[gnso-rds-pdp-wg] Principle on Proportionality for "Thin Data"access

John Bambenek jcb at bambenekconsulting.com
Thu Jun 1 16:44:27 UTC 2017 

I disagree with your premise that I need to prove something is strictly
necessary in the context of this conversation.  It is not strictly
necessary for the operation of the internet that there is anti-spam at
all.  It is not strictly necessary that security researchers stop
criminals for the operation of the internet.  The internet will still
work.  What we ARE talking about here is that the balance of harms is
clearly on the side of us that taking away our tools and visibility
makes the situation worse, not better.

Everyone likes talking about anti-abuse and spam here, but can someone
find me one single anti-spam entity that agrees with you that we need to
restrict thin data?  I mean, just one, anywhere in the world.


On 6/1/2017 11:39 AM, Volker Greimann wrote:
>
> I am not saying that publishing the creation date is screwing over
> people, I merely pointed out that it is currently being used for that
> very purpose. Domain registrant are getting conned, abused and worse
> because that data point is being used (in connection with other data
> points) This data point allows this abuse to be much more targeted and
> therefore successful.
>
> I am sure there are other purposes that it is being used for as well,
> some honorable, some useful, some neutral to the overall state of the
> universe, but in the end I merely asked if it was stricly necessary
> for the purpose of the operation of the internet, without making any
> assumption on other yet to be defined purposes.
>
> Best,
>
> Volker
>
>
> Am 01.06.2017 um 18:34 schrieb John Bambenek:
>> Because you a priori invalidate all our data and use cases as
>> irrelevant. The operations of the internet are more complicated than
>> mere transferring a domain for registrar to operator. 
>>
>> I gave you an example of using creation date as a factor in
>> filtering. You immediately labeled it as screwing over people. Do you
>> really expect me to keep jumping through your hoops? I mean I am just
>> a mere self-proclaimed security researcher. 
>>
>> Sent from my iPhone
>>
>> On Jun 1, 2017, at 11:22, Volker Greimann <vgreimann at key-systems.net
>> <mailto:vgreimann at key-systems.net>> wrote:
>>
>>> Note that I did not say "a need" in general, but specifically "a
>>> need for the purpose of the operationality of the internet". I have
>>> not seen any convincing use cases for that need for these three data
>>> points.
>>>
>>> Best,
>>>
>>> VG
>>>
>>>
>>> Am 01.06.2017 um 18:19 schrieb John Bambenek:
>>>> The people who are engaged daily on anti-abuse are saying yes. Why
>>>> are those who are not engaged in anti-abuse so eager to tell us
>>>> what we need or don't need in doing our jobs? How many ways and use
>>>> cases do we have to present until its accepted that, yes, the
>>>> anti-abuse community needs this?
>>>>
>>>> Sent from my iPhone
>>>>
>>>> On Jun 1, 2017, at 04:25, Volker Greimann
>>>> <vgreimann at key-systems.net <mailto:vgreimann at key-systems.net>> wrote:
>>>>
>>>>> Even if there if no PII in thin data (and I am leaning to that
>>>>> direction myself), if there really a need for all these fields to
>>>>> be public for the purpose of the operationality of the internet? I
>>>>> am thinking of the created, updated and expiration dates in
>>>>> particular since those are the ones leading to the most abusive use.
>>>>>
>>>>>
>>>>> Am 31.05.2017 um 19:22 schrieb jonathan matkowsky:
>>>>>> Thin Whois data doesn't have PII - We were saying that for
>>>>>> registration DETAILS that can be queried from the existence of a
>>>>>> domain name (which are NOT in thin Whois data), the way to deal
>>>>>> with that is informed consent. The thin Whois data is
>>>>>> cross-referenced against the domain name that was created. The
>>>>>> domain itself exists. We very much can say that there is no PII
>>>>>> in thin Whois data for domain names. DNS queries and SOA records
>>>>>> are not part of this working group. And the fact you can use the
>>>>>> Whois PROTOCOL to query RIRs also has nothing whatsoever to do
>>>>>> with the Whois DATABASE, especially thin Whois. We can still be
>>>>>> privacy champions without turning everything into a privacy
>>>>>> concern, especially where none exists. The privacy issues to the
>>>>>> extent they do exist, are not within the subject matter at issue.
>>>>>> And therefore, there is simply no proportionality principle that
>>>>>> need be applied here.
>>>>>>
>>>>>>
>>>>>> On Wed, 31 May 2017 at 20:10 Michael Peddemors
>>>>>> <michael at linuxmagic.com <mailto:michael at linuxmagic.com>> wrote:
>>>>>>
>>>>>>     On 17-05-31 10:07 AM, allison nixon wrote:
>>>>>>     > the rest of it can't be. You can't put a DNS query behind a
>>>>>>     EULA. We
>>>>>>     > can't pretend there are restrictions on this data.
>>>>>>     >
>>>>>>
>>>>>>     We aren't discussing DNS or any other places that data is
>>>>>>     available as
>>>>>>     part of this working group. Only the informed consent of data
>>>>>>     held in
>>>>>>     whois thin data.
>>>>>>
>>>>>>
>>>>>>     --
>>>>>>     "Catch the Magic of Linux..."
>>>>>>     ------------------------------------------------------------------------
>>>>>>     Michael Peddemors, President/CEO LinuxMagic Inc.
>>>>>>     Visit us at http://www.linuxmagic.com @linuxmagic
>>>>>>     ------------------------------------------------------------------------
>>>>>>     A Wizard IT Company - For More Info http://www.wizard.ca
>>>>>>     "LinuxMagic" a Registered TradeMark of Wizard Tower
>>>>>>     TechnoServices Ltd.
>>>>>>     ------------------------------------------------------------------------
>>>>>>     604-682-0300 Beautiful British Columbia, Canada
>>>>>>
>>>>>>     This email and any electronic data contained are confidential
>>>>>>     and intended
>>>>>>     solely for the use of the individual or entity to which they
>>>>>>     are addressed.
>>>>>>     Please note that any views or opinions presented in this
>>>>>>     email are solely
>>>>>>     those of the author and are not intended to represent those
>>>>>>     of the company.
>>>>>>     _______________________________________________
>>>>>>     gnso-rds-pdp-wg mailing list
>>>>>>     gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>>     https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>>
>>>>>> -- 
>>>>>> jonathan matkowsky, vp - ip & head of global brand threat mitigation
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> gnso-rds-pdp-wg mailing list
>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>
>>>>> -- 
>>>>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>>>>>
>>>>> Mit freundlichen Grüßen,
>>>>>
>>>>> Volker A. Greimann
>>>>> - Rechtsabteilung -
>>>>>
>>>>> Key-Systems GmbH
>>>>> Im Oberen Werk 1
>>>>> 66386 St. Ingbert
>>>>> Tel.: +49 (0) 6894 - 9396 901
>>>>> Fax.: +49 (0) 6894 - 9396 851
>>>>> Email: vgreimann at key-systems.net
>>>>>
>>>>> Web: www.key-systems.net / www.RRPproxy.net
>>>>> www.domaindiscount24.com / www.BrandShelter.com
>>>>>
>>>>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
>>>>> www.facebook.com/KeySystems
>>>>> www.twitter.com/key_systems
>>>>>
>>>>> Geschäftsführer: Alexander Siffrin
>>>>> Handelsregister Nr.: HR B 18835 - Saarbruecken 
>>>>> Umsatzsteuer ID.: DE211006534
>>>>>
>>>>> Member of the KEYDRIVE GROUP
>>>>> www.keydrive.lu 
>>>>>
>>>>> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>>>>>
>>>>> --------------------------------------------
>>>>>
>>>>> Should you have any further questions, please do not hesitate to contact us.
>>>>>
>>>>> Best regards,
>>>>>
>>>>> Volker A. Greimann
>>>>> - legal department -
>>>>>
>>>>> Key-Systems GmbH
>>>>> Im Oberen Werk 1
>>>>> 66386 St. Ingbert
>>>>> Tel.: +49 (0) 6894 - 9396 901
>>>>> Fax.: +49 (0) 6894 - 9396 851
>>>>> Email: vgreimann at key-systems.net
>>>>>
>>>>> Web: www.key-systems.net / www.RRPproxy.net
>>>>> www.domaindiscount24.com / www.BrandShelter.com
>>>>>
>>>>> Follow us on Twitter or join our fan community on Facebook and stay updated:
>>>>> www.facebook.com/KeySystems
>>>>> www.twitter.com/key_systems
>>>>>
>>>>> CEO: Alexander Siffrin
>>>>> Registration No.: HR B 18835 - Saarbruecken 
>>>>> V.A.T. ID.: DE211006534
>>>>>
>>>>> Member of the KEYDRIVE GROUP
>>>>> www.keydrive.lu 
>>>>>
>>>>> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> gnso-rds-pdp-wg mailing list
>>>>> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>
>>> -- 
>>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>>>
>>> Mit freundlichen Grüßen,
>>>
>>> Volker A. Greimann
>>> - Rechtsabteilung -
>>>
>>> Key-Systems GmbH
>>> Im Oberen Werk 1
>>> 66386 St. Ingbert
>>> Tel.: +49 (0) 6894 - 9396 901
>>> Fax.: +49 (0) 6894 - 9396 851
>>> Email: vgreimann at key-systems.net
>>>
>>> Web: www.key-systems.net / www.RRPproxy.net
>>> www.domaindiscount24.com / www.BrandShelter.com
>>>
>>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
>>> www.facebook.com/KeySystems
>>> www.twitter.com/key_systems
>>>
>>> Geschäftsführer: Alexander Siffrin
>>> Handelsregister Nr.: HR B 18835 - Saarbruecken 
>>> Umsatzsteuer ID.: DE211006534
>>>
>>> Member of the KEYDRIVE GROUP
>>> www.keydrive.lu 
>>>
>>> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>>>
>>> --------------------------------------------
>>>
>>> Should you have any further questions, please do not hesitate to contact us.
>>>
>>> Best regards,
>>>
>>> Volker A. Greimann
>>> - legal department -
>>>
>>> Key-Systems GmbH
>>> Im Oberen Werk 1
>>> 66386 St. Ingbert
>>> Tel.: +49 (0) 6894 - 9396 901
>>> Fax.: +49 (0) 6894 - 9396 851
>>> Email: vgreimann at key-systems.net
>>>
>>> Web: www.key-systems.net / www.RRPproxy.net
>>> www.domaindiscount24.com / www.BrandShelter.com
>>>
>>> Follow us on Twitter or join our fan community on Facebook and stay updated:
>>> www.facebook.com/KeySystems
>>> www.twitter.com/key_systems
>>>
>>> CEO: Alexander Siffrin
>>> Registration No.: HR B 18835 - Saarbruecken 
>>> V.A.T. ID.: DE211006534
>>>
>>> Member of the KEYDRIVE GROUP
>>> www.keydrive.lu 
>>>
>>> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>>>
>>>
>>>
>
> -- 
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>
> Mit freundlichen Grüßen,
>
> Volker A. Greimann
> - Rechtsabteilung -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.net
> www.domaindiscount24.com / www.BrandShelter.com
>
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
> www.facebook.com/KeySystems
> www.twitter.com/key_systems
>
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken 
> Umsatzsteuer ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu 
>
> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>
> --------------------------------------------
>
> Should you have any further questions, please do not hesitate to contact us.
>
> Best regards,
>
> Volker A. Greimann
> - legal department -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.net
> www.domaindiscount24.com / www.BrandShelter.com
>
> Follow us on Twitter or join our fan community on Facebook and stay updated:
> www.facebook.com/KeySystems
> www.twitter.com/key_systems
>
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken 
> V.A.T. ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu 
>
> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170601/31f0f150/attachment-0001.html>

More information about the gnso-rds-pdp-wg mailing list