[gnso-rds-pdp-wg] Who is in charge? (was Re: Why the thin data is necessary)]

allison nixon elsakoo at gmail.com
Thu Jun 8 15:14:03 UTC 2017 

>>I am asking for a system where companies / persons accept conditions and
threat data in a safe way and are responsible in there actions in how to
store and delete data when no longer used
>>I really don’t see that as big ask but for some it looks like it’s the
end of the world

So you know, interest in WHOIS data from namespace that is not abuse-ridden
and not actively attacking oneself is lower, and depending on the querier
they may never attempt to collect it in the first place.

But if you think that someone is going to delete the WHOIS data associated
with domains that are actively attacking them, that is a very misguided
belief.

If all providers can clean up their customer base, few would fight them if
they wanted to go full on anonymity for everything. but they don't and here
we are.




On Thu, Jun 8, 2017 at 10:07 AM, benny at nordreg.se <benny at nordreg.se> wrote:

>
>
> > On 8 Jun 2017, at 14:50, allison nixon <elsakoo at gmail.com> wrote:
> >
> > Industry trust groups share far more sensitive data and have a far
> better vetting process than any "accreditation scheme" that would ever be
> run by icann. It's also run by people that care about more than simply
> maximizing profits and minimizing costs. Its impossible to create that via
> legislation alone and especially impossible to create it within the same
> ICANN who still accredits Alpnames even to this day.
>
> Well no system are error free
>
> >
> > While the denials come fast and furious, it is worth noting the logical
> inconsistancies that have cropped up.
> >
> > -registrars complain about spam, but they so far haven't named a single
> criminal gang that spams. But they harp over and over about domaintools,
> who do not contribute to spam.
>
> Now you are mixing two different issues
> But one of the problems with Domaintools and similar services are the
> storage of old data, in most privacy laws people either as a private person
> or as a person connected to a company have the right to be forgotten when
> there data are no longer connected to the object and with the system as of
> today registrants are not aware of such archived data…
>
> > -there are also the ridiculous arguments that the creation dates etc in
> whois can possibly be abused, no evidence is provided.
>
> Not my word...
>
> > -there are also the "legal" arguments where people are saying making any
> data public is illegal now, but if this is true, can we look forward to a
> total social media shutdown too? No one can reconcile that simple logical
> inconsistency.
>
> Well again here we talk different things, getting consent for publishing
> them in whois are a part of an contractual obligation, but it’s not consent
> to have the data spread to unknown actors and used in the way it is today,
> that is one of many reasons we are doing RDS work
>
> > -apparently those meetings with the much-adored privacy commisioner did
> not include any voices from those who worked in security.
> Anyone who wanted could attend but didn’t bother to show up or be an the
> call
>
> > -we also have registrars attempting to "mansplain" spam and abuse to
> people who work IN antispam and antiabuse
> > -we have people complain about lack of privacy in whois when it's
> already been proven that private people have many options to choose from
>
> Well ccTLD’s have already fixed that in many ways
>
> > So these logical inconsistencies raise serious questions. Personally, i
> am not so quick to accuse people of criminal motivations. After all, i did
> check the numbers to see if any of the registrars participating here have a
> disproportionate number of abusive customers. Thanks to the existence of
> public whois, i did not observe anything indicating that.
>
> Well we are serious in our work despite the constant slamming on
> registrars as a group being evil and only looking for money
>
> >
> > Still, the logical inconsistencies raise many questions. Personally, my
> theory is that the registrars dont want to spend money on running whois
> servers. And they are bitter that aggregators make money from it when they
> don't. That type of argument is logically consistent and is something i can
> actually work with.
>
> Mmm of course the whois service are very expensive so thats why we want to
> close them.. I point to what I already said about the right to be forgotten
> and the problems with not having a contracted part who you can go to or
> point at.
>
> >
> > If that's the real motivation, we could drop the privacy charade and
> talk brass tacks here. A good number of people in this group work at
> companies that pay good money for good access to whois in bulk- not private
> data, just unfettered bulk access with none of the proxy server games.
> >
> > I know youall are here to represent your company's interests, and this
> is a serious fact worth considering. I know that some similar monetization
> schemes already, and if you dont see the opportunity then your registrar is
> probably missing out. The registrars that do this not only make extra
> money, but the data is used to do anti-abuse work for them for free so they
> can keep their customer base clean without hiring anyone extra.
> >
>
> If I was here for only the interest of who I work for I would not spend
> time arguing about a better system that benefits all
>
> > Also, within the context of commercial contracts, you gain actual
> leverage and the ability to do due-dilligence on who you are dealing with.
> Which is basically what you were asking for benny.
>
> I am asking for a system where companies / persons accept conditions and
> threat data in a safe way and are responsible in there actions in how to
> store and delete data when no longer used
> I really don’t see that as big ask but for some it looks like it’s the end
> of the world
>
> >
> >
> >
> >
> >
> >
> >
> > On Jun 8, 2017 4:56 AM, "Stephanie Perrin" <stephanie.perrin at mail.
> utoronto.ca> wrote:
> > Calling me naive, ill informed etc.  does not actually answer the
> question folks.  It is, I am afraid, a valid question.  What criteria does
> an organization like APWG apply, when it admits members and shares data
> with them?  How do you ensure you are not sharing data with organizations
> who are going to misuse it?  that data of course is much more that what we
> are talking about with thin data, but I did actually work on this issue on
> successive versions of the anti-spam legislation.  Oddly enough, government
> lawyers examining the issue (mostly from the competition bureau who deal
> with criminal matters) never labelled me "naive".
> >
> > Folks, can we please try to be polite to one another on this list?  When
> I have questions like this, I often check with experts before I ask.  They
> don't call me naive, they answer my questions.
> >
> > Thanks again.
> >
> > Stephanie
> >
> > On 2017-06-08 01:54, Neil Schwartzman wrote:
> >> My experience differs slightly. They aren’t ignored. The presence of
> these .TLDs is a strong indicator of abuse which bears further
> investigation.
> >>
> >> To the point at hand: I believe the notion of certifying private
> cybercrime investigators to be painfully naive (do I ignore reports from
> someone without a Internet Investigator License? Do we disallow them access
> to data?), impractical in the developed world, and deeply chauvinistic,
> patronizing and exclusionary to our colleagues in emerging nations where
> capacity building is exactly what’s needed to deal with next-gen abuse.
> >>
> >>
> >>> On Jun 8, 2017, at 2:36 AM, allison nixon <elsakoo at gmail.com> wrote:
> >>>
> >>> We're getting there. Entire top level domains are already ignored on
> many networks like .science, .xyz, .pw, .top, .club, et cetera
> >>
> >>
> >>
> >> ______________________________
> >> _________________
> >> gnso-rds-pdp-wg mailing list
> >>
> >> gnso-rds-pdp-wg at icann.org
> >> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> >
> >
> > _______________________________________________
> > gnso-rds-pdp-wg mailing list
> > gnso-rds-pdp-wg at icann.org
> > https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> >
> > _______________________________________________
> > gnso-rds-pdp-wg mailing list
> > gnso-rds-pdp-wg at icann.org
> > https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
>


-- 
_________________________________
Note to self: Pillage BEFORE burning.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170608/b7d10f93/attachment.html>

More information about the gnso-rds-pdp-wg mailing list