Presentation is loading. Please wait.

Presentation is loading. Please wait.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Database SIG APNIC Database Privacy Issues 1 March 2001 APRICOT, Malaysia Fabrina.

Published byMervin Jackson Modified over 9 years ago

Similar presentations

Presentation on theme: "A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Database SIG APNIC Database Privacy Issues 1 March 2001 APRICOT, Malaysia Fabrina."— Presentation transcript:

1 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Database SIG APNIC Database Privacy Issues 1 March 2001 APRICOT, Malaysia Fabrina Hossain

2 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Background  JPNIC raised privacy concerns in Brisbane DB SIG  Many residential users connecting to internet through cable and ADSL services  Such assignments need to be registered in a public whois database  Thus information of private residents being disclosed  Address, phone, fax etc

3 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Background  Current JPNIC registration policy  Details collected and registered in database by ISP for all residential user assignment blocks  Postal addresses, ph and fax numbers of admin contacts are not disclosed  Proposal for APNIC to adopt similar policy

4 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Contact Persons  Technical contact (tech-c)  Responsible for technical operation of network  Should be reachable by any means in case of emergency, security incidents etc  Administrative contact (admin-c)  Responsible for financial, legal and content matters (etc)

5 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Current Practice  Home LAN/SOHO end user assignment  If assignment to end user is more than /30  Update APNIC database inetnum object  Outlining user details in netname: and descr: fields  Include admin-c as end user contact if possible  Onsite admin-c not mandatory, but recommended  Tech-c can be ISP contact  ISP should inform customer of whois registration  /30 assignment considered infrastructure

6 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Current Practice  Static assignment  For verification purposes only  If LIR assigns single static IP addresses to residential users  Must update inetnum in database for each end user assignment  Admin-c and tech-c can be ISP contacts Or  When submitting address request APNIC will request sample customer list with IP addresses

7 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Other RIR Policies  ARIN  ISP contacts permitted in Point Of Contacts field (“Coordinator”)  Residential end users assumed to be contactable via ISP  IP assignment object records netname of end user, town and state of residence  Records “private residence” in street address field

8 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Other RIR Policies

9 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Other RIR Policy  RIPE NCC  Similar to APNIC policy  Update RIPE database  Onsite admin-c not mandatory, but recommended  Tech-c can be ISP contact  Had recent discussions in db-wg mailing list  Http://www.ripe.net/ripe/mail-archives/db-wg/20001001- 20010101/threads.html

10 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Implications  Possible concerns for ISP  ISP willing to be responsible for customer’s network?  Implications of being an admin contact  Principle not different to dial-up users

11 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Privacy Laws – Overview (1)  International law  UN and OECD have defined a set of privacy principles to guide national lawmakers  Most privacy laws require that personal information is:  Obtained fairly and lawfully  Used only for the original specified purpose  Adequate, relevant and not excessive to purpose  Accurate and up to date  Destroyed after its purpose is completed.

12 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Privacy Laws – Overview (2)  APNIC position  Australian laws to come into effect at end of 2001  Federal privacy law applies a “light-touch” legislative framework  Encourages business self-regulation  Businesses/industries may develop their own privacy codes  Codes must be at least as strong as the 10 National Privacy Principles (based on OECD principles)

13 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Privacy Principles – Key Points  Collection  collect only what is necessary  ensure person is advised how the data is to be used  Disclosure  only disclose data in ways consistent with reasonable expectation  Security  data must be securely protected  Onward transfers  Must take reasonable steps to ensure that information is only transferred to those who will act in accordance with same general principles

14 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Privacy Practices  Practices should remain consistent with general principles  A cautious approach to personal information in international law:  Only collect what data is necessary  Make full disclosure of how data is to be used  Limit the use of, and access to, the data to what is necessary  Protect the data

15 A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Questions?

Download ppt "A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Database SIG APNIC Database Privacy Issues 1 March 2001 APRICOT, Malaysia Fabrina."

Similar presentations

21th APNIC Open Policy Meeting SIG: DB Friday, 3 March 2006 Perth, Australia Chair: Xing Li.

21th APNIC Open Policy Meeting SIG: DB Friday, 3 March 2006 Perth, Australia Chair: Xing Li.
Major Activities in JPNIC Since APNIC17 Izumi Okutani Japan Network Information Center NIR 18, Fiji 31 August – 3 September, 2004.

Major Activities in JPNIC Since APNIC17 Izumi Okutani Japan Network Information Center NIR 18, Fiji 31 August – 3 September, 2004.
Administrative Systems and the Law What you need to know to produce an oral presentation for Unit 7 When the presentations will take place Resources you.

Administrative Systems and the Law What you need to know to produce an oral presentation for Unit 7 When the presentations will take place Resources you.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Open Address Policy Meeting Address Policy SIG October 26th, Brisbane.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Open Address Policy Meeting Address Policy SIG October 26th, Brisbane.
Handling Internet Network Abuse Reports at APNIC 21 October 2010 LAP-CNSA Workshop, Melbourne George Kuo.

Handling Internet Network Abuse Reports at APNIC 21 October 2010 LAP-CNSA Workshop, Melbourne George Kuo.
IPv6 Addressing – Status and Policy Report Paul Wilson Director General, APNIC.

IPv6 Addressing – Status and Policy Report Paul Wilson Director General, APNIC.
Customer Confidentiality Draft Policy 2010-3. Origin (Proposal 95)9 June 2009 Draft Policy (successfully petitioned) 2 February 2010 Aaron Wendel has.

Customer Confidentiality Draft Policy Origin (Proposal 95)9 June 2009 Draft Policy (successfully petitioned) 2 February 2010 Aaron Wendel has.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Attorney at the Bars of Paris and Brussels Database exploitation & Data protection Thibault Verbiest Amsterdam 1 April 2005

Attorney at the Bars of Paris and Brussels Database exploitation & Data protection Thibault Verbiest Amsterdam 1 April 2005
Lawyer at the Brussels Bar Lecturer at the University of Strasbourg Assistant at the University of Brussels Data Protection & Electronic Communications.

Lawyer at the Brussels Bar Lecturer at the University of Strasbourg Assistant at the University of Brussels Data Protection & Electronic Communications.
Proposal of “Time-Limited” IPv4 Address Allocation Policy Project leader : Jun Murai Project officiers: –Hiroshi Esaki –Akira Kato –Osamu Nakamura –Masaki.

Proposal of “Time-Limited” IPv4 Address Allocation Policy Project leader : Jun Murai Project officiers: –Hiroshi Esaki –Akira Kato –Osamu Nakamura –Masaki.
Network Abuse Handling in CNNIC and JPNIC Terence Zhang, CNNIC Izumi Okutani, JPNIC.

Network Abuse Handling in CNNIC and JPNIC Terence Zhang, CNNIC Izumi Okutani, JPNIC.
Policy Proposal 109 Standardize IP Reassignment Registration Requirements ARIN XXV 18 April, 2010 – Toronto, Ontario Chris Grundemann.

Policy Proposal 109 Standardize IP Reassignment Registration Requirements ARIN XXV 18 April, 2010 – Toronto, Ontario Chris Grundemann.
Prepared by The Regional Internet Registries [APNIC, ARIN, LACNIC and RIPE NCC]

Prepared by The Regional Internet Registries [APNIC, ARIN, LACNIC and RIPE NCC]
Desired IRR Operational Model ~IRR/Whois Interaction~ Kuniaki Kondo (JPNIC IRR Workshop/IIJ) Ikuo Nakagawa (Intec) Takashi Arano (Asia Global Crossing)

Desired IRR Operational Model ~IRR/Whois Interaction~ Kuniaki Kondo (JPNIC IRR Workshop/IIJ) Ikuo Nakagawa (Intec) Takashi Arano (Asia Global Crossing)
APNIC Policy Update 1 st TWNIC IP Open Policy Meeting 3 December, 2003 Taipei, Taiwan.

APNIC Policy Update 1 st TWNIC IP Open Policy Meeting 3 December, 2003 Taipei, Taiwan.
The Data Protection Act 1998 The Eight Principles.

The Data Protection Act 1998 The Eight Principles.
Policy implementation and document status report Address Policy SIG APNIC 15, Taipei, Taiwan 27 February 2003.

Policy implementation and document status report Address Policy SIG APNIC 15, Taipei, Taiwan 27 February 2003.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Update RIPE 40 Prague, 1-5 October, 2001.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Update RIPE 40 Prague, 1-5 October, 2001.
Data Protection STFC Presentation to PPD Senior Staff 26/11/2009 FoI/DP team.

Data Protection STFC Presentation to PPD Senior Staff 26/11/2009 FoI/DP team.

Similar presentations

Ads by Google