Re: [gnso-acc-sgb] Reaction to Bertrand de la Chapelle

[Jeff Williams <jwkckid1@xxxxxxxxxxxxx>]

Wout and all sgb members,

  I agree that for third part access, as a sector, the public sector is
likely the best choice.  However your suggestion of ENISA
http://www.enisa.europa.eu/ as strictly an EU organization in which
several of it's member states are on the USTR's 301 list, gives myself
and I am sure many U.S. registrants, a few U.S. government depts.,
and other non EU private sector business entities  some trepidation
at a minimum, not to mention some non EU LEA's.

  However there seems to be some sgb members here whom are
more interested and entrenched in the idea that the private sector
is a better sector by which third part access to private Whois data
is to be granted or otherwise allowed with yet to be defined, decided,
or recognized restrictions and/or rules by which such unrestricted
access will be allowed and/or effected.

http://www.enisa.europa.eu/

Natris, Wout de wrote:

>    Dear all,
>
> From OPTA's point of view this is a well thought out suggestion on how
>
> to proceed. In addition I would like to mention the following. It is
> important to think of an institution who has the stature and
> possibilities to accredit, monitor and sanction an LEA or organisation
>
> at the appropriate level. Since our topic is how to deal with private
> sensitive data, this should be a public organisation. I'm shooting
> this
> one from the hip without any checking, but maybe Enisa is a
> possibility.
> www.enisa.europa.eu.
>
> On access for private parties.
> Law enforcement has everything to do with priorities, agreed.
> Priorities
> are perceived when the problem is seen as something that needs to be
> solved. Cyber crime is a problem which is drawing more and more
> attention over the past two years. The possible damages to the
> economy,
> to people and organisations are being recognized. "It is a cross
> border
> problem that can not be solved", is often heard. This is partly a
> miss-conception: in the end the solution is on someone's doorstep.
> E.g.,
> the servers are on that location, the spammer lives there, his bank
> account is there, his hired help is active there, etc.
> Law enforcement, it being penal, civil or administrative, must be
> willing to accept complaints and rise up to the challenge to follow
> them
> up. They need the laws to back them up, of course. In the Netherlands
> more and more organisations are being brought together to work
> together
> on this problem. This takes a lot of coordination and effort by all
> involved. One ministry (Economic Affairs) has taken the lead in this
> over here, as OPTA has for enforcers. Successes in coordination as
> well
> as in enforcement can be had, even with a small, but dedicated team
> and
> fairly little resources as we have proven. A few examples:
> - Dutch language spam is all but extinct;
> - sms spam fraud is past history in the Netherlands;
> - spyware spreaders are the next target;
> - warnings and fines have their effect;
> - cases and information are exchanged cross border;
> - notice and take down procedure in place for phishing sites;
> - OPTA has several cooperation protocols in place with fellow
> enforcers.
> E.g. police, privacy, competition, EU spam enforcers;
> - OPTA digital compliance officers assist police in cyber crime
> related
> raids.
>
> If this is in place private organisations and persons know where to go
>
> with a complaint, know that it is dealt with and do not need access
> themselves to the Whois databases.
>
> It is for reasons of internet and privacy safety that law enforcement
> agencies like OPTA need access to Whois data. Of course in compliance
> with privacy laws and rules. The ways in which this should technically
>
> and administratively be achieved is not up to OPTA.
>
> This is in a nutshell what is going on over here. Hope it helps you to
>
> gain some insight in our need for access.  Regards,
>
> Wout de Natris
>
>
> +++++++++++++++++++++++++++++++++++++++++++++
> Disclaimer
> Dit e-mailbericht kan vertrouwelijke informatie bevatten of informatie
> die is beschermd door een beroepsgeheim.
> Indien dit bericht niet voor u is bestemd, wijzen wij u erop dat elke
> vorm van verspreiding, vermenigvuldiging
> of ander gebruik ervan niet is toegestaan.
> Indien dit bericht blijkbaar bij vergissing bij u terecht is gekomen,
> verzoeken wij u ons daarvan
> direct op de hoogte te stellen via tel.nr 070 315 3500 of e-mail
> mailto:mail@xxxxxxx en het bericht te vernietigen.
> Dit e-mailbericht is uitsluitend gecontroleerd op virussen.
> OPTA aanvaardt geen enkele aansprakelijkheid voor de feitelijke inhoud
> en juistheid van dit bericht en er kunnen
> geen rechten aan worden ontleend.
>
>
> This e-mail message may contain confidential information or
> information protected by professional privilege.
> If it is not intended for you, you should be aware that any
> distribution, copying or other form of use of
> this message is not permitted.
> If it has apparently reached you by mistake, we urge you to notify us
> by phone +31 70 315 3500
> or e-mail mailto:mail@xxxxxxx and destroy the message immediately.
> This e-mail message has only been checked for viruses.
> The accuracy, relevance, timeliness or completeness of the information
> provided cannot be guaranteed.
> OPTA expressly disclaims any responsibility in relation to the
> information in this e-mail message.
> No rights can be derived from this message.
>
>

Regards,

--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security
IDNS. div. of Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402
E-Mail jwkckid1@xxxxxxxxxxxxx
 Registered Email addr with the USPS
Contact Number: 214-244-4827