John
is currently on leave. His email is being monitored but if this is an urgent
issue, please contact Ron Gadeberg at r...@okpud.org
or the Broadband Dept. at network-t...@okpud.org.
From:
arin-ppml@arin.net
Sent: 2/5/2024 4:21:40 PM +00:00
To: jo...@okpud.org
Subject: [Fwd: JohnM]Re: [arin-ppml] Draft Policy ARIN-2024-1: Definition of Organization ID/Org ID
Suggest adding legal person as an additional term to the proposed language rather than replacing it.
Owen
On Feb 4, 2024, at 11:22, Tyler O'Meara via ARIN-PPML <arin-ppml@arin.net> wrote:
That's an interesting point Roman, but I think that ship may have
already sailed.
If a privacy law covers the registrant of an Org ID, presumably it also
covers POC records as well, which are also published in WHOIS. Do we
need to prohibit POC records from being natural persons as well
(genuine question)?
Given we also have at least 1 known case of a natural person(s)
registering as an Org ID, ARIN would also either need to revoke any
existing resources granted to natural persons, force them to transfer
to a juridical person, or deal with the privacy/legal implications
anyways.
Finally, as you alluded to, RIPE does permit natural persons to receive
resources despite having more jurisdictions under their purview, in
addition to the GDPR to contend with.
I think this is probably something where ARIN legal would need to chime
in, but in the absence of a compelling legal reason why supporting
natural persons is prohibitively difficult, I believe that ARIN should
support the registration of resources to natural persons.
TylerOn Sun, 2024-02-04 at 09:46 -0800, Roman Tatarnikov wrote:
Oh, that's a fun case. On one side restricting everything to
incorporated entities feels like creating barriers, but on the other
side there are Privacy Laws.
Great example would be getting consent about sharing the information
of a particular person, and tracking what is shared and where,
ensuring that no PII was leaked out. While Europe has GDPR, in the
US, as far as I remember, there were only six states with privacy
laws. And a quick search shows that there has been a lot of new
developments:
https://www.dataguidance.com/comparisons/usa-privacy-laws And that's
just the US, where no federal law is in sight to address this. Canada
has PIPEDA, and the region that ARIN covers is much larger than just
those two.
So if we're going to allow individuals to be listed under Org ID,
we'd need to ensure that RIR is tracking how it is used, where, and
taking measures to comply with all those emerging and quickly
changing privacy laws. It's going to be such a nightmare that I doubt
it's worth the hustle. Keeping Org ID defined as it is in the
proposal should avoid those issues. I believe very few individuals
hold resources, and registering as a Sole-Proprietorship or DBA
should be an easy work around. I am unaware of how RIPE is addressing
this, but it might be one of those topics to ask them about.
I support the proposal as written.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List (ARIN-PPML@arin.net).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact i...@arin.net if you experience any issues.
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List (ARIN-PPML@arin.net).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact i...@arin.net if you experience any issues.
_______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (ARIN-PPML@arin.net). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact i...@arin.net if you experience any issues.
