[gnso-rds-pdp-wg] @EXT: RE: Use cases: Fundamental, Incidental, and Theoretical

Fri Aug 5 09:49:47 UTC 2016

Hi Rob,

Not sure where to start on this response, i will try and keep it short.

Am not sure that by speaking to one ex FBI agent and couple of Police officers in Sheffield is a true reflection of the Global LEA position on this WG. It concerns me greatly that you take this view.

Its a big +1 to Greg Mounier, Greg Aaron and Terri.

As an ex Senior Detective from the UK having just retired last year after 30 years service, spending the last 7 years or so involved investigating Cyber crime Nationally and Internationally within SOCA, NCA and then EC3 (European Cyber Crime Centre - Europol) am more than happy to spend some time with you outside this group to explain the difference between the Intelligence services and LEA.

Also as am now be working for RIPE NCC (a RIR) as a Consultant am also happy at the same time, explain to you about the RIPE Database.

Kind Regards

Dick

Richard Leaning
External Relations
RIPE NCC

> On 4 Aug 2016, at 21:20, Rob Golding <rob.golding at astutium.com> wrote:
> 
>> note that:
>> Any customer of an RIR has its contact data published in RIR WHOIS
> 
> Which is of course no different to saying "Any customer of a Registry (aka Registrar) has it's contact data published"
> 
> And in practice it's _most_ customers of _most_ RIRs - lots of the lookups for certain regions just-don’t-work (tm) and with the amount of 'funkiness' that goes on with IPv4 routing post-runout, what details you see on an IP lookup at an RIR has little-to-no bearing now on who is actually using it
> - what you're able to see is "who should be (directly or indirectly) paying the RIRs fees"
> 
>> Yet IP Whois will usually only yield the webhost or the IS. How is having to ask them for the data any different from having to ask the registrar. 
> 
> I would say it's not any different at all in effect, but may be less likely to yield a response due to the limited "policy" capabilities when it comes to "unregulated" industries.
> 
>> Are LEAs lobbying for webhost and internet subscriber public whois?
> 
> I feel I should suggest that they can probably just extract the data from the NSA or GCHQ or their-local-equivalent, so no need to make it "public"  ;)
> 
>> I will be interested in learning however law enforcement manages to do its job without this needed and useful data 
> 
> The caveats being that "useful" is subjective and "needed" depends on circumstances. 
> 
> I don't see anyone suggesting that there shouldn’t be methods in place so that Law Enforcement can do their job.
> 
> I do however think that the concept of punishing everyone because there are a very small %age of "bad actors" is, in a civilised society, not even remotely appropriate.
> 
> Rob
> 
> 
> ---
> This email has been checked for viruses by Avast antivirus software.
> https://www.avast.com/antivirus
> 
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2614 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160805/dc8da351/smime.p7s>