1 / 13

Draft Policy 2010-3

Draft Policy 2010-3. Customer Confidentiality. Policy Text.

eileen
Télécharger la présentation

Draft Policy 2010-3

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Draft Policy 2010-3 Customer Confidentiality

  2. Policy Text ISPs may choose to enter the customer's name along with the ISP's address and phone number in reassignments and reallocations in lieu of the customer's address and phone number. The customer's actual information must be provided to ARIN on request and will be held in the strictest confidence.

  3. Rationale Customer contact lists are one of the most proprietary and confidential pieces of information in any business. The requirements for ISPs to publish those lists via SWIP or RWHOIS runs contrary to good business practices and invites competitors and others to solicit both individuals and companies receiving reassignments and sub allocations from upstream providers.

  4. History • Born out of discussion on arin-discuss – May 2008 • 74 Posts from 19 people • 13 agreed a policy was needed or thought it was already in place. • 2 against a policy • 4 unclear • Suggestion was made to create a policy proposal

  5. More History • Policy Proposal 95 introduced on 6/9/2009 • Revised the next day to clarify that only the address and phone number could be substituted, not the name. • 117 Posts by 29 people • 12 For / 5 Against • 5 wanted modifications / 7 Unclear

  6. Some More History • PP 95 shelved for consideration by the AC until after ARIN XXIV. • Abandoned by the AC on 1/15/2010 • Petition Process invoked. • Received 20 posts of support from unique individuals. (10 required) • PP 95 became 2010-3 on 2/2/2010

  7. Current Stats(All done with History) • 26 For / 22 against since petition was started.

  8. Precedence(Oh crap. More History.) • Policy Proposal 2003-3: Residential Customer Privacy • Original rationale was to protect “individual” and “home-based business” users of DSL who were being assigned /29 or shorter prefixes.

  9. Advantages(What the policy does) • Secures a critical ISP business asset. • Eliminates confusion about who is responsible for the network resources being used. • Protects privacy of individuals who could be classified as residential or small business but are not covered under the residential privacy policy since policy has not kept up with services.

  10. Advantages Part 2 • Eliminates the cop-out for ISPs who point to a customer that’s not reported. • Brings SWIP and RWHOIS reporting more in line with many ISP privacy policies and consumer protection laws

  11. Misconceptions(What the policy doesn’t do) • Obscures all customer information • Obscures all Whois information • Makes it harder for law enforcement to tract criminals. • Will allow ISPs to hide the “bad guys”

  12. Suggestions • Add “at customer’s request” • Distinguish between “end users” and “resellers” • Obscure name all – policy doesn’t go far enough • Do away with Whois all together • Do away with “strictest confidence” language.

  13. Fin Questions?

More Related