[120137] in North American Network Operators' Group
Re: Arrogant RBL list maintainers
daemon@ATHENA.MIT.EDU (Joe Greco)
Thu Dec 10 12:06:53 2009
From: Joe Greco <jgreco@ns.sol.net>
To: sven@cyberbunker.com (Sven Olaf Kamphuis)
Date: Thu, 10 Dec 2009 11:05:36 -0600 (CST)
In-Reply-To: <Pine.LNX.4.58.0912101617350.9562@scott.cb3rob.net> from "Sven
Olaf Kamphuis" at Dec 10, 2009 04:46:50 PM
Cc: nanog@nanog.org, dcrocker@bbiw.net
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> RBLs are neither authorised (EU privacy laws anyone?), nor the appointed
> authority to keep databases on "whats static or not". RIRs -are-, if
> anyone should maintain a database on such things, i'd be the rirs
> (which they have, it's called "whois", it just lacks a field that
> indicates the type of assignment method used.
Please don't be ridiculous. Of course DNSBL's are authorized to do this.
There is no compulsory use; if I choose to USE a DNSBL, I am electing to
allow them to assist me in making decisions about who I receive mail from.
If you receive a request for information about your address space from a
DNSBL operator, there is no compulsory requirement for you to respond.
If you choose to provide it, you authorize the DNSBL to share that
information. If you do not, the DNSBL may take whatever action it
considers appropriate.
Do you believe that some further "authorization" is required? If so,
please explain... because there are businesses whose business models
revolve around providing much more detailed information about IP address
usage.
Your next obvious reply will probably be that some EU privacy law
somehow considers this to be "personally identifiable information" of
some sort; however, that is simply ridiculous. One bit of information
about whether the address is a dynamic or static allocation is not PII,
it's a bit of information that describes the network operator's intended
use of the address. The only way it could be construed as PII is to
note that it might be an address assigned to a person. However, you can
assign both static and dynamic addresses to a person. Since the person
in question could be anyone, interchangeably, it is obviously not PII.
... JG
--
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.