Hi Ronald, > On the one hand, you say that all these entities (both people and > businesses) have consented to have RIPE NCC store and distribute > their contact data. On the other hand you say that RIPE NCC has > no knowledge of the terms and conditions of the contracts they have > signed. Given that RIPE NCC is bound by European privacy laws, > wouldn't it be fair to say that RIPE NCC is 100% confident of the > content of at least one part of the contracts that all of these > entities have individually signed, i.e. the part in which they > consent to have RIPE NCC store and distribute their data?
The contract between the end user and the LIR must comply with https://www.ripe.net/publications/docs/ripe-637. At the minimum, all contracts must include: - Notice that the LIR is responsible for liaising with the resource holder to keep registration records up-to-date - Notice that the resource holder is obliged to provide up-to-date registration data to the LIR and that some or all of this registration data will be published in the RIPE WHOIS Database - Notice that none of the provider independent resources may be sub-assigned to a third party - Notice that the resource holder is obliged to pay an annual fee to the LIR for the resources - A clear statement that the resources will return by default to the RIPE NCC if - The resource holder cannot be contacted - The annual fee to the LIR is not paid - A clear statement that the use of resources is subject to RIPE policies as published on the RIPE web site and which may be amended from time to time But the RIPE NCC isn't an official party in that contract. The contract is between end user and LIR. Cheers, Sander
