Hello Anupam, Can I bring your attention please to the problem statement of the policy proposal?
> "In the past three years organisations including the Number Resource Society > (Casablanca, Morocco), Unique IP Solutions (Faisalabad, Pakistan), Aileron IT > (Wisconsin, USA), and EarnheardData (details suppressed) have contacted my > organisation via details published exclusively in APNIC whois. None of these > contacts have been to do with a legitimate networking issue." I've discussed the issue at length with members of my local operator community and my network is by no means the only one affected by this issue. You might not see evidence of the issue here on the policy-sig list, but that's because this list is a self-selecting multistakeholder body of extremely limited size, and is not at all representative of the region's operators. Regards, Jon On Fri, Jan 24, 2025, at 07:00, Anupam Agrawal wrote: > Except one additional email, there appears to be nothing to suggest mass > violation of who is database. > > Regards > Anupam Agrawal. > > On Thu, 23 Jan, 2025, 17:28 Christopher Hawker, <[email protected]> wrote: >> This is the exact reason why Whois Privacy is needed... An identical email >> at the same time was sent to an alternate email address >> [email protected], which is not used anywhere else except for contact >> with APNIC. >> >> >> >> Regards, >> Christopher Hawker >> >> >> *From:* Amrita Choudhury <[email protected]> >> *Sent:* Wednesday, January 22, 2025 12:35 PM >> *To:* Christopher Hawker <[email protected]> >> *Cc:* [email protected] <[email protected]> >> *Subject:* Re: [sig-policy] Re: prop-162-v001: WHOIS Privacy >> >> Dear Christopher, >> >> Apologies that initial reading made me think that the proposal is to remove >> WhoiS information. >> >> However, even if we consider it is for the bulk data, with the data provided >> by Vivek of 400 entities signing the agreement with APNIC to have access to >> this data so far and one known case of abuse (which was then acted upon), >> the issue does not seem so grave that it needs to be considered for a >> policy change, at least for now. >> >> Regards >> >> Amrita >> >> On Wed, Jan 22, 2025 at 3:30 AM Christopher Hawker <[email protected]> >> wrote: >>> Good morning Amrita, >>> >>> I am yet to hear of one organisation, that accepts support requests through >>> Abuse, IRT or Network Operations contacts listed in the Whois database. If >>> the organisation is large enough they will have separate support teams for >>> customers and network operations engineers who perform two different >>> functions in a business and where they are small enough that the same team >>> runs both areas, they may have the same contact information for both >>> purposes (support and NOC). >>> >>> What would be a use case for a law enforcement organisation to retrieve >>> contact information for network operators in bulk? If it's in relation to a >>> technical matter they'd be able to retrieve contact information from either >>> the Whois website or by accessing the Whois server directly on port 43. >>> >>> I can not think of a reason why an organisation would need to download >>> contact information in bulk, so if you are privy to anything which I am >>> not, please do share. >>> >>> >>> Regards, >>> Christopher Hawker >>> >>> _______________________________________________ >>> SIG-policy - https://mailman.apnic.net/[email protected]/ >>> To unsubscribe send an email to [email protected] >> _______________________________________________ >> SIG-policy - https://mailman.apnic.net/[email protected]/ >> To unsubscribe send an email to [email protected] > _______________________________________________ > SIG-policy - https://mailman.apnic.net/[email protected]/ > To unsubscribe send an email to [email protected] https://jon.brewer.nz/
_______________________________________________ SIG-policy - https://mailman.apnic.net/[email protected]/ To unsubscribe send an email to [email protected]
