[gnso-acc-sgb] Reaction to Bertrand de la Chapelle

["Natris, Wout de" <W.deNatris@xxxxxxx>]

Dear all,
 
From OPTA's point of view this is a well thought out suggestion on how
to proceed. In addition I would like to mention the following. It is
important to think of an institution who has the stature and
possibilities to accredit, monitor and sanction an LEA or organisation
at the appropriate level. Since our topic is how to deal with private
sensitive data, this should be a public organisation. I'm shooting this
one from the hip without any checking, but maybe Enisa is a possibility.
www.enisa.europa.eu.
 
On access for private parties.
Law enforcement has everything to do with priorities, agreed. Priorities
are perceived when the problem is seen as something that needs to be
solved. Cyber crime is a problem which is drawing more and more
attention over the past two years. The possible damages to the economy,
to people and organisations are being recognized. "It is a cross border
problem that can not be solved", is often heard. This is partly a
miss-conception: in the end the solution is on someone's doorstep. E.g.,
the servers are on that location, the spammer lives there, his bank
account is there, his hired help is active there, etc. 
Law enforcement, it being penal, civil or administrative, must be
willing to accept complaints and rise up to the challenge to follow them
up. They need the laws to back them up, of course. In the Netherlands
more and more organisations are being brought together to work together
on this problem. This takes a lot of coordination and effort by all
involved. One ministry (Economic Affairs) has taken the lead in this
over here, as OPTA has for enforcers. Successes in coordination as well
as in enforcement can be had, even with a small, but dedicated team and
fairly little resources as we have proven. A few examples:
- Dutch language spam is all but extinct; 
- sms spam fraud is past history in the Netherlands;
- spyware spreaders are the next target;
- warnings and fines have their effect;
- cases and information are exchanged cross border;
- notice and take down procedure in place for phishing sites;
- OPTA has several cooperation protocols in place with fellow enforcers.
E.g. police, privacy, competition, EU spam enforcers;
- OPTA digital compliance officers assist police in cyber crime related
raids.
 
If this is in place private organisations and persons know where to go
with a complaint, know that it is dealt with and do not need access
themselves to the Whois databases.
 
It is for reasons of internet and privacy safety that law enforcement
agencies like OPTA need access to Whois data. Of course in compliance
with privacy laws and rules. The ways in which this should technically
and administratively be achieved is not up to OPTA.
 
This is in a nutshell what is going on over here. Hope it helps you to
gain some insight in our need for access.  Regards,
 
Wout de Natris
 
 
+++++++++++++++++++++++++++++++++++++++++++++
Disclaimer
Dit e-mailbericht kan vertrouwelijke informatie bevatten of informatie die is 
beschermd door een beroepsgeheim.
Indien dit bericht niet voor u is bestemd, wijzen wij u erop dat elke vorm van 
verspreiding, vermenigvuldiging
of ander gebruik ervan niet is toegestaan.
Indien dit bericht blijkbaar bij vergissing bij u terecht is gekomen, verzoeken 
wij u ons daarvan
direct op de hoogte te stellen via tel.nr 070 315 3500 of e-mail 
mailto:mail@xxxxxxx en het bericht te vernietigen.
Dit e-mailbericht is uitsluitend gecontroleerd op virussen.
OPTA aanvaardt geen enkele aansprakelijkheid voor de feitelijke inhoud en 
juistheid van dit bericht en er kunnen 
geen rechten aan worden ontleend.


This e-mail message may contain confidential information or information 
protected by professional privilege.
If it is not intended for you, you should be aware that any distribution, 
copying or other form of use of
this message is not permitted.
If it has apparently reached you by mistake, we urge you to notify us by phone 
+31 70 315 3500
or e-mail mailto:mail@xxxxxxx and destroy the message immediately.
This e-mail message has only been checked for viruses.
The accuracy, relevance, timeliness or completeness of the information provided 
cannot be guaranteed.
OPTA expressly disclaims any responsibility in relation to the information in 
this e-mail message.
No rights can be derived from this message.