<div dir="ltr"><div class="gmail_default" style="font-family:georgia,serif;font-size:small">Stephanie,</div><div class="gmail_default" style="font-family:georgia,serif;font-size:small"><br></div><div class="gmail_default" style="font-family:georgia,serif;font-size:small">There are fusion centers for information sharing purposes, several in the US, established since 9/11. (See: <a href="https://www.dhs.gov/national-network-fusion-centers-fact-sheet">https://www.dhs.gov/national-network-fusion-centers-fact-sheet</a>). </div><div class="gmail_default" style="font-family:georgia,serif;font-size:small"><br></div><div class="gmail_default" style="font-family:georgia,serif;font-size:small">While information sharing does occur among agencies (some work together better than others), it does not occur in a consistent manner. Depending upon which agency initiates the investigation, the type of crime being investigated, as well as the individuals involved in the case, real information sharing typically occurs when (if) a conflict arises among agencies investigating the same individuals and/or organizations; a meeting is held at the executive level to negotiate who will be the lead agency, and what information is shared. </div><div class="gmail_default" style="font-family:georgia,serif;font-size:small"><br></div><div class="gmail_default" style="font-family:georgia,serif;font-size:small"><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Aug 5, 2016 at 10:58 AM, Stephanie Perrin <span dir="ltr"><<a href="mailto:stephanie.perrin@mail.utoronto.ca" target="_blank">stephanie.perrin@mail.utoronto.ca</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<p><font size="+1"><font face="Lucida Grande">Thanks Dick. I think
you and Greg have made the point that intelligence services
are generally not so quick to share their data with the dog
catcher. However, if you are going to offer offline tutorials,
may we beg a digest of those tutorials for the list? It is
hard to get good information on these actual practices. Some
of the legislative and policy initiatives in western democracies
to share data between investigative agencies, not to mention
further investment in big data techniques for profiling
without disclosure (not the technical term but I am sure you
know what I am referring to) would lead one to conclude that
such data sharing is well in hand.</font></font></p>
<p><font size="+1"><font face="Lucida Grande">Best regards<span class="HOEnZb"><font color="#888888"><br>
</font></span></font></font></p><span class="HOEnZb"><font color="#888888">
<p><font size="+1"><font face="Lucida Grande">stephanie perrin</font></font><br>
</p></font></span><div><div class="h5">
<br>
<div>On 2016-08-05 5:49, Richard Leaning
wrote:<br>
</div>
<blockquote type="cite">
<pre>Hi Rob,
Not sure where to start on this response, i will try and keep it short.
Am not sure that by speaking to one ex FBI agent and couple of Police officers in Sheffield is a true reflection of the Global LEA position on this WG. It concerns me greatly that you take this view.
Its a big +1 to Greg Mounier, Greg Aaron and Terri.
As an ex Senior Detective from the UK having just retired last year after 30 years service, spending the last 7 years or so involved investigating Cyber crime Nationally and Internationally within SOCA, NCA and then EC3 (European Cyber Crime Centre - Europol) am more than happy to spend some time with you outside this group to explain the difference between the Intelligence services and LEA.
Also as am now be working for RIPE NCC (a RIR) as a Consultant am also happy at the same time, explain to you about the RIPE Database.
Kind Regards
Dick
Richard Leaning
External Relations
RIPE NCC
</pre>
<blockquote type="cite">
<pre>On 4 Aug 2016, at 21:20, Rob Golding <a href="mailto:rob.golding@astutium.com" target="_blank"><rob.golding@astutium.com></a> wrote:
</pre>
<blockquote type="cite">
<pre>note that:
Any customer of an RIR has its contact data published in RIR WHOIS
</pre>
</blockquote>
<pre>Which is of course no different to saying "Any customer of a Registry (aka Registrar) has it's contact data published"
And in practice it's _most_ customers of _most_ RIRs - lots of the lookups for certain regions just-don’t-work (tm) and with the amount of 'funkiness' that goes on with IPv4 routing post-runout, what details you see on an IP lookup at an RIR has little-to-no bearing now on who is actually using it
- what you're able to see is "who should be (directly or indirectly) paying the RIRs fees"
</pre>
<blockquote type="cite">
<pre>Yet IP Whois will usually only yield the webhost or the IS. How is having to ask them for the data any different from having to ask the registrar.
</pre>
</blockquote>
<pre>I would say it's not any different at all in effect, but may be less likely to yield a response due to the limited "policy" capabilities when it comes to "unregulated" industries.
</pre>
<blockquote type="cite">
<pre>Are LEAs lobbying for webhost and internet subscriber public whois?
</pre>
</blockquote>
<pre>I feel I should suggest that they can probably just extract the data from the NSA or GCHQ or their-local-equivalent, so no need to make it "public" ;)
</pre>
<blockquote type="cite">
<pre>I will be interested in learning however law enforcement manages to do its job without this needed and useful data
</pre>
</blockquote>
<pre>The caveats being that "useful" is subjective and "needed" depends on circumstances.
I don't see anyone suggesting that there shouldn’t be methods in place so that Law Enforcement can do their job.
I do however think that the concept of punishing everyone because there are a very small %age of "bad actors" is, in a civilised society, not even remotely appropriate.
Rob
---
This email has been checked for viruses by Avast antivirus software.
<a href="https://www.avast.com/antivirus" target="_blank">https://www.avast.com/<wbr>antivirus</a>
______________________________<wbr>_________________
gnso-rds-pdp-wg mailing list
<a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a>
</pre>
</blockquote>
<pre></pre>
<br>
<fieldset></fieldset>
<br>
<pre>______________________________<wbr>_________________
gnso-rds-pdp-wg mailing list
<a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a></pre>
</blockquote>
<br>
</div></div></div>
<br>______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><font size="2"><span style="background-color:rgb(159,197,232)"><i>Terri Stumme</i></span></font><div><font size="2"><span style="background-color:rgb(159,197,232)"><i>Investigative Analyst</i></span></font></div></div></div></div></div></div></div>
</div>