Hi
Although I do understand the motivations to this proposal, I normally
don't like much this feel that may look obvious to many to remove as
much as contact data in order to not be bothered with marketing and
sales content due to the concern that make things more difficult for
legitimate need to get in touch for troubleshooting and legal demands.
If you are operating an Autonomous System and have responsibilities over
it you must be able to be easily contacted in order to deal with the
legitimate demands you commited when you became one, and for that there
will be some burden which if reasonable should be accepted.
I understand the proposal suggests removing it from the bulk access, but
it has not been clear how it will work and how easy it will be for those
with legitimate need to get these contact details, if it will be with
not human interaction or if someone will need to fill a form and
justify, etc ?
Thanks
Fernando
On 13/01/2025 01:02, Bertrand Cherrier via SIG-policy wrote:
Dear SIG members,
A new proposal "prop-162-v001: WHOIS Privacy" has been sent to the
Policy SIG for review.
It will be presented at the Open Policy Meeting (OPM) at APNIC 59 on
Wednesday, 26 February 2025.
https://conference.apnic.net/59/programme/programme/index.html#/day/8/
We invite you to review and comment on the proposal on the mailing
list before the OPM.
The comment period on the mailing list before the OPM is an important
part of the Policy Development Process (PDP). We encourage you to
express your views on the proposal:
- Do you support or oppose this proposal?
- Does this proposal solve a problem you are experiencing? If so,
tell the community about your situation.
- Do you see any disadvantages in this proposal?
- Is there anything in the proposal that is not clear?
- What changes could be made to this proposal to make it more effective?
Information about this proposal is appended below as well as available at:
http://www.apnic.net/policy/proposals/prop-162
Regards,
Bertrand, Shaila, and Ching-Heng
APNIC Policy SIG Chairs
-----------------------------------------------------------------------------------
prop-162-v001: WHOIS Privacy
-----------------------------------------------------------------------------------
Proposer:
Jonathan Brewer (j...@xn--t-0la.nz)
1. Problem statement
-------------------------
Through permitted bulk access to APNIC whois, several organisations
including Hurricane Electric and RecordedFuture republish physical
addresses, email addresses, and telephone numbers of APNIC members.
These details are freely available on the web and available for mass
harvesting through the use of screen scraping technology. It is
apparent that some third parties have used this data in a manner
contrary to the APNIC whois data acceptable use agreement.
In the past three years organisations including the Number Resource
Society (Casablanca, Morocco), Unique IP Solutions (Faisalabad,
Pakistan), Aileron IT (Wisconsin, USA), and EarnheardData (details
suppressed) have contacted my organisation via details published
exclusively in APNIC whois. None of these contacts have been to do
with a legitimate networking issue.
2. Objective of policy change
----------------------------------
This policy will eliminate the unnecessary publication of APNIC member
organisation contact details. People with a legitimate need for these
contact details can use a service directly provided by APNIC to obtain
them.
3. Situation in other regions
--------------------------------
Unknown
4. Proposed policy solution
--------------------------------
APNIC should remove all email addresses, telephone numbers, and
physical addresses from any bulk WHOIS data, and should cause any
existing re-publishers of APNIC WHOIS data to remove this information
from the Internet as a condition for continued access to data.
5. Advantages / Disadvantages
------------------------------------
Advantages:
This should reduce future marketing calls to the NOC phone and
marketing emails to the noc email address.
Disadvantages:
None. The information will still be available via APNIC-controlled
WHOIS services which presumably are protected against illegitimate
data harvesting.
6. Impact on resource holders
-----------------------------------
No impact on resource holders.
7. References
----------------
_______________________________________________
SIG-policy -https://mailman.apnic.net/sig-policy@lists.apnic.net/
To unsubscribe send an email tosig-policy-le...@lists.apnic.net
_______________________________________________
SIG-policy - https://mailman.apnic.net/sig-policy@lists.apnic.net/
To unsubscribe send an email to sig-policy-le...@lists.apnic.net
