Privacy of Customer Assignment Records

Slides:



Advertisements
Similar presentations
1 First NIR Meeting Current NIR Address Request Process Overview and Proposal March 1st, Korea, Seoul.
Advertisements

From recent discussions in MAEMURA Akinori JPNIC IP Committee / FTLD Address Policy SIG at 13 th APNIC Open.
1 MyAPNIC Project update Database SIG APNIC 23, Bali 28 February 2007.
Operational Policies for NIRs in the APNIC Region NIR Meeting APNIC14, Kitakyushu, Japan 4 Sept 2002.
Protecting Resource Records in APNIC Whois Database Database SIG APNIC-16, Seoul August 2003 Sanjaya
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Open Address Policy Meeting Address Policy SIG October 26th, Brisbane.
HD Ratio for IPv4 APNIC16 - Address Policy SIG Seoul, Korea 20 August 2003.
Whois Database Clean Up Project Report Database SIG APNIC 16, Seoul, Korea 20 August 2003.
1 prop-018-v001 Protecting historical records in the APNIC Whois Database Project Update DB SIG APNIC18 2 September 2004 Nadi, Fiji Sanjaya, Project Manager,
1 Internet Resource Policy - Why should I care? Nurani Nimpuno, APNIC 3 February 2005 NZNOG 2005.
IPv6 Addressing – Status and Policy Report Paul Wilson Director General, APNIC.
Final Stages of IPv4 Distribution Guangliang Pan Resource Services Manager, APNIC.
Policy Documentation Adam Gosling APNIC 38 Policy SIG Meeting 18 September 2014.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Database SIG APNIC Database Privacy Issues 1 March 2001 APRICOT, Malaysia Fabrina.
Network Abuse Handling in CNNIC and JPNIC Terence Zhang, CNNIC Izumi Okutani, JPNIC.
APNIC Status Report RIPE September, 2003 Amsterdam.
Policy Proposal 109 Standardize IP Reassignment Registration Requirements ARIN XXV 18 April, 2010 – Toronto, Ontario Chris Grundemann.
Desired IRR Operational Model ~IRR/Whois Interaction~ Kuniaki Kondo (JPNIC IRR Workshop/IIJ) Ikuo Nakagawa (Intec) Takashi Arano (Asia Global Crossing)
APNIC Policy Update 1 st TWNIC IP Open Policy Meeting 3 December, 2003 Taipei, Taiwan.
APNIC Update ARIN XXVI 8 October 2010 Geoff Huston Chief Scientist, APNIC.
1 APNIC Open Address Policy Meeting Special Interest Group Session March 2nd, Korea, Seoul.
Standardize IP Reassignment Registration Requirements Draft Policy
18th APNIC Open Policy Meeting SIG: DB Thursday 2 September 2004 Nadi, Fiji Chair: Xing Li.
Consultation on Policy Documentation Adam Gosling APNIC 40 Policy SIG 10 September 2015.
Prop-007-v001 Privacy of customer assignment records Project Update DB SIG APNIC 18 1 September 2004 Nadi, Fiji Sanjaya, Project Manager, APNIC Secretariat.
Network Abuse Update Frank Salanitri Project & Systems Services Manager, APNIC.
What is WHOIS?. 2  Internet Protocol you can use to search registry and registrar databases and discover who registered a domain name or IP address 
Separate Assignment Policies for End-Users and ISPs Izumi Okutani Japan Network Information Center.
1 IP Address Space Transfer between Existing Taiwan LIRs Dr. Ching-Heng Ku, TWNIC Policy SIG, APNIC 20, Hanoi, Vietnam September 8, 2005.
APNIC Security Update APSIRCC 2002 Tokyo, 25 March 2002.
IP Addressing and ICT Development in the Pacific Islands Anne Lord and Save Vocea, APNIC ICT Workshop, Fiji, November, 2002.
Policies for ASN Management in the Asia Pacific Region – Revised Draft Address Policy SIG APNIC14, Kitakyushu, Japan 4 Sept 2002.
Update of WHOIS Data Privacy in JP Izumi Okutani Japan Network Information Center (JPNIC) DB SIG APNIC Indonesia.
1 Application of the HD ratio to IPv4 [prop-020-v001] Policy SIG 1 Sept 2004 APNIC18, Nadi, Fiji.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Open Address Policy Meeting DSL/Cable Modem procedures/practices March 1st,
ARIN-prop-180 ISP Private Reassignment Yi Chu Sprint ARIN XXX, Dallas October 25, 2012.
A week in the life of (IRT address) Frank Salanitri Project & Systems Services Manager, APNIC.
APNIC abuse procedures Network abuse BOF. Types of abuse reported Spam Hacking Viruses Identity/credit card fraud Threats and stalking.
Issues for Voting. Voting Procedure Revision of Confederation Fees Confederation fees based on number of members has proven difficult to implement Proposal:
Prop-007-v001 Privacy of customer assignment records Project Update DB SIG APNIC February 2005 Kyoto, Japan Sanjaya, Project Manager, APNIC Secretariat.
JPNIC UPDATE ~ Personal Data Protection in JPNIC WHOIS ~ Toshiyuki Hosaka Japan Network Information Center (JPNIC) September 7 th, 2005 NIR SIG APNIC
A proposal for changing IPv6 per address fee Izumi Okutani Japan Network Information Center NIR 18, Fiji 31 August – 3 September, 2004.
Policy SIG Report APNIC AGM Friday 29 August 2008 Christchurch, New Zealand 1.
1 HD Ratio for IPv4 RIPE 48 May 2004 Amsterdam. 2 Current status APNIC Informational presentation at APNIC 16 Well supported, pending presentation at.
1 [prop-037] Proposal to deprecate updates for APNIC registry and whois data Policy SIG 7 Sep 2006 APNIC 22, Kaohsiung, Taiwan Terry Manderson.
Whois & Data Accuracy Across the RIRs. Terms ISP – An Internet Service Provider is allocated address space by an RIR for the purpose of providing connectivity.
I-NAMES Corporation Database Privacy Policy Database Policy SIG, APNIC Meeting at Taipei, Taiwan Lee, Seung-Min.
1 Welcome to the Policy SIG 6 Sep 2006 APNIC 22, Kaohsiung, Taiwan.
Whois Update Guangliang Pan. Overview Differences between APNIC and RIPE Whois Databases Change mnt-by from member’s maintainer to APNIC-HM for aut-num.
Whois Data Privacy Issues in Japan
IPv6 Documentation Address Policy
IPv6 Address Allocation APNIC
/48 assignment status report
A Proposal for IPv4 Essential Infrastructure
APNIC 29 Policy SIG report
Downstream Allocations by LIRs A Proposal
Sanjaya, Project Manager, APNIC Secretariat
APNIC 14 DB SIG Report Xing Li
News from APNIC ARIN XXII 16 October 2008.
A week in the life of (IRT address)
A Proposal to Protect Historical Records in APNIC Whois Database
Policy Development Process
Recovery of Unused Address Space prop-017-v001
Overview of policy proposals
Supporting Historical Resource Transfers
Status Report on Policy Implementation at the APNIC Secretariat
Status Report on Policy Implementation at the APNIC Secretariat
Database SIG APNIC19 24 February 2005, Kyoto, Japan
Whois Database Upgrade
IPv6 Policy Update ~ APNIC community ~
Presentation transcript:

Privacy of Customer Assignment Records APNIC16 - Address Policy SIG Seoul, Korea 20 August 2003

Background Registration is a core goal of address space management to record custodianship of a public resource for verification of utilisation for security and network diagnosis All usage is (theoretically) registered Secretariat registers allocations & assignments made to members Members register sub-allocations & assignments made to customers

Problem Summary Privacy issues APNIC legal risk Long-term member/customer concerns about publication of customer information Increasing Government concern for privacy APNIC legal risk Legal responsibility for accuracy and advice Damages caused by maintaining inaccurate personal data Customer data is poorly maintained APNIC has no direct control over accuracy Expensive for member to maintain

Proposal Remove requirement for public registration of assignments by members/ISPs Public registration can still be optional Provide “hidden” attribute for whois objects Assignment registration is still mandatory Required for calculation of utilisation Easier management through MyAPNIC APNIC allocations continue to be registered Reaffirm member responsibility for address space usage (security, hacking, spamming…)

Proposal New “hidden” attribute Available for ‘inetnum’, ‘inet6num’ and ‘autnum’ hidden: YES indicates private data, which will not be revealed by whois queries hidden: NO indicates public data Default (missing attribute) indicates private data

Impact Registration goal Resource administration APNIC “customer” will always be publicly registered as custodian of address space Must be responsible for response to queries LIR/ISP customer records may not be available Often incorrect anyway (especially in abuse cases) ISP may choose to register customers Resource administration Little or no impact on members as customers still need to be registered

Implementation Modification of database Modification of MyAPNIC To support the “hidden” attribute Modification of MyAPNIC To support maintenance of private data Modification to APNIC documentation Policies and procedures Implementation timeline 3 months from approval of policy

Questions? Feedback?