS data, with the understanding that this information will be
published.

Also and similarly, as I understand it, domain name registrars and registries
(with the exception of the ccTLDs) have all contractually committed themselves
(to ICANN) to actually publish this data.

Could someone please explain to me then how these pre-existing contractual
obligations somehow fall outside of the exception stated in GDPR Art 6 I c?

In what sense are these pre-existing contractual obligations not "legal
obligations", as defined, presumably, within the GDPR framework?


Regards,
rfg

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Ronald F. Guilmette]

In message <5f2d3eae-bf59-4e61-b17b-bf45f3df0...@consulintel.es>, 
JORDI PALET MARTINEZ  wrote:

>Whois, as everything in the life, has good and bad things.
>
>Against: Privacy invaded. In fact, when you register a new domain and you
>associate a visible email to it, in a matter of hours, you get spam.

This is an entirely specious argument used in an attempt to justify a
ridiculous conclusion.

It's like saying that if one goes out out of one's home, then there is
a finite non-zero chance that one will be run over by a drunk driver,
and that therefore, everyone should stay inside and never leave their
homes.  This "solution" is being offered in place of the obvious one,
i.e. working to identify drunk drivers and then working to get them off
the roads (or equivalently, working to identify spammers and then working
to get them off the Internet, which is what I do).

To be clear, I really don't care if any set of private citizens decide
for themselves, and of their own free will, that they should never leave
their homes in order to avoid ever being run over.  That's their choice
to make.  What I -do- mind is regional governmental bodies, such as the
unelected European Council, dictating to me, and to everyone else on the
planet, European or otherwise, that we all -must- deal with the problem
of drunk drivers by staying inside our homes 24/7.

Just because you Europeans have become infected with some kind of obscure
mental disease that impairs your abilities to think clearly, or to effectively
differentiate reasonable solutions to problems from silly ones, do you
really have to go around *spreading* this disease to the rest of the
world?

(I won't even ask what makes you all think that you have the divine right
to do so.  I doubt that the answer would be any different today than it was
in the year 1095.)


Regards,
rfg

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Sascha Luck [ml]]

On Tue, May 29, 2018 at 11:43:03AM -0700, Ronald F. Guilmette wrote:





...

Sucks when all the free stuff you've been using to make money
gets taken away, doesn't it?

LOL,

Sascha Luck


In message <9d061c1e-2d17-48b1-fc72-3c08026bb...@key-systems.net>,
Volker Greimann  wrote:


Even in those cases, whois is but one tool that helps identify bad
actors by means of violating privacy rights of millions.


I am compelled to point out, once again, the fundamentally demented
nature of this new-fangled "entitlement" insanity that has been invented,
literally out of whole cloth, and within just the past few years by
various self-appointed "privacy advocates" in Europe and elsewhere.

When exactly did it become a part of the UN's Universal Declaration of
Human Rights that everyone on planet earth is entitled to -both- utter
annonymity (and thus also utter un-accountability) -and- their own
Internet domain nanmes?  I guess that I wasn't paying attention that
day.  I didn't get the memo.

I say again that the possession and use of an Internet domain name is
-not- (and never has been) a "right" but rather a privilege... one
that has been, traditionally, and for more than 35 years now, afforded
only to those who were willing to contractually, and of their own free
will, exchange a tiny bit of their anonymity for the distinct and clear
privilege of registering a domain name.

Now however, the brilliant bureaucrats of Brussels... who nobody, even
in the EU voted for, and certainly no one in all of Asia and/or the
entire Western Hemisphere... have unilaterally decided, in their infinite
wisdom, to upend a system of accountability that was working reasonbly
well for over 35 years just so that they could claim that they are
"protecting" a miniscule population of shy transvestites from some
imaginary modern day Stasi.  No proof is or can be offered that this
is either a sensible thing to do, or that it will protect these new,
alleged, and entirely made up "rights" of anyone.

Throwing out bits and pieces of longstanding and reasonable social
contracts, based on nothing at all, leads to clearly ludicrous outcomes.
You Europeans who are not yet beyond being educated may perhaps benefit
from googling for "Michael Rotondo" and then start reading.  This man's
story illustrates, vividly, the final endpoint of the exact same "entitlement"
insanity that has now apparently come to infect the entire global Internet.

It must be stated also that nobody in their right mind would have ever
even entertained the idea of killing off WHOIS, wholesale, except for
the fact that these new GDPR edicts coming out of Brussels played right
into the hands of the greedy oligarchs who these days run the Internet.
The registries, the registrars, and their paid lackeys at ICANN had long
wished to rid themselves of what they view as an unnecessary and unprofitable
business expense, i.e. running the open WHOIS system.  They were thus only
too happy to bend over for Brussels and give up without even putting up a
struggle at all, because they hoped to save themselves the expense of running
WHOIS servers and/or, at the very least, making it more difficult for their
competitors to identify and then poach their respective client bases (as
actually happened, btw, in a notorious case several years ago involving
Register.com).

The arogant idiocy of Brussels, working in tandem with the greed of the
registrars and registries has set back the causes of transparency and
accountability on the Internet not merely by years but literally by decades.
I, for one, sure do hope that there are in fact at least one or two shy
transvestites out there somewhere who are celebrating this outcome,
because for the rest of the planet it is tragedy of epic proportions,
one which shall be recognized by all in the coming years.


And maybe it is time to ensure law enforcement is better equipped to
deal with such issues earlier and faster. Up to now, governments have
been afforded the luxury of being able to underfund such efforts as
others were doing their jobs for them. Maybe this will lead to better
law enforcement and international cooperation.


I cannot help but wonder which pharmaceutical substances, in particular,
are capable of inducing this level of utopian daydreams.  I would very
much like to get ahold of some of that, so that I too could, at least
on the weekends, also inhabit a world where police forces the world over
are so well endowed that cybercrime as we have known it simply ceases to
exist and fades into humankind's collective memory.

It would certainly be enjoyable to be able to take a break from -this-
reality, where police forces the world over, often even by their own
admissions, are increasingly out-matched, out-funded, and out-thought by
the ever increasing plethora of newly invented forms of both online crime
and online political subterfuge.


Regards,
rfg


P.S.  The essential idiocy of applying GDPR to the gobal WHOIS system can
most simply and 

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Ronald F. Guilmette]

In message <9d061c1e-2d17-48b1-fc72-3c08026bb...@key-systems.net>, 
Volker Greimann  wrote:

>Even in those cases, whois is but one tool that helps identify bad 
>actors by means of violating privacy rights of millions.

I am compelled to point out, once again, the fundamentally demented
nature of this new-fangled "entitlement" insanity that has been invented,
literally out of whole cloth, and within just the past few years by
various self-appointed "privacy advocates" in Europe and elsewhere.

When exactly did it become a part of the UN's Universal Declaration of
Human Rights that everyone on planet earth is entitled to -both- utter
annonymity (and thus also utter un-accountability) -and- their own
Internet domain nanmes?  I guess that I wasn't paying attention that
day.  I didn't get the memo.

I say again that the possession and use of an Internet domain name is
-not- (and never has been) a "right" but rather a privilege... one
that has been, traditionally, and for more than 35 years now, afforded
only to those who were willing to contractually, and of their own free
will, exchange a tiny bit of their anonymity for the distinct and clear
privilege of registering a domain name.

Now however, the brilliant bureaucrats of Brussels... who nobody, even 
in the EU voted for, and certainly no one in all of Asia and/or the
entire Western Hemisphere... have unilaterally decided, in their infinite
wisdom, to upend a system of accountability that was working reasonbly
well for over 35 years just so that they could claim that they are
"protecting" a miniscule population of shy transvestites from some
imaginary modern day Stasi.  No proof is or can be offered that this
is either a sensible thing to do, or that it will protect these new,
alleged, and entirely made up "rights" of anyone.

Throwing out bits and pieces of longstanding and reasonable social
contracts, based on nothing at all, leads to clearly ludicrous outcomes.
You Europeans who are not yet beyond being educated may perhaps benefit
from googling for "Michael Rotondo" and then start reading.  This man's
story illustrates, vividly, the final endpoint of the exact same "entitlement"
insanity that has now apparently come to infect the entire global Internet.

It must be stated also that nobody in their right mind would have ever
even entertained the idea of killing off WHOIS, wholesale, except for
the fact that these new GDPR edicts coming out of Brussels played right
into the hands of the greedy oligarchs who these days run the Internet.
The registries, the registrars, and their paid lackeys at ICANN had long
wished to rid themselves of what they view as an unnecessary and unprofitable
business expense, i.e. running the open WHOIS system.  They were thus only
too happy to bend over for Brussels and give up without even putting up a
struggle at all, because they hoped to save themselves the expense of running
WHOIS servers and/or, at the very least, making it more difficult for their
competitors to identify and then poach their respective client bases (as
actually happened, btw, in a notorious case several years ago involving
Register.com).

The arogant idiocy of Brussels, working in tandem with the greed of the
registrars and registries has set back the causes of transparency and
accountability on the Internet not merely by years but literally by decades.
I, for one, sure do hope that there are in fact at least one or two shy
transvestites out there somewhere who are celebrating this outcome,
because for the rest of the planet it is tragedy of epic proportions,
one which shall be recognized by all in the coming years.

>And maybe it is time to ensure law enforcement is better equipped to 
>deal with such issues earlier and faster. Up to now, governments have 
>been afforded the luxury of being able to underfund such efforts as 
>others were doing their jobs for them. Maybe this will lead to better 
>law enforcement and international cooperation.

I cannot help but wonder which pharmaceutical substances, in particular,
are capable of inducing this level of utopian daydreams.  I would very
much like to get ahold of some of that, so that I too could, at least
on the weekends, also inhabit a world where police forces the world over
are so well endowed that cybercrime as we have known it simply ceases to
exist and fades into humankind's collective memory.

It would certainly be enjoyable to be able to take a break from -this-
reality, where police forces the world over, often even by their own
admissions, are increasingly out-matched, out-funded, and out-thought by
the ever increasing plethora of newly invented forms of both online crime
and online political subterfuge.


Regards,
rfg


P.S.  The essential idiocy of applying GDPR to the gobal WHOIS system can
most simply and elegantly be demonstrated by pointing out the non-existance
of answers to the following simple question:

   Other than greedy registrars and registries, cybercriminals, and a select
   

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[ox]

yes, which is why the registrar information on the domain whois are 100%
accurate and all working, valid data.

and no, the resources assigned by the RR, specially the legacy, is not
at all the same thing.

look how much of a battle and uphill struggle it was to even reach consensus 
on validating abuse records in terms of policy in this very wg.

this, is part of the confusion.

and I am not ranting about anything :)

I am simply speaking my mind. Others that experience (or have
experienced) the same type of things that I am speaking of, or will
maybe in the future experience the same type of things, 

will recognise what I am saying and all of us know this:

that we have to do something or we will all be done for.

Andre


On Tue, 29 May 2018 15:38:08 +0100 (WEST)
Carlos Friaças  wrote:

> Hi,
> 
> One can argue that a "real abuse contact" related to a DNS domain is 
> necessary for the contract's performance, no?
> 
> The same is valid about the contract between RIPE/NCC and LIRs over 
> assigned IP address space, right?
> 
> Cheers,
> Carlos
> 
> 
> On Tue, 29 May 2018, Sascha Luck [ml] wrote:
> 
> > On Tue, May 29, 2018 at 02:50:09PM +0200, Simon Forster wrote:  
> >> Would you be able to point to the section of the GDPR which states
> >> this? Admission: I have yet to make it to the end of the 88 pages
> >> of the act without falling asleep.  
> >
> > It derives (also the tenor of NOYB's filing, aiui) from Article
> > 7(4):
> >
> > "4. When assessing whether consent is freely given, utmost
> > account shall be taken of whether, inter alia, the performance of
> > a contract, including the provision of a service, is conditional
> > on consent to the processing of personal data that is not
> > necessary for the performance of that contract."
> >
> > http://www.privacy-regulation.eu/en/article-7-conditions-for-consent-GDPR.htm
> >
> > cheers,
> > Sascha Luck
> >  
> >>   
> >>> The first case regarding this has already been filed:
> >>> https://www.irishtimes.com/business/technology/max-schrems-files-first-cases-under-gdpr-against-facebook-and-google-1.3508177
> >>>  
> >>> 
> >>>   
> >> I appreciate a motion has been filed. However, I???d surprised if
> >> the case purely revolved around this single point.
> >> 
> >> It is positive that some of this stuff is going to be tested in
> >> court sooner rather than later. Having said that, it may be
> >>  a day or two  before we get to see a final
> >> judgement with no further appeals.
> >> 
> >> All the best
> >> 
> >> Simon  
> >  
> 

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

This is another argument often raised, yet it is missing the point of 
the legality of these registers. Yes, there are certain public or 
non-public registers like the land register (public) or the car 
registration register (non-public), but each of these are mandated by 
law. If you buy land, there is a legal requirement to get yourself 
registered. This legal basis is sufficient grounds for data processing 
under the GDPR under Art 6 I c) ("processing is necessary for compliance 
with a legal obligation to which the controller is subject").


But that is exactly the point: No such law exists for IP adresses or 
whois, hence the logic of having these registeres cannot be transferred 
to these services. Now, some countries have such laws and ccTLD 
registries will continue to legally publish whois details for their TLD 
registrations. But most do not, and if they do, these laws are 
specifically tailored to their own TLD.


Volker

Am 29.05.2018 um 16:42 schrieb Ángel González Berdasco:

Volker Greimann wrote:

Hi Simon,

that is a common misconception, but sadly untrue.


As things stand at the moment, the interpretations of GDPR and subsequent 
actions of some large organisations make it likely that fraud and other types 
of malpractice, largely aimed at individual users, will increase.

On the other hand, the amount of spam and abuse directed at new
registrant will be greatly reduced. Balance will be the result.

The stated position "that tool was illegal to begin with as it violated the 
rights to privacy of millions of domain owners” is, at best, misleading. Assuming 
the “tool” being referred to is WHIOS, registrants of domains needed to provide 
information as part of their contract with the registrar. A contractual requirement. 
Perfectly OK pre GDPR, perfectly OK post GDPR.

Sadly untrue, since consent to processing of data that is not strictly
necessary for the performance of the contract post GDPR must be freely
given. If the service is withheld unless consent is provided, that
consent is invalid.
Even before GDPR, the consent for whois was iffy as best.

Don't you have real estate registration in your country that is publicly
accessible? If so, do you think it should now be banned under GDPR (if
in EU)?

I see your point, but it is not *that* clear.

Best regards




--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.



Should you have any further questions, please do not hesitate to contact us.

Best regards,

Volker A. Greimann
- legal department -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.twitter.com/key_systems

CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

This e-mail and its attachments is intended only for the person to whom it is 
addressed. Furthermore it is not permitted to publish any content of this 
email. You must not use, disclose, copy, print or rely on this e-mail. If an 
addressing or transmission error has misdirected this e-mail, kindly notify the 
author by replying to this e-mail or contacting us by telephone.

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Ángel González Berdasco]

Volker Greimann wrote: 
> Hi Simon,
> 
> that is a common misconception, but sadly untrue.
> 
> > As things stand at the moment, the interpretations of GDPR and subsequent 
> > actions of some large organisations make it likely that fraud and other 
> > types of malpractice, largely aimed at individual users, will increase.
> On the other hand, the amount of spam and abuse directed at new 
> registrant will be greatly reduced. Balance will be the result.
> > The stated position "that tool was illegal to begin with as it violated the 
> > rights to privacy of millions of domain owners” is, at best, misleading. 
> > Assuming the “tool” being referred to is WHIOS, registrants of domains 
> > needed to provide information as part of their contract with the registrar. 
> > A contractual requirement. Perfectly OK pre GDPR, perfectly OK post GDPR.
> Sadly untrue, since consent to processing of data that is not strictly 
> necessary for the performance of the contract post GDPR must be freely 
> given. If the service is withheld unless consent is provided, that 
> consent is invalid.
> Even before GDPR, the consent for whois was iffy as best.

Don't you have real estate registration in your country that is publicly
accessible? If so, do you think it should now be banned under GDPR (if
in EU)?

I see your point, but it is not *that* clear.

Best regards


-- 
CERTSI (CERT de Seguridad e Industria) - Spanish Security and Industry Incident 
Response Team
https://www.certsi.es/

PGP Keys: https://www.certsi.es/en/what-is-certsi/pgp-public-keys

--

CERTSI (CERT de Seguridad e Industria) Spanish Security and Industry
Incident Response Team operates under the auspices of the Ministry of
Energy, Tourism and Digital Agenda through the State Secretariat for
Information Society and Digital Agenda, and the Ministry of Interior
through the Security State Secretariat of the Spanish government as a
national CERT.
Our main role is detection, coordination and response of security
incidents that take place on Spanish CI (Critical Infrastructure),
Research and Academic Network (RedIRIS), enterprises and/or citizens.
Also, we act as Spanish national CERT in the role of coordination with
other security teams.

--

Disclaimer:
This message, including any attachments, may contain confidential
information, within the framework of the corporate Security Management
System.
If you are not the intended recipient, please notify the sender and
delete this message without forwarding or retaining a copy, since any
unauthorized use is strictly prohibited by law.

--

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Carlos Friaças]

Hi Jordi,

I guess his point is the mail server, to communicate, needs an IP address. 
Then, that IP address belongs to a netblock, and should be registered 
(also on whois, but on a different database...).


And he is ranting about the lack of abuse contacts related to IP netblocks 
-- unfortunately there are a lot missing or incorrect...


Carlos


On Tue, 29 May 2018, JORDI PALET MARTINEZ via anti-abuse-wg wrote:


Well, we disagree in the definition of abuse maybe?

You can find many definitions of this:

"Spamming is the abuse of electronic messaging systems to send unsolicited bulk 
messages, which are generally undesired"

So, spam is abuse, and I don't need to know IPs to send spam. The mail server 
will use DNS to find them.

Regards,
Jordi



-Mensaje original-
De: anti-abuse-wg  en nombre de ox 

Organización: ox.co.za
Fecha: martes, 29 de mayo de 2018, 15:57
Para: JORDI PALET MARTINEZ via anti-abuse-wg 
Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse


   I am so happy that you are asking this question :)

   This is what causes much confusion with people, including experienced
   netadmins, sysadmins and many very technically advanced people.

   You can use any email address as an example: anti-abuse-wg@ripe.net

   Please think about it for a second:

   How would you go about sending spam to this email address without using
   an IP number?

   It is not possible for Internet abuse to exist - without an IP number.

   So, for this wg : EVERYTHING that is abuse is powered by IP numbers.

   Andre

   On Tue, 29 May 2018 15:51:38 +0200
   JORDI PALET MARTINEZ via anti-abuse-wg  wrote:

   > How come you can't send spam without the IP?
   >
   > I can look for new registered domains, use whois for catching the
   > emails that appear there, and then spam them.
   >
   > This is something that I experience everytime I register a new
   > domain, tons of spams to the whois recently created email contacts.
   >
   > Regards,
   > Jordi
   >
   >
   >
   > -Mensaje original-
   > De: anti-abuse-wg  en nombre de ox
   >  Organización: ox.co.za
   > Fecha: martes, 29 de mayo de 2018, 15:39
   > Para: 
   > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse
   >
   >
   > Please correct me if you think I am wrong:
   >
   > 1.
   > You cannot send spam without an IP number.
   >
   > 2.
   > You cannot do any abuse without an IP number.
   >
   >
   > I can do a whois on any.com or some.eu and have a tech or abuse
   > email address and WORKING registrar contact information.
   >
   > I cannot do a whois on ALL ripe assigned ipv4 resources and get
   > accurate and/or working resource contact information.
   >
   >
   > So, where the problem is - is easy to see, no?
   >
   > Andre
   >
   >
   > On Tue, 29 May 2018 15:12:27 +0200
   > JORDI PALET MARTINEZ via anti-abuse-wg 
   > wrote:
   > > I consider an abuse the fact of collecting emails and sending
   > > spam. Also, if you have a domain, you can see what IPs are
   > > related to it for other kinds of abuses.
   > >
   > > Regards,
   > > Jordi
   > >
   > >
   > >
   >     > -----Mensaje original-
   > > De: anti-abuse-wg  en nombre de
   > > ox  Organización: ox.co.za
   > > Fecha: martes, 29 de mayo de 2018, 14:32
   > > Para: 
   > > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email
   > > abuse
   > >
   > >
   > > Abuse has nothing to do with a domain name.
   > >
   > > Nobody can abuse anyone armed only with a domain name.
   > >
   > > Without using an actual IP number, a domain name can do
   > > nothing.
   > > Protecting the privacy of a domain registrant is absolutely
   > > correct.
   > > The trouble is that network operators are resistant to
   > > accept the responsibility (costs, issues, trouble) of managing
   > > abuse
   > > Even if you do a whois right now, you will find a functional
   > > registrar abuse email address.
   > >
   > > The same cannot yet be said for the resources assigned by
   > > this RR
   > > Andre
   > >
   > >
   > > On Tue, 29 May 2018 14:00:44 +0200
   > > JORDI PALET MARTINEZ via anti-abuse-wg
   > >  wrote:
   > > > Whois, as everything in the life, has good and bad things.
   > > > Against: Privacy invaded. In fact, when you register a new
   > > > domain a

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[ox]

On Tue, 29 May 2018 16:23:13 +0200
Volker Greimann  wrote:

> OK, let'S ban IP numbers then. Clearly they are evil! ;-)
> 

one has to look how certain multinationals are using IP numbers in what they 
see as a war.

spammers also do this, they send legit email from the same IP number as
they pump & dump.

but, a small ISP is easy to block if that ISP ignores abuse complaints.

Google is impossible to block - yet they also ignore abuse complaints.

Outlook.com is impossible to block - yet they are completely oblivious
to abuse complaints.

see?

> 
> Am 29.05.2018 um 16:12 schrieb ox:
> > Jordi,
> >
> > This is a technical statement, it is not a pov (point of view) - it
> > is a simple and salient fact:
> >
> > No abuse on the Internet is possible without an IP number.
> >
> > In your example:
> >
> > the mail server = the IP number.
> >
> > so the abuse originates from the mail server IP number.
> >
> > the DNS = IP number
> >
> > DNS is that service that translates names into numbers, so that you
> > are able to deliver your spam.
> >
> > a domain by itself can do nothing.
> >
> > hth
> >
> > Andre
> >
> >
> > On Tue, 29 May 2018 16:03:41 +0200
> > JORDI PALET MARTINEZ via anti-abuse-wg 
> > wrote: 
> >> Well, we disagree in the definition of abuse maybe?
> >>
> >> You can find many definitions of this:
> >>
> >> "Spamming is the abuse of electronic messaging systems to send
> >> unsolicited bulk messages, which are generally undesired"
> >>
> >> So, spam is abuse, and I don't need to know IPs to send spam. The
> >> mail server will use DNS to find them.
> >>
> >> Regards,
> >> Jordi
> >>   
> >>   
> >>
> >> -Mensaje original-
> >> De: anti-abuse-wg  en nombre de ox
> >>  Organización: ox.co.za
> >> Fecha: martes, 29 de mayo de 2018, 15:57
> >> Para: JORDI PALET MARTINEZ via anti-abuse-wg
> >>  Asunto: Re: [anti-abuse-wg] GDPR -
> >> positive effects on email abuse
> >>
> >>  
> >>  I am so happy that you are asking this question :)
> >>  
> >>  This is what causes much confusion with people, including
> >> experienced netadmins, sysadmins and many very technically advanced
> >> people.
> >>  You can use any email address as an example:
> >> anti-abuse-wg@ripe.net
> >>  Please think about it for a second:
> >>  
> >>  How would you go about sending spam to this email address
> >> without using an IP number?
> >>  
> >>  It is not possible for Internet abuse to exist - without an IP
> >> number.
> >>  So, for this wg : EVERYTHING that is abuse is powered by IP
> >> numbers.
> >>  Andre
> >>  
> >>  On Tue, 29 May 2018 15:51:38 +0200
> >>  JORDI PALET MARTINEZ via anti-abuse-wg
> >>  wrote:  
> >>  > How come you can't send spam without the IP?
> >>  >
> >>  > I can look for new registered domains, use whois for
> >>  > catching the emails that appear there, and then spam them.
> >>  >
> >>  > This is something that I experience everytime I register a
> >>  > new domain, tons of spams to the whois recently created
> >>  > email contacts.
> >>  >
> >>  > Regards,
> >>  > Jordi
> >>  >
> >>  >
> >>  >
> >>  > -Mensaje original-
> >>  > De: anti-abuse-wg  en
> >>  > nombre de ox  Organización: ox.co.za
> >>  > Fecha: martes, 29 de mayo de 2018, 15:39
> >>  > Para: 
> >>  > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email
> >>  > abuse
> >>  >
> >>  >
> >>  > Please correct me if you think I am wrong:
> >>  >
> >>  > 1.
> >>  > You cannot send spam without an IP number.
> >>  >
> >>  > 2.
> >>  > You cannot do any abuse without an IP number.
> >>  >
> >>  >
> >>  > I can do a whois on any.com or some.eu and have a tech
> >>  > or abuse email address and WORKING registrar contact
> >>  > information.
> >>      >
> >>      >     I can

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

OK, let'S ban IP numbers then. Clearly they are evil! ;-)


Am 29.05.2018 um 16:12 schrieb ox:

Jordi,

This is a technical statement, it is not a pov (point of view) - it is a simple 
and salient fact:

No abuse on the Internet is possible without an IP number.

In your example:

the mail server = the IP number.

so the abuse originates from the mail server IP number.

the DNS = IP number

DNS is that service that translates names into numbers, so that you are
able to deliver your spam.

a domain by itself can do nothing.

hth

Andre


On Tue, 29 May 2018 16:03:41 +0200
JORDI PALET MARTINEZ via anti-abuse-wg  wrote:


Well, we disagree in the definition of abuse maybe?

You can find many definitions of this:

"Spamming is the abuse of electronic messaging systems to send
unsolicited bulk messages, which are generally undesired"

So, spam is abuse, and I don't need to know IPs to send spam. The
mail server will use DNS to find them.

Regards,
Jordi
  
  


-Mensaje original-
De: anti-abuse-wg  en nombre de ox
 Organización: ox.co.za
Fecha: martes, 29 de mayo de 2018, 15:57
Para: JORDI PALET MARTINEZ via anti-abuse-wg 
Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse

 
 I am so happy that you are asking this question :)
 
 This is what causes much confusion with people, including

experienced netadmins, sysadmins and many very technically advanced
people.
 You can use any email address as an example:
anti-abuse-wg@ripe.net
 Please think about it for a second:
 
 How would you go about sending spam to this email address without

using an IP number?
 
 It is not possible for Internet abuse to exist - without an IP

number.
 So, for this wg : EVERYTHING that is abuse is powered by IP
numbers.
 Andre
 
 On Tue, 29 May 2018 15:51:38 +0200

 JORDI PALET MARTINEZ via anti-abuse-wg 
wrote:
 > How come you can't send spam without the IP?
 >
 > I can look for new registered domains, use whois for catching
 > the emails that appear there, and then spam them.
 >
 > This is something that I experience everytime I register a new
 > domain, tons of spams to the whois recently created email
 > contacts.
 >
 > Regards,
 > Jordi
 >
 >
 >
 > -Mensaje original-
 > De: anti-abuse-wg  en nombre de
 > ox  Organización: ox.co.za
 > Fecha: martes, 29 de mayo de 2018, 15:39
 > Para: 
 > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email
 > abuse
 >
 >
 > Please correct me if you think I am wrong:
 >
 > 1.
 > You cannot send spam without an IP number.
 >
 > 2.
 > You cannot do any abuse without an IP number.
 >
 >
 > I can do a whois on any.com or some.eu and have a tech or
 > abuse email address and WORKING registrar contact information.
 >
 > I cannot do a whois on ALL ripe assigned ipv4 resources and
 > get accurate and/or working resource contact information.
 >
 >
 > So, where the problem is - is easy to see, no?
 >
 > Andre
 >
 >
 > On Tue, 29 May 2018 15:12:27 +0200
 > JORDI PALET MARTINEZ via anti-abuse-wg
 >  wrote:
 > > I consider an abuse the fact of collecting emails and
 > > sending spam. Also, if you have a domain, you can see
 > > what IPs are related to it for other kinds of abuses.
 > >
 > > Regards,
 > > Jordi
 > >
 > >
 > >
 > > -Mensaje original-----
 >     > De: anti-abuse-wg  en
 > > nombre de ox  Organización: ox.co.za
 > > Fecha: martes, 29 de mayo de 2018, 14:32
 > > Para: 
 > > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on
 > > email abuse
 > >
 > >
 > > Abuse has nothing to do with a domain name.
 > >
 > > Nobody can abuse anyone armed only with a domain name.
 > >
 > > Without using an actual IP number, a domain name can
 > > do nothing.
 > > Protecting the privacy of a domain registrant is
 > > absolutely correct.
 > > The trouble is that network operators are resistant to
 > > accept the responsibility (costs, issues, trouble) of
 > > managing abuse
 > > Even if you do a whois right now, you will find a
 > > functional registrar abuse email address.
 > >
 > > The same cannot yet be said for the resources
  

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[ox]

Jordi,

This is a technical statement, it is not a pov (point of view) - it is a simple 
and salient fact:

No abuse on the Internet is possible without an IP number.

In your example:

the mail server = the IP number.

so the abuse originates from the mail server IP number.

the DNS = IP number

DNS is that service that translates names into numbers, so that you are
able to deliver your spam.

a domain by itself can do nothing.

hth

Andre


On Tue, 29 May 2018 16:03:41 +0200
JORDI PALET MARTINEZ via anti-abuse-wg  wrote:

> Well, we disagree in the definition of abuse maybe?
> 
> You can find many definitions of this:
> 
> "Spamming is the abuse of electronic messaging systems to send
> unsolicited bulk messages, which are generally undesired"
> 
> So, spam is abuse, and I don't need to know IPs to send spam. The
> mail server will use DNS to find them.
> 
> Regards,
> Jordi
>  
>  
> 
> -Mensaje original-
> De: anti-abuse-wg  en nombre de ox
>  Organización: ox.co.za
> Fecha: martes, 29 de mayo de 2018, 15:57
> Para: JORDI PALET MARTINEZ via anti-abuse-wg 
> Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse
> 
> 
> I am so happy that you are asking this question :)
> 
> This is what causes much confusion with people, including
> experienced netadmins, sysadmins and many very technically advanced
> people. 
> You can use any email address as an example:
> anti-abuse-wg@ripe.net 
> Please think about it for a second:
> 
> How would you go about sending spam to this email address without
> using an IP number?
> 
> It is not possible for Internet abuse to exist - without an IP
> number. 
> So, for this wg : EVERYTHING that is abuse is powered by IP
> numbers. 
> Andre
> 
> On Tue, 29 May 2018 15:51:38 +0200
> JORDI PALET MARTINEZ via anti-abuse-wg 
> wrote: 
> > How come you can't send spam without the IP?
> > 
> > I can look for new registered domains, use whois for catching
> > the emails that appear there, and then spam them.
> > 
> > This is something that I experience everytime I register a new
> > domain, tons of spams to the whois recently created email
> > contacts.
> > 
> > Regards,
> > Jordi
> >  
>     >  
>     > 
> > -----Mensaje original-
> > De: anti-abuse-wg  en nombre de
> > ox  Organización: ox.co.za
> > Fecha: martes, 29 de mayo de 2018, 15:39
> > Para: 
> > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email
> > abuse
> > 
> > 
> > Please correct me if you think I am wrong:
> > 
> > 1.
> > You cannot send spam without an IP number.
> > 
> > 2.
> > You cannot do any abuse without an IP number.
> > 
> > 
> > I can do a whois on any.com or some.eu and have a tech or
> > abuse email address and WORKING registrar contact information.
> > 
> > I cannot do a whois on ALL ripe assigned ipv4 resources and
> > get accurate and/or working resource contact information.
> > 
> > 
> > So, where the problem is - is easy to see, no?
> > 
> > Andre
> > 
> > 
> > On Tue, 29 May 2018 15:12:27 +0200
> > JORDI PALET MARTINEZ via anti-abuse-wg
> >  wrote:   
> > > I consider an abuse the fact of collecting emails and
> > > sending spam. Also, if you have a domain, you can see
> > > what IPs are related to it for other kinds of abuses.
> > > 
> > > Regards,
> > > Jordi
> > >  
> > >  
> > > 
> > > -Mensaje original-
> > > De: anti-abuse-wg  en
> > > nombre de ox  Organización: ox.co.za
> > > Fecha: martes, 29 de mayo de 2018, 14:32
> > > Para: 
> > > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on
> > > email abuse
> > > 
> > > 
> > > Abuse has nothing to do with a domain name.
> > > 
> > > Nobody can abuse anyone armed only with a domain name.
> > > 
> > > Without using an actual IP number, a domain name can
> > > do nothing. 
> > > Protecting the priv

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[ox]

now, one has to look at the reasons for the confusion and lack of
clarity on which resources powers abuse on the Internet

you also have to look at who absolutely dominates email on the planet

there are only two organisations that dominate email on the planet.

these same two organisations have never lost market share and day by
day, they continue growing and clawing percentage points out year by year.

they have almost become unstoppable.

they do not play by rules.

they are not nice.

they are not fair.

they want to have 100% and they are using their considerable resources
to achieve year on year growth.

even right now I am under business pressure from these same two
companies.

on the one hand they are aggressively spamming my user base.

on the other hand they are sending a lot of legit email.

all from the same singular ip numbers.

they circumvent my spam rulesets and specifically target delivery.

and they are rinse and repeat for many other independent email
operators.

again: they even use the exact same IP number to attack and to deliver
legit.

complaints? 

whahahaha /dev/nul.


On Tue, 29 May 2018 13:53:16 +
Michele Neylon - Blacknight  wrote:

> Andre
> 
> 1 - yes and no - you need access to an SMTP server. 
> 2 - again - you need access to resources
> 
> I agree however that the domain without anything attached to it can't
> do anything 
> 
> The resources need IPs.. 
> 
> Re: RIPE whois - if there are inaccuracies you can report them to
> RIPE.
> 
> Regards
> 
> Michele
> 
> 
> --
> Mr Michele Neylon
> Blacknight Solutions
> Hosting, Colocation & Domains
> https://www.blacknight.com/
> http://blacknight.blog/
> Intl. +353 (0) 59  9183072
> Direct Dial: +353 (0)59 9183090
> Personal blog: https://michele.blog/
> Some thoughts: https://ceo.hosting/ 
> ---
> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business
> Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.:
> 370845
> 
> On 29/05/2018, 14:39, "anti-abuse-wg on behalf of ox"
>  wrote:
> 
> 
> Please correct me if you think I am wrong:
> 
> 1.
> You cannot send spam without an IP number.
> 
> 2.
> You cannot do any abuse without an IP number.
> 
> 
> I can do a whois on any.com or some.eu and have a tech or abuse
> email address and WORKING registrar contact information.
> 
> I cannot do a whois on ALL ripe assigned ipv4 resources and get
> accurate and/or working resource contact information.
> 
> 
> So, where the problem is - is easy to see, no?
> 
> Andre
> 
> 
> On Tue, 29 May 2018 15:12:27 +0200
> JORDI PALET MARTINEZ via anti-abuse-wg 
> wrote: 
> > I consider an abuse the fact of collecting emails and sending
> > spam. Also, if you have a domain, you can see what IPs are
> > related to it for other kinds of abuses.
> > 
> > Regards,
>     > Jordi
>     >  
>     >  
>     > 
> > -Mensaje original-
> > De: anti-abuse-wg  en nombre de
> > ox  Organización: ox.co.za
> > Fecha: martes, 29 de mayo de 2018, 14:32
> > Para: 
> > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email
> > abuse
> > 
> > 
> > Abuse has nothing to do with a domain name.
> > 
> > Nobody can abuse anyone armed only with a domain name.
> > 
> > Without using an actual IP number, a domain name can do
> > nothing. 
> > Protecting the privacy of a domain registrant is absolutely
> > correct. 
> > The trouble is that network operators are resistant to
> > accept the responsibility (costs, issues, trouble) of managing
> > abuse 
> > Even if you do a whois right now, you will find a functional
> > registrar abuse email address.
> > 
> > The same cannot yet be said for the resources assigned by
> > this RR 
> > Andre
> > 
> > 
> > On Tue, 29 May 2018 14:00:44 +0200
> > JORDI PALET MARTINEZ via anti-abuse-wg
> >  wrote:   
> > > Whois, as everything in the life, has good and bad things.
> > > Against: Privacy invaded. In fact, when you register a new
> > > domain and you associate a visible email to it, in a
> > > matter of hours, you get spam.
> >     > Pro: If it is a real email with humans behind, it
> > > facilitates the resolution of abuse cases.
> > 

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[JORDI PALET MARTINEZ via anti-abuse-wg]

Well, we disagree in the definition of abuse maybe?

You can find many definitions of this:

"Spamming is the abuse of electronic messaging systems to send unsolicited bulk 
messages, which are generally undesired"

So, spam is abuse, and I don't need to know IPs to send spam. The mail server 
will use DNS to find them.

Regards,
Jordi
 
 

-Mensaje original-
De: anti-abuse-wg  en nombre de ox 

Organización: ox.co.za
Fecha: martes, 29 de mayo de 2018, 15:57
Para: JORDI PALET MARTINEZ via anti-abuse-wg 
Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse


I am so happy that you are asking this question :)

This is what causes much confusion with people, including experienced
netadmins, sysadmins and many very technically advanced people.

You can use any email address as an example: anti-abuse-wg@ripe.net

Please think about it for a second:

How would you go about sending spam to this email address without using
an IP number?

It is not possible for Internet abuse to exist - without an IP number.

So, for this wg : EVERYTHING that is abuse is powered by IP numbers.

Andre

On Tue, 29 May 2018 15:51:38 +0200
JORDI PALET MARTINEZ via anti-abuse-wg  wrote:

> How come you can't send spam without the IP?
> 
> I can look for new registered domains, use whois for catching the
> emails that appear there, and then spam them.
> 
> This is something that I experience everytime I register a new
> domain, tons of spams to the whois recently created email contacts.
> 
> Regards,
> Jordi
>  
>  
> 
> -Mensaje original-
> De: anti-abuse-wg  en nombre de ox
>  Organización: ox.co.za
> Fecha: martes, 29 de mayo de 2018, 15:39
    > Para: 
    > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse
> 
> 
> Please correct me if you think I am wrong:
> 
> 1.
> You cannot send spam without an IP number.
> 
> 2.
> You cannot do any abuse without an IP number.
> 
> 
> I can do a whois on any.com or some.eu and have a tech or abuse
> email address and WORKING registrar contact information.
> 
> I cannot do a whois on ALL ripe assigned ipv4 resources and get
> accurate and/or working resource contact information.
> 
> 
> So, where the problem is - is easy to see, no?
> 
> Andre
> 
> 
> On Tue, 29 May 2018 15:12:27 +0200
> JORDI PALET MARTINEZ via anti-abuse-wg 
> wrote: 
> > I consider an abuse the fact of collecting emails and sending
> > spam. Also, if you have a domain, you can see what IPs are
> > related to it for other kinds of abuses.
> > 
> > Regards,
> > Jordi
> >  
> >  
> > 
> > -----Mensaje original-----
> > De: anti-abuse-wg  en nombre de
> > ox  Organización: ox.co.za
> > Fecha: martes, 29 de mayo de 2018, 14:32
> > Para: 
> > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email
> > abuse
> > 
> > 
> > Abuse has nothing to do with a domain name.
> > 
> > Nobody can abuse anyone armed only with a domain name.
> > 
> > Without using an actual IP number, a domain name can do
> > nothing. 
> > Protecting the privacy of a domain registrant is absolutely
> > correct. 
> > The trouble is that network operators are resistant to
> > accept the responsibility (costs, issues, trouble) of managing
> > abuse 
> > Even if you do a whois right now, you will find a functional
> > registrar abuse email address.
> > 
> > The same cannot yet be said for the resources assigned by
> > this RR 
> > Andre
> > 
> > 
> > On Tue, 29 May 2018 14:00:44 +0200
> > JORDI PALET MARTINEZ via anti-abuse-wg
> >  wrote:   
> > > Whois, as everything in the life, has good and bad things.
> > > Against: Privacy invaded. In fact, when you register a new
> > > domain and you associate a visible email to it, in a
> > > matter of hours, you get spam.
> > > Pro: If it is a rea

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[ox]

I am so happy that you are asking this question :)

This is what causes much confusion with people, including experienced
netadmins, sysadmins and many very technically advanced people.

You can use any email address as an example: anti-abuse-wg@ripe.net

Please think about it for a second:

How would you go about sending spam to this email address without using
an IP number?

It is not possible for Internet abuse to exist - without an IP number.

So, for this wg : EVERYTHING that is abuse is powered by IP numbers.

Andre

On Tue, 29 May 2018 15:51:38 +0200
JORDI PALET MARTINEZ via anti-abuse-wg  wrote:

> How come you can't send spam without the IP?
> 
> I can look for new registered domains, use whois for catching the
> emails that appear there, and then spam them.
> 
> This is something that I experience everytime I register a new
> domain, tons of spams to the whois recently created email contacts.
> 
> Regards,
> Jordi
>  
>  
> 
> -Mensaje original-
> De: anti-abuse-wg  en nombre de ox
>  Organización: ox.co.za
> Fecha: martes, 29 de mayo de 2018, 15:39
> Para: 
> Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse
> 
> 
> Please correct me if you think I am wrong:
> 
> 1.
> You cannot send spam without an IP number.
> 
> 2.
> You cannot do any abuse without an IP number.
> 
> 
> I can do a whois on any.com or some.eu and have a tech or abuse
> email address and WORKING registrar contact information.
> 
> I cannot do a whois on ALL ripe assigned ipv4 resources and get
> accurate and/or working resource contact information.
> 
> 
> So, where the problem is - is easy to see, no?
> 
> Andre
> 
> 
> On Tue, 29 May 2018 15:12:27 +0200
> JORDI PALET MARTINEZ via anti-abuse-wg 
> wrote: 
> > I consider an abuse the fact of collecting emails and sending
> > spam. Also, if you have a domain, you can see what IPs are
> > related to it for other kinds of abuses.
> > 
> > Regards,
> > Jordi
> >  
> >  
> > 
>     > -----Mensaje original-----
>     > De: anti-abuse-wg  en nombre de
> > ox  Organización: ox.co.za
> > Fecha: martes, 29 de mayo de 2018, 14:32
> > Para: 
> > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email
> > abuse
> > 
> > 
> > Abuse has nothing to do with a domain name.
> > 
> > Nobody can abuse anyone armed only with a domain name.
> > 
> > Without using an actual IP number, a domain name can do
> > nothing. 
> > Protecting the privacy of a domain registrant is absolutely
> > correct. 
> > The trouble is that network operators are resistant to
> > accept the responsibility (costs, issues, trouble) of managing
> > abuse 
> > Even if you do a whois right now, you will find a functional
> > registrar abuse email address.
> > 
> > The same cannot yet be said for the resources assigned by
> > this RR 
> > Andre
> > 
> > 
> > On Tue, 29 May 2018 14:00:44 +0200
> > JORDI PALET MARTINEZ via anti-abuse-wg
> >  wrote:   
> > > Whois, as everything in the life, has good and bad things.
> > > Against: Privacy invaded. In fact, when you register a new
> > > domain and you associate a visible email to it, in a
> > > matter of hours, you get spam.
> > > Pro: If it is a real email with humans behind, it
>     > > facilitates the resolution of abuse cases.
> > > The balance is always difficult ...
> > > Regards,
> > > Jordi
> >
> > > 
> > > De: anti-abuse-wg  en
> > > nombre de Volker Greimann 
> > > Fecha: martes, 29 de mayo de 2018, 13:49 Para: Suresh
> > > Ramasubramanian ,
> > > "anti-abuse-wg@ripe.net"  Asunto:
> > > Re: [anti-abuse-wg] GDPR - positive effects on email abuse
> > > 
> > >  
> > > 
> > > Even in those cases, whois is but one tool that helps
> > > identify bad actors by means of violating privacy rights
> > > of millions. There are other tools, like DNS traces,
> > > reviews of hosting infrastructures used, etc. all of
> > > which will continue to be 

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Michele Neylon - Blacknight]

Andre

1 - yes and no - you need access to an SMTP server. 
2 - again - you need access to resources

I agree however that the domain without anything attached to it can't do 
anything 

The resources need IPs.. 

Re: RIPE whois - if there are inaccuracies you can report them to RIPE.

Regards

Michele


--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
http://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/ 
---
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

On 29/05/2018, 14:39, "anti-abuse-wg on behalf of ox" 
 wrote:


Please correct me if you think I am wrong:

1.
You cannot send spam without an IP number.

2.
You cannot do any abuse without an IP number.


I can do a whois on any.com or some.eu and have a tech or abuse email
address and WORKING registrar contact information.

I cannot do a whois on ALL ripe assigned ipv4 resources and get
accurate and/or working resource contact information.


So, where the problem is - is easy to see, no?

Andre


On Tue, 29 May 2018 15:12:27 +0200
JORDI PALET MARTINEZ via anti-abuse-wg  wrote:

> I consider an abuse the fact of collecting emails and sending spam.
> Also, if you have a domain, you can see what IPs are related to it
> for other kinds of abuses.
> 
> Regards,
> Jordi
>  
>  
> 
> -Mensaje original-
> De: anti-abuse-wg  en nombre de ox
>  Organización: ox.co.za
> Fecha: martes, 29 de mayo de 2018, 14:32
    > Para: 
    > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse
> 
> 
> Abuse has nothing to do with a domain name.
> 
> Nobody can abuse anyone armed only with a domain name.
> 
> Without using an actual IP number, a domain name can do nothing.
> 
> Protecting the privacy of a domain registrant is absolutely
> correct. 
> The trouble is that network operators are resistant to accept the
> responsibility (costs, issues, trouble) of managing abuse
> 
> Even if you do a whois right now, you will find a functional
> registrar abuse email address.
> 
> The same cannot yet be said for the resources assigned by this RR
> 
> Andre
> 
> 
> On Tue, 29 May 2018 14:00:44 +0200
> JORDI PALET MARTINEZ via anti-abuse-wg 
> wrote: 
> > Whois, as everything in the life, has good and bad things.
> > Against: Privacy invaded. In fact, when you register a new
> > domain and you associate a visible email to it, in a matter of
> > hours, you get spam.
> > Pro: If it is a real email with humans behind, it facilitates
> > the resolution of abuse cases.
> > The balance is always difficult ...
> > Regards,
> > Jordi  
>  
> > 
> > De: anti-abuse-wg  en nombre de
>     > Volker Greimann  Fecha: martes, 29
> > de mayo de 2018, 13:49 Para: Suresh Ramasubramanian
> > , "anti-abuse-wg@ripe.net"
> >  Asunto: Re: [anti-abuse-wg] GDPR -
> > positive effects on email abuse
> > 
> >  
> > 
> > Even in those cases, whois is but one tool that helps identify
> > bad actors by means of violating privacy rights of millions.
> > There are other tools, like DNS traces, reviews of hosting
> > infrastructures used, etc. all of which will continue to be
> > available for the uses you refer to.
> > 
> > And maybe it is time to ensure law enforcement is better
> > equipped to deal with such issues earlier and faster. Up to
> > now, governments have been afforded the luxury of being able to
> > underfund such efforts as others were doing their jobs for
> > them. Maybe this will lead to better law enforcement and
> > international cooperation.
> > 
> > Best,
> > 
> > Volker
> > 
> >  
> > 
> > Am 29.05.2018 um 13:34 schrieb Suresh Ramasubramanian:
> > 
> > This unfortunately is entirely wrong and short sighted
> > 
> >  
> > 
  

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[ox]

Please correct me if you think I am wrong:

1.
You cannot send spam without an IP number.

2.
You cannot do any abuse without an IP number.


I can do a whois on any.com or some.eu and have a tech or abuse email
address and WORKING registrar contact information.

I cannot do a whois on ALL ripe assigned ipv4 resources and get
accurate and/or working resource contact information.


So, where the problem is - is easy to see, no?

Andre


On Tue, 29 May 2018 15:12:27 +0200
JORDI PALET MARTINEZ via anti-abuse-wg  wrote:

> I consider an abuse the fact of collecting emails and sending spam.
> Also, if you have a domain, you can see what IPs are related to it
> for other kinds of abuses.
> 
> Regards,
> Jordi
>  
>  
> 
> -Mensaje original-
> De: anti-abuse-wg  en nombre de ox
>  Organización: ox.co.za
> Fecha: martes, 29 de mayo de 2018, 14:32
> Para: 
> Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse
> 
> 
> Abuse has nothing to do with a domain name.
> 
> Nobody can abuse anyone armed only with a domain name.
> 
> Without using an actual IP number, a domain name can do nothing.
> 
> Protecting the privacy of a domain registrant is absolutely
> correct. 
> The trouble is that network operators are resistant to accept the
> responsibility (costs, issues, trouble) of managing abuse
> 
> Even if you do a whois right now, you will find a functional
> registrar abuse email address.
> 
> The same cannot yet be said for the resources assigned by this RR
> 
> Andre
> 
> 
> On Tue, 29 May 2018 14:00:44 +0200
> JORDI PALET MARTINEZ via anti-abuse-wg 
> wrote: 
> > Whois, as everything in the life, has good and bad things.
> > Against: Privacy invaded. In fact, when you register a new
> > domain and you associate a visible email to it, in a matter of
> > hours, you get spam.
> > Pro: If it is a real email with humans behind, it facilitates
> > the resolution of abuse cases.
> > The balance is always difficult ...
> > Regards,
> > Jordi  
>  
> > 
> > De: anti-abuse-wg  en nombre de
> > Volker Greimann  Fecha: martes, 29
> > de mayo de 2018, 13:49 Para: Suresh Ramasubramanian
> > , "anti-abuse-wg@ripe.net"
> >  Asunto: Re: [anti-abuse-wg] GDPR -
> > positive effects on email abuse
> > 
> >  
> > 
> > Even in those cases, whois is but one tool that helps identify
> > bad actors by means of violating privacy rights of millions.
> > There are other tools, like DNS traces, reviews of hosting
> > infrastructures used, etc. all of which will continue to be
> > available for the uses you refer to.
> > 
> > And maybe it is time to ensure law enforcement is better
> > equipped to deal with such issues earlier and faster. Up to
> > now, governments have been afforded the luxury of being able to
> > underfund such efforts as others were doing their jobs for
> > them. Maybe this will lead to better law enforcement and
> > international cooperation.
> > 
> > Best,
> > 
> > Volker
> > 
> >  
> > 
> > Am 29.05.2018 um 13:34 schrieb Suresh Ramasubramanian:
> > 
> > This unfortunately is entirely wrong and short sighted
> > 
> >  
> > 
> > All security practitioners protect our respective services and
> > networks against a wide variety of threats including malware and
> > phish campaigns.
> > 
> >  
> > 
> > Very few of those go on to be referred to law enforcement and
> > that only after an extensive dossier is built internally to
> > show that the perps in question justify a - frequently cross
> > border - law enforcement action.
> > 
> >  
>     > 
>     > Security and protecting user privacy go hand in hand and I wish
> > more people realised that, and maybe also realised the resource
> > and administrative lconstraints and limits law enforcement is
> > saddled with 
> > 
> >  
> > 
> >  
> > 
> >  
> > 
> > From: anti-abuse-wg  on behalf
> > of Volker Greimann  Sent: Tuesday,
> > May 29, 2018 4:06:18 PM To: anti-abuse-wg@ripe.net
> > Subject: Re: [anti-abuse-wg] GDPR - positive effects on email
> > abuse 
> > 
> >  
> > 
> > Wow, the l

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

Hi Suresh,

I get that and that aspect of the abuse community is providing a 
valuable service. A valuable service that also could be (and now must 
be) provided without access to whois data. Effectively, parts of your 
community have already been working without whois for years in ccTLDs 
where no or limited whois is provided by the registry. If you can fight 
abuse without full whois access under .uk, .io, .eu, .fr, etc etc etc, 
then you can also do it under .com, .net, .info, .whatever.


Learn to do without violating the rights of millions of internet users, 
like many of your colleagues have.


Best,

Volker


Am 29.05.2018 um 13:56 schrieb Suresh Ramasubramanian:
But we are not enforcing any laws, I don’t believe in that other “code 
is law” urban myth either :)


We as a community are protecting our respective  users by blocking 
phish, spam, malware etc.


And occasionally we send a heads up to other networks that are hosting 
or originating such traffic and have a published policy stating that 
they prohibit it.  Here the request is that they enforce their own 
rules and policies.


Where does the question of security practitioners arresting the 
individuals behind these malicious actions arise?


And likewise since when does law enforcement control the mail / 
messaging services, dns and network infrastructure of various 
providers who have to block content for their users or take down 
content that violates their policy?





*From:* anti-abuse-wg  on behalf of 
Volker Greimann 

*Sent:* Tuesday, May 29, 2018 5:20:56 PM
*To:* Michele Neylon - Blacknight; anti-abuse-wg@ripe.net
*Subject:* Re: [anti-abuse-wg] GDPR - positive effects on email abuse
Apologies if I offended anyone.

However I do believe law enforcement itself should be strictly a
government function.

Volker


Am 29.05.2018 um 13:41 schrieb Michele Neylon - Blacknight:
> Volker
>
> I don't think your choice of language is particularly helpful or 
constructive. In fact I think you're being intentionally inflammatory.

>
> Why don't you tone it down a little?
>
> There's no need to use words like:
> "vigilantes" or "rent-a-cops" unless you're simply trying to troll 
people or believe that the anti-abuse community shouldn't exist, which 
by extension would suggest that you want to enable online abuse.

>
> Regards
>
> Michele
>
>
> --
> Mr Michele Neylon
> Blacknight Solutions
> Hosting, Colocation & Domains
> https://www.blacknight.com/
> http://blacknight.blog/
> Intl. +353 (0) 59  9183072
> Direct Dial: +353 (0)59 9183090
> Personal blog: https://michele.blog/
> Some thoughts: https://ceo.hosting/
> ---
> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business 
Park,Sleaty

> Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845
>
> On 29/05/2018, 11:36, "anti-abuse-wg on behalf of Volker Greimann" 
vgreim...@key-systems.net> wrote:

>
>  Wow, the level of narrowmindedness and fearmongering is high 
with this one.

>
>  Crime online will likely not increase due to GDPR. It may be more
>  difficult to detect and take action against due to the loss of 
one tool
>  amongst many, but ultimately that tool was illegal to begin 
with as it

>  violated the rights to privacy of millions of domain owners.
>
>  "Private researchers" and other vigilantes or rent-a-cops will 
indeed
>  have a more difficult time to obtain such data as they will 
finally have

>  to do so by legal means, but then they are in an untenable position
>  anyway, taking upon themselves functions that should be 
fulfilled by

>  actual law enforcement.
>
>  Ultimately, private data if internet users no longer being 
public will
>  lead to better registration data for those with a right to 
access it.
>  Those with no such rights will have to figure out alternate 
routes to do

>  their jobs that does not violate the rights of millions.
>
>  Best,
>
>  Volker
>
>
>
>  Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:
>  > ox  wrote:
>  >
>  >> Firstly I would like to comment that the multinationals and 
their funded trade
>  >> groups (and their lobby orgs) shouted from the rooftops that 
if the GDPR came
>  >> into effect, Internet in the EU would collapse and there 
would be digital doom

>  >> and gloom.
>  > I am not a multinational.  I am an individual volunteer 
anti-abuse researcher.
>  > And yet even -I- have told everyone I know that the 
disappearance of public
>  > WHOIS is and will be an epic catastrophy.  If there was 
cybercrime on the

>  >

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Sascha Luck [ml]]

On Tue, May 29, 2018 at 02:50:09PM +0200, Simon Forster wrote:

Would you be able to point to the section of the GDPR which states this? 
Admission: I have yet to make it to the end of the 88 pages of the act without 
falling asleep.


It derives (also the tenor of NOYB's filing, aiui) from Article
7(4):

"4. When assessing whether consent is freely given, utmost
account shall be taken of whether, inter alia, the performance of
a contract, including the provision of a service, is conditional
on consent to the processing of personal data that is not
necessary for the performance of that contract."

http://www.privacy-regulation.eu/en/article-7-conditions-for-consent-GDPR.htm

cheers,
Sascha Luck




The first case regarding this has already been filed:
https://www.irishtimes.com/business/technology/max-schrems-files-first-cases-under-gdpr-against-facebook-and-google-1.3508177
 


I appreciate a motion has been filed. However, I???d surprised if the case 
purely revolved around this single point.

It is positive that some of this stuff is going to be tested in court sooner rather than 
later. Having said that, it may be  a day or two  before we 
get to see a final judgement with no further appeals.

All the best

Simon

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Simon Forster]

> On 29 May 2018, at 14:28, Sascha Luck [ml]  wrote:
> 
> On Tue, May 29, 2018 at 02:00:22PM +0200, Simon Forster wrote:
>> Publishing that data was perfectly legal pre-GDPR. It _may_ be legal post 
>> GDPR. Until this is tested in court, definitives are just so much posturing. 
>> And the argument is likely to be more nuanced anyway. If I want to register 
>> a domain and am told up front, in clear unambiguous language that the 
>> details I provide will appear in a publicly queryable database as part of 
>> the contract, job done. I may not like it. I may decide that I don’t want to 
>> enter into the contract. And that’s rather the point. Informed consent.
> 
> I think you will find that combining access to a service with
> giving permission to have your data published is *explicitly*
> illegal under GDPR.

Would you be able to point to the section of the GDPR which states this? 
Admission: I have yet to make it to the end of the 88 pages of the act without 
falling asleep.

> The first case regarding this has already been filed: 
> https://www.irishtimes.com/business/technology/max-schrems-files-first-cases-under-gdpr-against-facebook-and-google-1.3508177
>  
> 
I appreciate a motion has been filed. However, I’d surprised if the case purely 
revolved around this single point.

It is positive that some of this stuff is going to be tested in court sooner 
rather than later. Having said that, it may be  a day or two 
 before we get to see a final judgement with no further appeals.

All the best

Simon

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Sascha Luck [ml]]

On Tue, May 29, 2018 at 02:00:22PM +0200, Simon Forster wrote:

Law enforcement doesn't provide anti-virus tools. Law enforcement doesn't offer secure 
transport services for cash and gold. Law enforcement doesn???t provide locks for front doors. 
Private companies provide those services. Your fancifully termed ""Private 
researchers" and other vigilantes or rent-a-cops??? work to provide tools and services to 
enable people to protect themselves from bad actors online, not law enforcement. It is folly 
to remove tools used by these private companies to protect billions without at least some form 
of balanced debate.


Is it also a folly to deny private companies, "private
detectives", vigilantes, and any interested randomers access to
the databases LEOs hold on their citizens? 
Some of those citizens are, inevitably, criminals.


It's easy, if you want my data, state your case and, if you
intend to make money from them, PAY ME.

rgds,
Sascha Luck



Simon



On 29 May 2018, at 12:36, Volker Greimann  wrote:

Wow, the level of narrowmindedness and fearmongering is high with this one.

Crime online will likely not increase due to GDPR. It may be more difficult to 
detect and take action against due to the loss of one tool amongst many, but 
ultimately that tool was illegal to begin with as it violated the rights to 
privacy of millions of domain owners.

"Private researchers" and other vigilantes or rent-a-cops will indeed have a 
more difficult time to obtain such data as they will finally have to do so by legal 
means, but then they are in an untenable position anyway, taking upon themselves 
functions that should be fulfilled by actual law enforcement.

Ultimately, private data if internet users no longer being public will lead to 
better registration data for those with a right to access it. Those with no 
such rights will have to figure out alternate routes to do their jobs that does 
not violate the rights of millions.

Best,

Volker



Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:

ox  wrote:


Firstly I would like to comment that the multinationals and their funded trade
groups (and their lobby orgs) shouted from the rooftops that if the GDPR came
into effect, Internet in the EU would collapse and there would be digital doom
and gloom.

I am not a multinational.  I am an individual volunteer anti-abuse researcher.
And yet even -I- have told everyone I know that the disappearance of public
WHOIS is and will be an epic catastrophy.  If there was cybercrime on the
Internet before, it will be increased, going forward, by tenfold.


How wrong they were (hindsight is perfect - as we can all clearly see)

Be patient.  The change has only just occurred.


The EU has truly become a world and global leader in the reclamation of
individual rights and the free Internet.

Here on this side of the pond, one usually has to turn on Fox News in order
to be treated to this level of rubbish.

The only thing that has happened is that private researchers the world
over have been effectively blinded due to the supreme arogance and idiocy
of europeans... europeans who, in their religious fervor, have come to view
it as their holy obligation to foist their demented notions onto the rest
of the world, whether any of the rest of us like it or not.

Meanwhile the malevolent forces of state-sponsored intrigue and violation
of human rights are and shall remain totally unfettered and unaffected by
GDPR, as they will be the first ones to obtain special exemptions allowing
them to continue to see WHOIS data.  The CIA, NSA, BDN, and FSB are
undoubtedly celebrating the arrival of GDPR, as it further entrenches
their special status at the expense of the great unwashes masses.

Friday was a sad day for both transparency and democracy, but all across
the globe both criminals and statists undoubtedly celebrated it with
toasts of champaign.


Regards,
rfg



--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verf??gung.

Mit freundlichen Gren,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Gesch??ftsf??hrer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur f??r den angegebenen 
Empf??nger bestimmt. Jede Form der Kenntnisgabe, Ver??ffentlichung oder 
Weitergabe an Dritte durch den Empf??nger ist unzul??ssig. Sollte diese 
Nachricht nicht f??r Sie bestimmt sein, so bitten wir Sie, sich mit uns per 
E-Mail oder telefonisch in Verbindung zu setzen.



Should you have any further questions, 

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[ox]

Abuse has nothing to do with a domain name.

Nobody can abuse anyone armed only with a domain name.

Without using an actual IP number, a domain name can do nothing.

Protecting the privacy of a domain registrant is absolutely correct.

The trouble is that network operators are resistant to accept the
responsibility (costs, issues, trouble) of managing abuse

Even if you do a whois right now, you will find a functional registrar
abuse email address.

The same cannot yet be said for the resources assigned by this RR

Andre


On Tue, 29 May 2018 14:00:44 +0200
JORDI PALET MARTINEZ via anti-abuse-wg  wrote:

> Whois, as everything in the life, has good and bad things.
> Against: Privacy invaded. In fact, when you register a new domain and
> you associate a visible email to it, in a matter of hours, you get
> spam.
> Pro: If it is a real email with humans behind, it facilitates the
> resolution of abuse cases.
> The balance is always difficult ...
> Regards,
> Jordi
 
> 
> De: anti-abuse-wg  en nombre de
> Volker Greimann  Fecha: martes, 29 de mayo
> de 2018, 13:49 Para: Suresh Ramasubramanian ,
> "anti-abuse-wg@ripe.net"  Asunto: Re:
> [anti-abuse-wg] GDPR - positive effects on email abuse
> 
>  
> 
> Even in those cases, whois is but one tool that helps identify bad
> actors by means of violating privacy rights of millions. There are
> other tools, like DNS traces, reviews of hosting infrastructures
> used, etc. all of which will continue to be available for the uses
> you refer to.
> 
> And maybe it is time to ensure law enforcement is better equipped to
> deal with such issues earlier and faster. Up to now, governments have
> been afforded the luxury of being able to underfund such efforts as
> others were doing their jobs for them. Maybe this will lead to better
> law enforcement and international cooperation.
> 
> Best,
> 
> Volker
> 
>  
> 
> Am 29.05.2018 um 13:34 schrieb Suresh Ramasubramanian:
> 
> This unfortunately is entirely wrong and short sighted
> 
>  
> 
> All security practitioners protect our respective services and
> networks against a wide variety of threats including malware and
> phish campaigns.
> 
>  
> 
> Very few of those go on to be referred to law enforcement and that
> only after an extensive dossier is built internally to show that the
> perps in question justify a - frequently cross border - law
> enforcement action.
> 
>  
> 
> Security and protecting user privacy go hand in hand and I wish more
> people realised that, and maybe also realised the resource and
> administrative lconstraints and limits law enforcement is saddled
> with 
> 
>  
> 
>  
> 
>  
> 
> From: anti-abuse-wg  on behalf of
> Volker Greimann  Sent: Tuesday, May 29,
> 2018 4:06:18 PM To: anti-abuse-wg@ripe.net
> Subject: Re: [anti-abuse-wg] GDPR - positive effects on email abuse 
> 
>  
> 
> Wow, the level of narrowmindedness and fearmongering is high with
> this one.
> 
> Crime online will likely not increase due to GDPR. It may be more 
> difficult to detect and take action against due to the loss of one
> tool amongst many, but ultimately that tool was illegal to begin with
> as it violated the rights to privacy of millions of domain owners.
> 
> "Private researchers" and other vigilantes or rent-a-cops will indeed 
> have a more difficult time to obtain such data as they will finally
> have to do so by legal means, but then they are in an untenable
> position anyway, taking upon themselves functions that should be
> fulfilled by actual law enforcement.
> 
> Ultimately, private data if internet users no longer being public
> will lead to better registration data for those with a right to
> access it. Those with no such rights will have to figure out
> alternate routes to do their jobs that does not violate the rights of
> millions.
> 
> Best,
> 
> Volker
> 
> 
> 
> Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:
> > ox  wrote:
> >  
> >> Firstly I would like to comment that the multinationals and their
> >> funded trade groups (and their lobby orgs) shouted from the
> >> rooftops that if the GDPR came into effect, Internet in the EU
> >> would collapse and there would be digital doom and gloom.  
> > I am not a multinational.  I am an individual volunteer anti-abuse
> > researcher. And yet even -I- have told everyone I know that the
> > disappearance of public WHOIS is and will be an epic catastrophy.
> > If there was cybercrime on the Internet before, it will be
> > increased, going forward, by tenfold. 
> >> How wrong they were (hindsight is perfect - as we can all clearly
> >> see)  

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Sascha Luck [ml]]

On Tue, May 29, 2018 at 02:00:22PM +0200, Simon Forster wrote:

Publishing that data was perfectly legal pre-GDPR. It _may_ be legal post GDPR. 
Until this is tested in court, definitives are just so much posturing. And the 
argument is likely to be more nuanced anyway. If I want to register a domain 
and am told up front, in clear unambiguous language that the details I provide 
will appear in a publicly queryable database as part of the contract, job done. 
I may not like it. I may decide that I don???t want to enter into the contract. 
And that???s rather the point. Informed consent.


I think you will find that combining access to a service with
giving permission to have your data published is *explicitly*
illegal under GDPR.
The first case regarding this has already been filed: 


https://www.irishtimes.com/business/technology/max-schrems-files-first-cases-under-gdpr-against-facebook-and-google-1.3508177

So, one way or the other, there should be some legal clarity
there soon.

rgds,
Sascha Luck




Simon



On 29 May 2018, at 12:36, Volker Greimann  wrote:

Wow, the level of narrowmindedness and fearmongering is high with this one.

Crime online will likely not increase due to GDPR. It may be more difficult to 
detect and take action against due to the loss of one tool amongst many, but 
ultimately that tool was illegal to begin with as it violated the rights to 
privacy of millions of domain owners.

"Private researchers" and other vigilantes or rent-a-cops will indeed have a 
more difficult time to obtain such data as they will finally have to do so by legal 
means, but then they are in an untenable position anyway, taking upon themselves 
functions that should be fulfilled by actual law enforcement.

Ultimately, private data if internet users no longer being public will lead to 
better registration data for those with a right to access it. Those with no 
such rights will have to figure out alternate routes to do their jobs that does 
not violate the rights of millions.

Best,

Volker



Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:

ox  wrote:


Firstly I would like to comment that the multinationals and their funded trade
groups (and their lobby orgs) shouted from the rooftops that if the GDPR came
into effect, Internet in the EU would collapse and there would be digital doom
and gloom.

I am not a multinational.  I am an individual volunteer anti-abuse researcher.
And yet even -I- have told everyone I know that the disappearance of public
WHOIS is and will be an epic catastrophy.  If there was cybercrime on the
Internet before, it will be increased, going forward, by tenfold.


How wrong they were (hindsight is perfect - as we can all clearly see)

Be patient.  The change has only just occurred.


The EU has truly become a world and global leader in the reclamation of
individual rights and the free Internet.

Here on this side of the pond, one usually has to turn on Fox News in order
to be treated to this level of rubbish.

The only thing that has happened is that private researchers the world
over have been effectively blinded due to the supreme arogance and idiocy
of europeans... europeans who, in their religious fervor, have come to view
it as their holy obligation to foist their demented notions onto the rest
of the world, whether any of the rest of us like it or not.

Meanwhile the malevolent forces of state-sponsored intrigue and violation
of human rights are and shall remain totally unfettered and unaffected by
GDPR, as they will be the first ones to obtain special exemptions allowing
them to continue to see WHOIS data.  The CIA, NSA, BDN, and FSB are
undoubtedly celebrating the arrival of GDPR, as it further entrenches
their special status at the expense of the great unwashes masses.

Friday was a sad day for both transparency and democracy, but all across
the globe both criminals and statists undoubtedly celebrated it with
toasts of champaign.


Regards,
rfg



--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verf??gung.

Mit freundlichen Gren,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Gesch??ftsf??hrer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur f??r den angegebenen 
Empf??nger bestimmt. Jede Form der Kenntnisgabe, Ver??ffentlichung oder 
Weitergabe an Dritte durch den Empf??nger ist unzul??ssig. Sollte diese 
Nachricht nicht f??r Sie bestimmt sein, so bitten wir Sie, sich mit uns per 
E-Mail oder telefonisch in Verbindung zu setzen.

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Simon Forster]

There is a balanced discussion to be had here but unfortunately it too quickly 
dissolves into acrimonious “shouting”. Volker's email expressing one side in a 
somewhat antagonistic fashion being a good example of the “shouting".

As things stand at the moment, the interpretations of GDPR and subsequent 
actions of some large organisations make it likely that fraud and other types 
of malpractice, largely aimed at individual users, will increase.

The stated position "that tool was illegal to begin with as it violated the 
rights to privacy of millions of domain owners” is, at best, misleading. 
Assuming the “tool” being referred to is WHIOS, registrants of domains needed 
to provide information as part of their contract with the registrar. A 
contractual requirement. Perfectly OK pre GDPR, perfectly OK post GDPR.

Publishing that data was perfectly legal pre-GDPR. It _may_ be legal post GDPR. 
Until this is tested in court, definitives are just so much posturing. And the 
argument is likely to be more nuanced anyway. If I want to register a domain 
and am told up front, in clear unambiguous language that the details I provide 
will appear in a publicly queryable database as part of the contract, job done. 
I may not like it. I may decide that I don’t want to enter into the contract. 
And that’s rather the point. Informed consent.

Law enforcement doesn't provide anti-virus tools. Law enforcement doesn't offer 
secure transport services for cash and gold. Law enforcement doesn’t provide 
locks for front doors. Private companies provide those services. Your 
fancifully termed ""Private researchers" and other vigilantes or rent-a-cops” 
work to provide tools and services to enable people to protect themselves from 
bad actors online, not law enforcement. It is folly to remove tools used by 
these private companies to protect billions without at least some form of 
balanced debate.

At ICANN, Puerto Rico, one member of a public interest board put it quite well 
when he stated that when it comes to protecting the interests of a few million 
(domain owners) versus protecting the interests of a few billion (internet 
users), he’d always come done on the side of the billions. I agree with the 
sentiment.

Simon


> On 29 May 2018, at 12:36, Volker Greimann  wrote:
> 
> Wow, the level of narrowmindedness and fearmongering is high with this one.
> 
> Crime online will likely not increase due to GDPR. It may be more difficult 
> to detect and take action against due to the loss of one tool amongst many, 
> but ultimately that tool was illegal to begin with as it violated the rights 
> to privacy of millions of domain owners.
> 
> "Private researchers" and other vigilantes or rent-a-cops will indeed have a 
> more difficult time to obtain such data as they will finally have to do so by 
> legal means, but then they are in an untenable position anyway, taking upon 
> themselves functions that should be fulfilled by actual law enforcement.
> 
> Ultimately, private data if internet users no longer being public will lead 
> to better registration data for those with a right to access it. Those with 
> no such rights will have to figure out alternate routes to do their jobs that 
> does not violate the rights of millions.
> 
> Best,
> 
> Volker
> 
> 
> 
> Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:
>> ox  wrote:
>> 
>>> Firstly I would like to comment that the multinationals and their funded 
>>> trade
>>> groups (and their lobby orgs) shouted from the rooftops that if the GDPR 
>>> came
>>> into effect, Internet in the EU would collapse and there would be digital 
>>> doom
>>> and gloom.
>> I am not a multinational.  I am an individual volunteer anti-abuse 
>> researcher.
>> And yet even -I- have told everyone I know that the disappearance of public
>> WHOIS is and will be an epic catastrophy.  If there was cybercrime on the
>> Internet before, it will be increased, going forward, by tenfold.
>> 
>>> How wrong they were (hindsight is perfect - as we can all clearly see)
>> Be patient.  The change has only just occurred.
>> 
>>> The EU has truly become a world and global leader in the reclamation of
>>> individual rights and the free Internet.
>> Here on this side of the pond, one usually has to turn on Fox News in order
>> to be treated to this level of rubbish.
>> 
>> The only thing that has happened is that private researchers the world
>> over have been effectively blinded due to the supreme arogance and idiocy
>> of europeans... europeans who, in their religious fervor, have come to view
>> it as their holy obligation to foist their demented notions onto the rest
>> of the world, whether any of the rest of us like it or not.
>> 
>> Meanwhile the malevolent forces of state-sponsored intrigue and violation
>> of human rights are and shall remain totally unfettered and unaffected by
>> GDPR, as they will be the first ones to obtain special exemptions allowing
>> them to continue to see WHOIS data.  The CIA, 

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[JORDI PALET MARTINEZ via anti-abuse-wg]

Whois, as everything in the life, has good and bad things.

 

Against: Privacy invaded. In fact, when you register a new domain and you 
associate a visible email to it, in a matter of hours, you get spam.

 

Pro: If it is a real email with humans behind, it facilitates the resolution of 
abuse cases.

 

The balance is always difficult ...


Regards,

Jordi

 

 

 

De: anti-abuse-wg  en nombre de Volker Greimann 

Fecha: martes, 29 de mayo de 2018, 13:49
Para: Suresh Ramasubramanian , "anti-abuse-wg@ripe.net" 

Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse

 

Even in those cases, whois is but one tool that helps identify bad actors by 
means of violating privacy rights of millions. There are other tools, like DNS 
traces, reviews of hosting infrastructures used, etc. all of which will 
continue to be available for the uses you refer to.

And maybe it is time to ensure law enforcement is better equipped to deal with 
such issues earlier and faster. Up to now, governments have been afforded the 
luxury of being able to underfund such efforts as others were doing their jobs 
for them. Maybe this will lead to better law enforcement and international 
cooperation.

Best,

Volker

 

Am 29.05.2018 um 13:34 schrieb Suresh Ramasubramanian:

This unfortunately is entirely wrong and short sighted

 

All security practitioners protect our respective services and networks against 
a wide variety of threats including malware and phish campaigns.

 

Very few of those go on to be referred to law enforcement and that only after 
an extensive dossier is built internally to show that the perps in question 
justify a - frequently cross border - law enforcement action.

 

Security and protecting user privacy go hand in hand and I wish more people 
realised that, and maybe also realised the resource and administrative 
lconstraints and limits law enforcement is saddled with 

 

 

 

From: anti-abuse-wg  on behalf of Volker 
Greimann 
Sent: Tuesday, May 29, 2018 4:06:18 PM
To: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] GDPR - positive effects on email abuse 

 

Wow, the level of narrowmindedness and fearmongering is high with this one.

Crime online will likely not increase due to GDPR. It may be more 
difficult to detect and take action against due to the loss of one tool 
amongst many, but ultimately that tool was illegal to begin with as it 
violated the rights to privacy of millions of domain owners.

"Private researchers" and other vigilantes or rent-a-cops will indeed 
have a more difficult time to obtain such data as they will finally have 
to do so by legal means, but then they are in an untenable position 
anyway, taking upon themselves functions that should be fulfilled by 
actual law enforcement.

Ultimately, private data if internet users no longer being public will 
lead to better registration data for those with a right to access it. 
Those with no such rights will have to figure out alternate routes to do 
their jobs that does not violate the rights of millions.

Best,

Volker



Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:
> ox  wrote:
>
>> Firstly I would like to comment that the multinationals and their funded 
>> trade
>> groups (and their lobby orgs) shouted from the rooftops that if the GDPR came
>> into effect, Internet in the EU would collapse and there would be digital 
>> doom
>> and gloom.
> I am not a multinational.  I am an individual volunteer anti-abuse researcher.
> And yet even -I- have told everyone I know that the disappearance of public
> WHOIS is and will be an epic catastrophy.  If there was cybercrime on the
> Internet before, it will be increased, going forward, by tenfold.
>
>> How wrong they were (hindsight is perfect - as we can all clearly see)
> Be patient.  The change has only just occurred.
>
>> The EU has truly become a world and global leader in the reclamation of
>> individual rights and the free Internet.
> Here on this side of the pond, one usually has to turn on Fox News in order
> to be treated to this level of rubbish.
>
> The only thing that has happened is that private researchers the world
> over have been effectively blinded due to the supreme arogance and idiocy
> of europeans... europeans who, in their religious fervor, have come to view
> it as their holy obligation to foist their demented notions onto the rest
> of the world, whether any of the rest of us like it or not.
>
> Meanwhile the malevolent forces of state-sponsored intrigue and violation
> of human rights are and shall remain totally unfettered and unaffected by
> GDPR, as they will be the first ones to obtain special exemptions allowing
> them to continue to see WHOIS data.  The CIA, NSA, BDN, and FSB are
> undoubtedly celebrating the arrival of GDPR, as it further entrenches
> their special status at the expense 

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Suresh Ramasubramanian]

But we are not enforcing any laws, I don’t believe in that other “code is law” 
urban myth either :)

We as a community are protecting our respective  users by blocking phish, spam, 
malware etc.

And occasionally we send a heads up to other networks that are hosting or 
originating such traffic and have a published policy stating that they prohibit 
it.  Here the request is that they enforce their own rules and policies.

Where does the question of security practitioners arresting the individuals 
behind these malicious actions arise?

And likewise since when does law enforcement control the mail / messaging 
services, dns and network infrastructure of various providers who have to block 
content for their users or take down content that violates their policy?




From: anti-abuse-wg  on behalf of Volker 
Greimann 
Sent: Tuesday, May 29, 2018 5:20:56 PM
To: Michele Neylon - Blacknight; anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] GDPR - positive effects on email abuse

Apologies if I offended anyone.

However I do believe law enforcement itself should be strictly a
government function.

Volker


Am 29.05.2018 um 13:41 schrieb Michele Neylon - Blacknight:
> Volker
>
> I don't think your choice of language is particularly helpful or 
> constructive. In fact I think you're being intentionally inflammatory.
>
> Why don't you tone it down a little?
>
> There's no need to use words like:
> "vigilantes" or "rent-a-cops" unless you're simply trying to troll people or 
> believe that the anti-abuse community shouldn't exist, which by extension 
> would suggest that you want to enable online abuse.
>
> Regards
>
> Michele
>
>
> --
> Mr Michele Neylon
> Blacknight Solutions
> Hosting, Colocation & Domains
> https://www.blacknight.com/
> http://blacknight.blog/
> Intl. +353 (0) 59  9183072
> Direct Dial: +353 (0)59 9183090
> Personal blog: https://michele.blog/
> Some thoughts: https://ceo.hosting/
> ---
> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
> Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845
>
> On 29/05/2018, 11:36, "anti-abuse-wg on behalf of Volker Greimann" 
>  wrote:
>
>  Wow, the level of narrowmindedness and fearmongering is high with this 
> one.
>
>  Crime online will likely not increase due to GDPR. It may be more
>  difficult to detect and take action against due to the loss of one tool
>  amongst many, but ultimately that tool was illegal to begin with as it
>  violated the rights to privacy of millions of domain owners.
>
>  "Private researchers" and other vigilantes or rent-a-cops will indeed
>  have a more difficult time to obtain such data as they will finally have
>  to do so by legal means, but then they are in an untenable position
>  anyway, taking upon themselves functions that should be fulfilled by
>  actual law enforcement.
>
>  Ultimately, private data if internet users no longer being public will
>  lead to better registration data for those with a right to access it.
>  Those with no such rights will have to figure out alternate routes to do
>  their jobs that does not violate the rights of millions.
>
>  Best,
>
>  Volker
>
>
>
>  Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:
>  > ox  wrote:
>  >
>  >> Firstly I would like to comment that the multinationals and their 
> funded trade
>  >> groups (and their lobby orgs) shouted from the rooftops that if the 
> GDPR came
>  >> into effect, Internet in the EU would collapse and there would be 
> digital doom
>  >> and gloom.
>  > I am not a multinational.  I am an individual volunteer anti-abuse 
> researcher.
>  > And yet even -I- have told everyone I know that the disappearance of 
> public
>  > WHOIS is and will be an epic catastrophy.  If there was cybercrime on 
> the
>  > Internet before, it will be increased, going forward, by tenfold.
>  >
>  >> How wrong they were (hindsight is perfect - as we can all clearly see)
>  > Be patient.  The change has only just occurred.
>  >
>  >> The EU has truly become a world and global leader in the reclamation 
> of
>  >> individual rights and the free Internet.
>  > Here on this side of the pond, one usually has to turn on Fox News in 
> order
>  > to be treated to this level of rubbish.
>  >
>  > The only thing that has happened is that private researchers the world
>  > over have been effectively blinded due to the supreme arog

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Suresh Ramasubramanian]

It seems to be a very popular meme right along with “we are not the internet 
police”. Or maybe that old saw about the internet interpreting censorship as 
damage and routing around it.

Like several other popular memes and urban legends variants of this one have 
been around over the years so much so that there’s probably a faq out there on 
snopes for these.


From: anti-abuse-wg  on behalf of Michele 
Neylon - Blacknight 
Sent: Tuesday, May 29, 2018 5:11:20 PM
To: Volker Greimann; anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] GDPR - positive effects on email abuse

Volker

I don't think your choice of language is particularly helpful or constructive. 
In fact I think you're being intentionally inflammatory.

Why don't you tone it down a little?

There's no need to use words like:
"vigilantes" or "rent-a-cops" unless you're simply trying to troll people or 
believe that the anti-abuse community shouldn't exist, which by extension would 
suggest that you want to enable online abuse.

Regards

Michele


--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
http://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
---
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

On 29/05/2018, 11:36, "anti-abuse-wg on behalf of Volker Greimann" 
 wrote:

Wow, the level of narrowmindedness and fearmongering is high with this one.

Crime online will likely not increase due to GDPR. It may be more
difficult to detect and take action against due to the loss of one tool
amongst many, but ultimately that tool was illegal to begin with as it
violated the rights to privacy of millions of domain owners.

"Private researchers" and other vigilantes or rent-a-cops will indeed
have a more difficult time to obtain such data as they will finally have
to do so by legal means, but then they are in an untenable position
anyway, taking upon themselves functions that should be fulfilled by
actual law enforcement.

Ultimately, private data if internet users no longer being public will
lead to better registration data for those with a right to access it.
Those with no such rights will have to figure out alternate routes to do
their jobs that does not violate the rights of millions.

Best,

Volker



Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:
> ox  wrote:
>
>> Firstly I would like to comment that the multinationals and their funded 
trade
>> groups (and their lobby orgs) shouted from the rooftops that if the GDPR 
came
>> into effect, Internet in the EU would collapse and there would be 
digital doom
>> and gloom.
> I am not a multinational.  I am an individual volunteer anti-abuse 
researcher.
> And yet even -I- have told everyone I know that the disappearance of 
public
> WHOIS is and will be an epic catastrophy.  If there was cybercrime on the
> Internet before, it will be increased, going forward, by tenfold.
>
>> How wrong they were (hindsight is perfect - as we can all clearly see)
> Be patient.  The change has only just occurred.
>
>> The EU has truly become a world and global leader in the reclamation of
>> individual rights and the free Internet.
> Here on this side of the pond, one usually has to turn on Fox News in 
order
> to be treated to this level of rubbish.
>
> The only thing that has happened is that private researchers the world
> over have been effectively blinded due to the supreme arogance and idiocy
> of europeans... europeans who, in their religious fervor, have come to 
view
> it as their holy obligation to foist their demented notions onto the rest
> of the world, whether any of the rest of us like it or not.
>
> Meanwhile the malevolent forces of state-sponsored intrigue and violation
> of human rights are and shall remain totally unfettered and unaffected by
> GDPR, as they will be the first ones to obtain special exemptions allowing
> them to continue to see WHOIS data.  The CIA, NSA, BDN, and FSB are
> undoubtedly celebrating the arrival of GDPR, as it further entrenches
> their special status at the expense of the great unwashes masses.
>
> Friday was a sad day for both transparency and democracy, but all across
> the globe both criminals and statists undoubtedly celebrated it with
> toasts of champaign.
>
>
> Regards,
> rfg
>

--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

Apologies if I offended anyone.

However I do believe law enforcement itself should be strictly a 
government function.


Volker


Am 29.05.2018 um 13:41 schrieb Michele Neylon - Blacknight:

Volker

I don't think your choice of language is particularly helpful or constructive. 
In fact I think you're being intentionally inflammatory.

Why don't you tone it down a little?

There's no need to use words like:
"vigilantes" or "rent-a-cops" unless you're simply trying to troll people or 
believe that the anti-abuse community shouldn't exist, which by extension would suggest that you 
want to enable online abuse.

Regards

Michele


--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
http://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
---
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

On 29/05/2018, 11:36, "anti-abuse-wg on behalf of Volker Greimann" 
 wrote:

 Wow, the level of narrowmindedness and fearmongering is high with this one.
 
 Crime online will likely not increase due to GDPR. It may be more

 difficult to detect and take action against due to the loss of one tool
 amongst many, but ultimately that tool was illegal to begin with as it
 violated the rights to privacy of millions of domain owners.
 
 "Private researchers" and other vigilantes or rent-a-cops will indeed

 have a more difficult time to obtain such data as they will finally have
 to do so by legal means, but then they are in an untenable position
 anyway, taking upon themselves functions that should be fulfilled by
 actual law enforcement.
 
 Ultimately, private data if internet users no longer being public will

 lead to better registration data for those with a right to access it.
 Those with no such rights will have to figure out alternate routes to do
 their jobs that does not violate the rights of millions.
 
 Best,
 
 Volker
 
 
 
 Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:

 > ox  wrote:
 >
 >> Firstly I would like to comment that the multinationals and their 
funded trade
 >> groups (and their lobby orgs) shouted from the rooftops that if the 
GDPR came
 >> into effect, Internet in the EU would collapse and there would be 
digital doom
 >> and gloom.
 > I am not a multinational.  I am an individual volunteer anti-abuse 
researcher.
 > And yet even -I- have told everyone I know that the disappearance of 
public
 > WHOIS is and will be an epic catastrophy.  If there was cybercrime on the
 > Internet before, it will be increased, going forward, by tenfold.
 >
 >> How wrong they were (hindsight is perfect - as we can all clearly see)
 > Be patient.  The change has only just occurred.
 >
 >> The EU has truly become a world and global leader in the reclamation of
 >> individual rights and the free Internet.
 > Here on this side of the pond, one usually has to turn on Fox News in 
order
 > to be treated to this level of rubbish.
 >
 > The only thing that has happened is that private researchers the world
 > over have been effectively blinded due to the supreme arogance and idiocy
 > of europeans... europeans who, in their religious fervor, have come to 
view
 > it as their holy obligation to foist their demented notions onto the rest
 > of the world, whether any of the rest of us like it or not.
 >
 > Meanwhile the malevolent forces of state-sponsored intrigue and violation
 > of human rights are and shall remain totally unfettered and unaffected by
 > GDPR, as they will be the first ones to obtain special exemptions 
allowing
 > them to continue to see WHOIS data.  The CIA, NSA, BDN, and FSB are
 > undoubtedly celebrating the arrival of GDPR, as it further entrenches
 > their special status at the expense of the great unwashes masses.
 >
 > Friday was a sad day for both transparency and democracy, but all across
 > the globe both criminals and statists undoubtedly celebrated it with
 > toasts of champaign.
 >
 >
 > Regards,
 > rfg
 >
 
 --

 Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
 
 Mit freundlichen Grüßen,
 
 Volker A. Greimann

 - Rechtsabteilung -
 
 Key-Systems GmbH

 Im Oberen Werk 1
 66386 St. Ingbert
 Tel.: +49 (0) 6894 - 9396 901
 Fax.: +49 (0) 6894 - 9396 851
 Email: vgreim...@key-systems.net
 
 Web: www.key-systems.net / www.RRPproxy.net

 www.domaindiscount24.com / www.BrandShelter.com
 
 Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:

 www.facebook.com/KeySystems
 

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

Even in those cases, whois is but one tool that helps identify bad 
actors by means of violating privacy rights of millions. There are other 
tools, like DNS traces, reviews of hosting infrastructures used, etc. 
all of which will continue to be available for the uses you refer to.


And maybe it is time to ensure law enforcement is better equipped to 
deal with such issues earlier and faster. Up to now, governments have 
been afforded the luxury of being able to underfund such efforts as 
others were doing their jobs for them. Maybe this will lead to better 
law enforcement and international cooperation.


Best,

Volker


Am 29.05.2018 um 13:34 schrieb Suresh Ramasubramanian:

This unfortunately is entirely wrong and short sighted

All security practitioners protect our respective services and 
networks against a wide variety of threats including malware and phish 
campaigns.


Very few of those go on to be referred to law enforcement and that 
only after an extensive dossier is built internally to show that the 
perps in question justify a - frequently cross border - law 
enforcement action.


Security and protecting user privacy go hand in hand and I wish more 
people realised that, and maybe also realised the resource and 
administrative lconstraints and limits law enforcement is saddled with





*From:* anti-abuse-wg  on behalf of 
Volker Greimann 

*Sent:* Tuesday, May 29, 2018 4:06:18 PM
*To:* anti-abuse-wg@ripe.net
*Subject:* Re: [anti-abuse-wg] GDPR - positive effects on email abuse
Wow, the level of narrowmindedness and fearmongering is high with this 
one.


Crime online will likely not increase due to GDPR. It may be more
difficult to detect and take action against due to the loss of one tool
amongst many, but ultimately that tool was illegal to begin with as it
violated the rights to privacy of millions of domain owners.

"Private researchers" and other vigilantes or rent-a-cops will indeed
have a more difficult time to obtain such data as they will finally have
to do so by legal means, but then they are in an untenable position
anyway, taking upon themselves functions that should be fulfilled by
actual law enforcement.

Ultimately, private data if internet users no longer being public will
lead to better registration data for those with a right to access it.
Those with no such rights will have to figure out alternate routes to do
their jobs that does not violate the rights of millions.

Best,

Volker



Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:
> ox  wrote:
>
>> Firstly I would like to comment that the multinationals and their 
funded trade
>> groups (and their lobby orgs) shouted from the rooftops that if the 
GDPR came
>> into effect, Internet in the EU would collapse and there would be 
digital doom

>> and gloom.
> I am not a multinational.  I am an individual volunteer anti-abuse 
researcher.
> And yet even -I- have told everyone I know that the disappearance of 
public
> WHOIS is and will be an epic catastrophy.  If there was cybercrime 
on the

> Internet before, it will be increased, going forward, by tenfold.
>
>> How wrong they were (hindsight is perfect - as we can all clearly see)
> Be patient.  The change has only just occurred.
>
>> The EU has truly become a world and global leader in the reclamation of
>> individual rights and the free Internet.
> Here on this side of the pond, one usually has to turn on Fox News 
in order

> to be treated to this level of rubbish.
>
> The only thing that has happened is that private researchers the world
> over have been effectively blinded due to the supreme arogance and 
idiocy
> of europeans... europeans who, in their religious fervor, have come 
to view
> it as their holy obligation to foist their demented notions onto the 
rest

> of the world, whether any of the rest of us like it or not.
>
> Meanwhile the malevolent forces of state-sponsored intrigue and 
violation
> of human rights are and shall remain totally unfettered and 
unaffected by
> GDPR, as they will be the first ones to obtain special exemptions 
allowing

> them to continue to see WHOIS data.  The CIA, NSA, BDN, and FSB are
> undoubtedly celebrating the arrival of GDPR, as it further entrenches
> their special status at the expense of the great unwashes masses.
>
> Friday was a sad day for both transparency and democracy, but all across
> the globe both criminals and statists undoubtedly celebrated it with
> toasts of champaign.
>
>
> Regards,
> rfg
>

--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: w

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Michele Neylon - Blacknight]

Volker

I don't think your choice of language is particularly helpful or constructive. 
In fact I think you're being intentionally inflammatory.

Why don't you tone it down a little?

There's no need to use words like:
"vigilantes" or "rent-a-cops" unless you're simply trying to troll people or 
believe that the anti-abuse community shouldn't exist, which by extension would 
suggest that you want to enable online abuse.

Regards

Michele


--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
http://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/ 
---
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

On 29/05/2018, 11:36, "anti-abuse-wg on behalf of Volker Greimann" 
 wrote:

Wow, the level of narrowmindedness and fearmongering is high with this one.

Crime online will likely not increase due to GDPR. It may be more 
difficult to detect and take action against due to the loss of one tool 
amongst many, but ultimately that tool was illegal to begin with as it 
violated the rights to privacy of millions of domain owners.

"Private researchers" and other vigilantes or rent-a-cops will indeed 
have a more difficult time to obtain such data as they will finally have 
to do so by legal means, but then they are in an untenable position 
anyway, taking upon themselves functions that should be fulfilled by 
actual law enforcement.

Ultimately, private data if internet users no longer being public will 
lead to better registration data for those with a right to access it. 
Those with no such rights will have to figure out alternate routes to do 
their jobs that does not violate the rights of millions.

Best,

Volker



Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:
> ox  wrote:
>
>> Firstly I would like to comment that the multinationals and their funded 
trade
>> groups (and their lobby orgs) shouted from the rooftops that if the GDPR 
came
>> into effect, Internet in the EU would collapse and there would be 
digital doom
>> and gloom.
> I am not a multinational.  I am an individual volunteer anti-abuse 
researcher.
> And yet even -I- have told everyone I know that the disappearance of 
public
> WHOIS is and will be an epic catastrophy.  If there was cybercrime on the
> Internet before, it will be increased, going forward, by tenfold.
>
>> How wrong they were (hindsight is perfect - as we can all clearly see)
> Be patient.  The change has only just occurred.
>
>> The EU has truly become a world and global leader in the reclamation of
>> individual rights and the free Internet.
> Here on this side of the pond, one usually has to turn on Fox News in 
order
> to be treated to this level of rubbish.
>
> The only thing that has happened is that private researchers the world
> over have been effectively blinded due to the supreme arogance and idiocy
> of europeans... europeans who, in their religious fervor, have come to 
view
> it as their holy obligation to foist their demented notions onto the rest
> of the world, whether any of the rest of us like it or not.
>
> Meanwhile the malevolent forces of state-sponsored intrigue and violation
> of human rights are and shall remain totally unfettered and unaffected by
> GDPR, as they will be the first ones to obtain special exemptions allowing
> them to continue to see WHOIS data.  The CIA, NSA, BDN, and FSB are
> undoubtedly celebrating the arrival of GDPR, as it further entrenches
> their special status at the expense of the great unwashes masses.
>
> Friday was a sad day for both transparency and democracy, but all across
> the globe both criminals and statists undoubtedly celebrated it with
> toasts of champaign.
>
>
> Regards,
> rfg
>

-- 
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur 

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

Wow, the level of narrowmindedness and fearmongering is high with this one.

Crime online will likely not increase due to GDPR. It may be more 
difficult to detect and take action against due to the loss of one tool 
amongst many, but ultimately that tool was illegal to begin with as it 
violated the rights to privacy of millions of domain owners.


"Private researchers" and other vigilantes or rent-a-cops will indeed 
have a more difficult time to obtain such data as they will finally have 
to do so by legal means, but then they are in an untenable position 
anyway, taking upon themselves functions that should be fulfilled by 
actual law enforcement.


Ultimately, private data if internet users no longer being public will 
lead to better registration data for those with a right to access it. 
Those with no such rights will have to figure out alternate routes to do 
their jobs that does not violate the rights of millions.


Best,

Volker



Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:

ox  wrote:


Firstly I would like to comment that the multinationals and their funded trade
groups (and their lobby orgs) shouted from the rooftops that if the GDPR came
into effect, Internet in the EU would collapse and there would be digital doom
and gloom.

I am not a multinational.  I am an individual volunteer anti-abuse researcher.
And yet even -I- have told everyone I know that the disappearance of public
WHOIS is and will be an epic catastrophy.  If there was cybercrime on the
Internet before, it will be increased, going forward, by tenfold.


How wrong they were (hindsight is perfect - as we can all clearly see)

Be patient.  The change has only just occurred.


The EU has truly become a world and global leader in the reclamation of
individual rights and the free Internet.

Here on this side of the pond, one usually has to turn on Fox News in order
to be treated to this level of rubbish.

The only thing that has happened is that private researchers the world
over have been effectively blinded due to the supreme arogance and idiocy
of europeans... europeans who, in their religious fervor, have come to view
it as their holy obligation to foist their demented notions onto the rest
of the world, whether any of the rest of us like it or not.

Meanwhile the malevolent forces of state-sponsored intrigue and violation
of human rights are and shall remain totally unfettered and unaffected by
GDPR, as they will be the first ones to obtain special exemptions allowing
them to continue to see WHOIS data.  The CIA, NSA, BDN, and FSB are
undoubtedly celebrating the arrival of GDPR, as it further entrenches
their special status at the expense of the great unwashes masses.

Friday was a sad day for both transparency and democracy, but all across
the globe both criminals and statists undoubtedly celebrated it with
toasts of champaign.


Regards,
rfg



--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.



Should you have any further questions, please do not hesitate to contact us.

Best regards,

Volker A. Greimann
- legal department -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.twitter.com/key_systems

CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

This e-mail and its attachments is intended only for the person to whom it is 
addressed. Furthermore it is not permitted to publish any content of this 
email. You must not use, disclose, copy, print or rely on this e-mail. If an 
addressing or transmission error has misdirected this e-mail, kindly notify the 
author by replying to this e-mail or contacting us by telephone.

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Michele Neylon - Blacknight]

Brian

Agreed.

Regards

Michele


--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
http://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/ 
---
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

On 29/05/2018, 09:32, "anti-abuse-wg on behalf of Brian Nisbet" 
 wrote:

Folks,

GDPR is a valid subject for this WG. Discussions around how it will affect 
things around abuse of the Internet is valid etc. etc.

However let's not get into whose government is better or worse, please. 

Thanks,

Brian

Brian Nisbet 
Network Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nis...@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270


> -Original Message-
> From: anti-abuse-wg  On Behalf Of ox
> Sent: Tuesday 29 May 2018 06:53
> To: anti-abuse-wg@ripe.net
> Subject: Re: [anti-abuse-wg] GDPR - positive effects on email abuse
> 
> On Mon, 28 May 2018 12:13:32 -0700
> "Ronald F. Guilmette"  wrote:
> 
> > >The EU has truly become a world and global leader in the reclamation
> > >of individual rights and the free Internet.
> > Here on this side of the pond, one usually has to turn on Fox News in
> > order to be treated to this level of rubbish.
> >
> or read a Tweet from the President of the United States that says the evil
> democratic party is responsible for the separation of little children 
from their
> refugee parents - whereas and in truth it is the President himself that is
> responsible. - And innocent little children are being "lost" by the 
thousands
> by the American Government?
> 
> https://www.nytimes.com/2018/05/28/us/trump-immigrant-children-
> lost.html
> 
> The USA and US citizens have lost credibility or any moral high ground.
> 
> As far as Fox news are concerned (are they the people that say "Good
> Morning President Trump", when broadcasting to the US each morning?)
> 
> As far as Internet Abuse and 'private' "researchers" are concerned: So,
> private researchers have 'rights' to obtain other 'private' people's 
private
> information?
> 
> I cannot wait for the EU to yet again lead the world with ePrivacy as all 
the
> USA does is dominate, control, track, divide and so many other negative
> things.
> 
> The EU has become an innovator, protector and Internet light.
> 
> > The only thing that has happened is that private researchers the world
> > over have been effectively blinded due to the supreme arogance and
> > idiocy of europeans... europeans who, in their religious fervor, have
> > come to view it as their holy obligation to foist their demented
> > notions onto the rest of the world, whether any of the rest of us like
> > it or not.
> >
> > Meanwhile the malevolent forces of state-sponsored intrigue and
> > violation of human rights are and shall remain totally unfettered and
> 
> violation of human rights?
> 
> wow.
> 
> Your government loses innocent little children and you have the audacity 
to
> lecture?
> 
> When you take a little baby or a 2 year old (still also a baby) and LOSE 
that
> human person?
> 
> Have you no shame?
> 
> With whatever respect you deserve: You cannot lecture or comment on
> "state-sponsored intrigue and violation of human rights"
> 
> As your own country is part of the problem, that others have to help you
> solve and resolve.
> 
> As for abuse and as to how this all relates to abuse: It is mostly US 
companies
> that are infringing on the privacy of citizens of all other countries.
> 
> I need not rehash how the top USA Internet companies abuse children,
> develop technology to kill people or completely colonise and enslave
> developing societies.
> 
> or even lose the little babies they have violently dragged from the hands 
of
> their mothers.
> 
> Andre

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Brian Nisbet]

Folks,

GDPR is a valid subject for this WG. Discussions around how it will affect 
things around abuse of the Internet is valid etc. etc.

However let's not get into whose government is better or worse, please. 

Thanks,

Brian

Brian Nisbet 
Network Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nis...@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270


> -Original Message-
> From: anti-abuse-wg  On Behalf Of ox
> Sent: Tuesday 29 May 2018 06:53
> To: anti-abuse-wg@ripe.net
> Subject: Re: [anti-abuse-wg] GDPR - positive effects on email abuse
> 
> On Mon, 28 May 2018 12:13:32 -0700
> "Ronald F. Guilmette"  wrote:
> 
> > >The EU has truly become a world and global leader in the reclamation
> > >of individual rights and the free Internet.
> > Here on this side of the pond, one usually has to turn on Fox News in
> > order to be treated to this level of rubbish.
> >
> or read a Tweet from the President of the United States that says the evil
> democratic party is responsible for the separation of little children from 
> their
> refugee parents - whereas and in truth it is the President himself that is
> responsible. - And innocent little children are being "lost" by the thousands
> by the American Government?
> 
> https://www.nytimes.com/2018/05/28/us/trump-immigrant-children-
> lost.html
> 
> The USA and US citizens have lost credibility or any moral high ground.
> 
> As far as Fox news are concerned (are they the people that say "Good
> Morning President Trump", when broadcasting to the US each morning?)
> 
> As far as Internet Abuse and 'private' "researchers" are concerned: So,
> private researchers have 'rights' to obtain other 'private' people's private
> information?
> 
> I cannot wait for the EU to yet again lead the world with ePrivacy as all the
> USA does is dominate, control, track, divide and so many other negative
> things.
> 
> The EU has become an innovator, protector and Internet light.
> 
> > The only thing that has happened is that private researchers the world
> > over have been effectively blinded due to the supreme arogance and
> > idiocy of europeans... europeans who, in their religious fervor, have
> > come to view it as their holy obligation to foist their demented
> > notions onto the rest of the world, whether any of the rest of us like
> > it or not.
> >
> > Meanwhile the malevolent forces of state-sponsored intrigue and
> > violation of human rights are and shall remain totally unfettered and
> 
> violation of human rights?
> 
> wow.
> 
> Your government loses innocent little children and you have the audacity to
> lecture?
> 
> When you take a little baby or a 2 year old (still also a baby) and LOSE that
> human person?
> 
> Have you no shame?
> 
> With whatever respect you deserve: You cannot lecture or comment on
> "state-sponsored intrigue and violation of human rights"
> 
> As your own country is part of the problem, that others have to help you
> solve and resolve.
> 
> As for abuse and as to how this all relates to abuse: It is mostly US 
> companies
> that are infringing on the privacy of citizens of all other countries.
> 
> I need not rehash how the top USA Internet companies abuse children,
> develop technology to kill people or completely colonise and enslave
> developing societies.
> 
> or even lose the little babies they have violently dragged from the hands of
> their mothers.
> 
> Andre

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[ox]

On Mon, 28 May 2018 12:13:32 -0700
"Ronald F. Guilmette"  wrote:

> >The EU has truly become a world and global leader in the reclamation
> >of individual rights and the free Internet.   
> Here on this side of the pond, one usually has to turn on Fox News in
> order to be treated to this level of rubbish.
> 
or read a Tweet from the President of the United States that says the
evil democratic party is responsible for the separation of little
children from their refugee parents - whereas and in truth it is the
President himself that is responsible. - And innocent little children
are being "lost" by the thousands by the American Government?

https://www.nytimes.com/2018/05/28/us/trump-immigrant-children-lost.html

The USA and US citizens have lost credibility or any moral high ground.

As far as Fox news are concerned (are they the people that say "Good
Morning President Trump", when broadcasting to the US each morning?)

As far as Internet Abuse and 'private' "researchers" are concerned: So,
private researchers have 'rights' to obtain other 'private' people's
private information? 

I cannot wait for the EU to yet again lead the world with ePrivacy
as all the USA does is dominate, control, track, divide and so many
other negative things.

The EU has become an innovator, protector and Internet light.

> The only thing that has happened is that private researchers the world
> over have been effectively blinded due to the supreme arogance and
> idiocy of europeans... europeans who, in their religious fervor, have
> come to view it as their holy obligation to foist their demented
> notions onto the rest of the world, whether any of the rest of us
> like it or not.
> 
> Meanwhile the malevolent forces of state-sponsored intrigue and
> violation of human rights are and shall remain totally unfettered and

violation of human rights? 

wow.

Your government loses innocent little children and you have the
audacity to lecture?

When you take a little baby or a 2 year old (still also a baby) and
LOSE that human person?

Have you no shame?

With whatever respect you deserve: You cannot lecture or comment on
"state-sponsored intrigue and violation of human rights" 

As your own country is part of the problem, that others have to help
you solve and resolve. 

As for abuse and as to how this all relates to abuse: It is mostly US
companies that are infringing on the privacy of citizens of all other 
countries. 

I need not rehash how the top USA Internet companies abuse children,
develop technology to kill people or completely colonise and enslave
developing societies.

or even lose the little babies they have violently dragged from the
hands of their mothers.

Andre

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Ronald F. Guilmette]

ox  wrote:

>Firstly I would like to comment that the multinationals and their funded trade
>groups (and their lobby orgs) shouted from the rooftops that if the GDPR came 
>into effect, Internet in the EU would collapse and there would be digital doom
>and gloom.

I am not a multinational.  I am an individual volunteer anti-abuse researcher.
And yet even -I- have told everyone I know that the disappearance of public
WHOIS is and will be an epic catastrophy.  If there was cybercrime on the
Internet before, it will be increased, going forward, by tenfold.

>How wrong they were (hindsight is perfect - as we can all clearly see)

Be patient.  The change has only just occurred.

>The EU has truly become a world and global leader in the reclamation of
>individual rights and the free Internet. 

Here on this side of the pond, one usually has to turn on Fox News in order
to be treated to this level of rubbish.

The only thing that has happened is that private researchers the world
over have been effectively blinded due to the supreme arogance and idiocy
of europeans... europeans who, in their religious fervor, have come to view
it as their holy obligation to foist their demented notions onto the rest
of the world, whether any of the rest of us like it or not.

Meanwhile the malevolent forces of state-sponsored intrigue and violation
of human rights are and shall remain totally unfettered and unaffected by
GDPR, as they will be the first ones to obtain special exemptions allowing
them to continue to see WHOIS data.  The CIA, NSA, BDN, and FSB are
undoubtedly celebrating the arrival of GDPR, as it further entrenches
their special status at the expense of the great unwashes masses.

Friday was a sad day for both transparency and democracy, but all across
the globe both criminals and statists undoubtedly celebrated it with
toasts of champaign.


Regards,
rfg

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Brian Nisbet]

It may interest you and other members of the WG to know that cases are already 
being brought:

https://www.irishtimes.com/business/technology/max-schrems-files-first-cases-under-gdpr-against-facebook-and-google-1.3508177

Brian

Brian Nisbet 
Network Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nis...@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270

> -Original Message-
> From: anti-abuse-wg [mailto:anti-abuse-wg-boun...@ripe.net] On Behalf Of
> ox
> Sent: 28 May 2018 12:29
> To: anti-abuse-wg@ripe.net
> Subject: [anti-abuse-wg] GDPR - positive effects on email abuse
> 
> Hi All,
> 
> Firstly I would like to comment that the multinationals and their funded trade
> groups (and their lobby orgs) shouted from the rooftops that if the GDPR
> came into effect, Internet in the EU would collapse and there would be
> digital doom and gloom.
> 
> How wrong they were (hindsight is perfect - as we can all clearly see)
> 
> imnsho the very early effects of the GDPR on email spam alone has been
> very positive.
> This without any cases, that I know of, yet, being brought against any of the
> evil companies yet. (yet being the operative word here - as I am sure, on
> email spam alone, there will be cases coming)
> 
> The EU has truly become a world and global leader in the reclamation of
> individual rights and the free Internet.
> 
> The entire planet is watching the EU and with the still pending " respect for
> private life and the protection of personal data in electronic communications"
> (ePrivacy) being the next truly leading thing to look forward to.
> 
> Success of the Digital Single Market Strategy in the EU will lead to
> decentralised development (not to speak of empowerment) not only in the
> EU, but also in Africa, China and all over the globe. This will place the 
> control
> of the Internet back in the hands of localised civil society and hopefully 
> avoid
> enslavement of humankind.
> 
> As far as this wg is concerned, what is happening in the EU is having a very
> positive impact on certain types of abuse :)
> 
> my 1c
> 
> Andre
> 
> 
>