Yes, well worded and I agree with David's points.
If there are tools, mechanisms and also sanctions to be applied in a
process that can be escalated those should be tried before taking more
harsh changes due to a number of cases that may not justify it. I
normally don't have problem and find it health to use the options
available in a escalated manner before going to harder solutions.
Can we have some data about those who have received repeated marketing
or sales material and which could be linked to the usage of Bulk Whois
data or about cases that have been reported to APNIC and didn't progress
as expected in regards to what is expected ?
Regards
Fernando
On 13/01/2025 14:38, David Farmer wrote:
I share Fernando's concerns in general.
However, I strongly object to the complete removal of postal contact
information from Bulk Whois. This would significantly degrade the
usefulness of this information for Internet Research purposes, one of
the explicitly permitted uses of Bulk Whois. Withholding the street
name and number could be reasonable for privacy protection; however,
most postal contact information should remain in Bulk Whois for
statistical correlation, including the city, state, province, county,
and postal codes.
Furthermore, if you suspect abuse of Whois or Bulk Whois, this should
be reported to APNIC;
APNIC's website states, "Any use of this material to target
advertising or similar activities is explicitly forbidden and will be
prosecuted. APNIC requests to be notified of any such activities or
suspicions thereof."
If people violate APNIC policy, the first step is to report this to
APNIC and ask APNIC to enforce its policies. Eliminating data from
Whois or Bulk Whois is not the place to start. Now, if you are saying
you have repeatedly reported such violations to APNIC, this policy
change may be appropriate, but I don't see anything in the proposal
that says any of the violations have been reported to APNIC.
Thanks.
On Mon, Jan 13, 2025 at 10:45 AM Fernando Frediani
<[email protected]> wrote:
Hi
Although I do understand the motivations to this proposal, I
normally don't like much this feel that may look obvious to many
to remove as much as contact data in order to not be bothered with
marketing and sales content due to the concern that make things
more difficult for legitimate need to get in touch for
troubleshooting and legal demands. If you are operating an
Autonomous System and have responsibilities over it you must be
able to be easily contacted in order to deal with the legitimate
demands you commited when you became one, and for that there will
be some burden which if reasonable should be accepted.
I understand the proposal suggests removing it from the bulk
access, but it has not been clear how it will work and how easy it
will be for those with legitimate need to get these contact
details, if it will be with not human interaction or if someone
will need to fill a form and justify, etc ?
Thanks
Fernando
On 13/01/2025 01:02, Bertrand Cherrier via SIG-policy wrote:
Dear SIG members,
A new proposal "prop-162-v001: WHOIS Privacy" has been sent to
the Policy SIG for review.
It will be presented at the Open Policy Meeting (OPM) at APNIC 59
on Wednesday, 26 February 2025.
https://conference.apnic.net/59/programme/programme/index.html#/day/8/
We invite you to review and comment on the proposal on the
mailing list before the OPM.
The comment period on the mailing list before the OPM is an
important part of the Policy Development Process (PDP). We
encourage you to express your views on the proposal:
- Do you support or oppose this proposal?
- Does this proposal solve a problem you are experiencing? If so,
tell the community about your situation.
- Do you see any disadvantages in this proposal?
- Is there anything in the proposal that is not clear?
- What changes could be made to this proposal to make it more
effective?
Information about this proposal is appended below as well as
available at:
http://www.apnic.net/policy/proposals/prop-162
Regards,
Bertrand, Shaila, and Ching-Heng
APNIC Policy SIG Chairs
-----------------------------------------------------------------------------------
prop-162-v001: WHOIS Privacy
-----------------------------------------------------------------------------------
Proposer:
Jonathan Brewer ([email protected])
1. Problem statement
-------------------------
Through permitted bulk access to APNIC whois, several
organisations including Hurricane Electric and RecordedFuture
republish physical addresses, email addresses, and telephone
numbers of APNIC members.
These details are freely available on the web and available for
mass harvesting through the use of screen scraping technology. It
is apparent that some third parties have used this data in a
manner contrary to the APNIC whois data acceptable use agreement.
In the past three years organisations including the Number
Resource Society (Casablanca, Morocco), Unique IP Solutions
(Faisalabad, Pakistan), Aileron IT (Wisconsin, USA), and
EarnheardData (details suppressed) have contacted my organisation
via details published exclusively in APNIC whois. None of these
contacts have been to do with a legitimate networking issue.
2. Objective of policy change
----------------------------------
This policy will eliminate the unnecessary publication of APNIC
member organisation contact details. People with a legitimate
need for these contact details can use a service directly
provided by APNIC to obtain them.
3. Situation in other regions
--------------------------------
Unknown
4. Proposed policy solution
--------------------------------
APNIC should remove all email addresses, telephone numbers, and
physical addresses from any bulk WHOIS data, and should cause any
existing re-publishers of APNIC WHOIS data to remove this
information from the Internet as a condition for continued access
to data.
5. Advantages / Disadvantages
------------------------------------
Advantages:
This should reduce future marketing calls to the NOC phone and
marketing emails to the noc email address.
Disadvantages:
None. The information will still be available via
APNIC-controlled WHOIS services which presumably are protected
against illegitimate data harvesting.
6. Impact on resource holders
-----------------------------------
No impact on resource holders.
7. References
----------------
_______________________________________________
SIG-policy -https://mailman.apnic.net/[email protected]/
To unsubscribe send an email [email protected]
_______________________________________________
SIG-policy - https://mailman.apnic.net/[email protected]/
To unsubscribe send an email to [email protected]
--
===============================================
David Farmer Email:[email protected] <mailto:email%[email protected]>
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE Phone: 612-626-0815
Minneapolis, MN 55414-3029 Cell: 612-812-9952
===============================================
_______________________________________________
SIG-policy - https://mailman.apnic.net/[email protected]/
To unsubscribe send an email to [email protected]
