As an SP in the MDU (multi dwelling unit) market we dutifully SWIP
netblocks for each apartment complex/condo/etc. Doing such we
publically publish the physical address an IP lives (sans Apt/Unit #).
Would anyone feel this is too much information for people to know?
Should our SWIPs be more generic, local POP address or local corporate
office, just enough for rough geolocation accuracy?
I realize what ARIN prefers, this is more of an opinion gathering.
-ML
If it is a business, then accurate address does not seem to me an issue, if it is a private address, I think a bit of fuzziness is helpful
An apartment complex/condo/etc is a business which contains private addresses.
Do you sell to the residents directly or do you sell to the apartment
complex which then resells to individual residents?
If the former then you're basically off the hook for anybody who
doesn't get a /29 or larger.
For the latter, you're providing significant amounts of a public
resource (IP addresses) to a business whose contact information you're
contractually and ethically obligated to reveal. If a particular
complex is worried about publishing their location, they can always
rent a P.O. box. If you're the only one doing the worrying, don't.
IMO.
Regards,
Bill Herrin
CALEA may come into play there meaning that there is no privacy per se.
Todd
calea != ARIN policies... the above comment is a red-herring/fud.
reading the policies (roughly paraphrased) I'd say you need to
(depending where you line up with william's questions)
A swip the block the building uses (postal address probably fine) -
presumes +/29 to a building, of course
B swip as 'residential' anything larger than a /29 that lands at a
single dwelling being used for residential things
C swip as a normal record anything larger than a /29 that lands at a
single dwelling but considered a 'business'
as examples of these:
A - 1515 Connecticut Ave, Washington DC - The Regency Towers
Apartments (fictitious apartment building)
B - Private customer - Verizon Internet Services Inc. FTTP (Joe
Plumber Apartment #5 inside The Regency Towers Apartments)
C - Joes Plumbing and Handyman services - Apt #5 1515 Connecticut Ave
(the business address at that apartment location)
-chris
I strongly disagree -- you're revealing the precise address of any tenant in those buildings. Don't do that...
--Steve Bellovin, http://www.cs.columbia.edu/~smb
Chiming in: I would tend to agree with smb on this particular issue --
that's a bit *too* precise.
- - ferg
+1
During the P3P too-and-fro on what constituted PII I lost the argument that masking off the last bits constituted acceptable non-disclosure of PII.
Additionally, viewing the long/lat of a property where b/w and addresses are provisioned as the legal entity which owns the building seems odd.
Eric
For the latter, you're providing significant amounts of a public
resource (IP addresses) to a business whose contact information you're
contractually and ethically obligated to reveal. If a particular
complex is worried about publishing their location, they can always
rent a P.O. box. If you're the only one doing the worrying, don't.I strongly disagree -- you're revealing the precise address of any
tenant in those buildings. Don't do that...
Then discuss it with the apartment complex, Steven, and encourage them
to get a PO box to use in place of their physical address. Or just buy
a box from mail boxes etc. yourself and set up mail forwarding each
time you set up a new apartment complex. The main point of the
exercise is that the address consumer (the apartment management
company, a for-profit business) be identifiable and directly reachable
by phone, email and postal mail, not that they provide accurate
coordinates for targeting the nukes. Plenty of reasonable ways to meet
the spirit of the rules. The letter too.
During the P3P too-and-fro on what constituted PII I lost the argument that
masking off the last bits constituted acceptable non-disclosure of PII.
Whole other ball game, Eric. In the platform for privacy preferences
(P3P) one participant in a data flow asserts that he will keep the
other participant's behavior confidential. P3P examines what knowledge
the asserter may glean and publish from that data flow without
violating that confidentiality. You rightly lost the argument because
the subnet, plus other information that doesn't by itself identify a
user, can often be combined to identify a specific user and his
behavior with a relatively high level of confidence. So can
algorithmic one-way hashes of the address and most other variants on
the meme that could reasonably facilitate reconstructing a particular
user's data flow.
No such agreement exists with respect to the public permitting
for-profit businesses the exclusive use of a portion of the public's
IP addresses. Quite the contrary, that public (as it expressed itself
to ARIN repeatedly for a decade and a half and as recently as ARIN's
public meeting earlier this year) insists that for-profit businesses
granted the exclusive use of 8 or more of the public's IP addresses
publicly reveal who they are and how to directly contact them.
Public. Get it?
Regards,
Bill Herrin
Clearly, the apartment complex owners could do that if they so choose. I'm not sure who you suggest should "buy a box from mail boxes etc. yourself and set up mail forwarding each time you set up a new apartment complex" -- the ISP? How does that help? This is, as you say, a way to contact the apartment complex owners, right?
The issues have to do with knowledge and expenditure. For the most part, consumers and apartment complex owners have no knowledge of IP geolocation or SWIP. It is consumer privacy at risk here, but consumers have no opportunity to opt out of this scheme even if they knew about it. "Discuss it with the apartment complex" is generally null advice; apart from the fact that consumers have exactly zero leverage in many markets, the apartment managers (a) don't know about it, either, and (b) can't be bothered to get a PO box and collect the (rare) mail from it.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
Clearly, the apartment complex owners could do that if
they so choose. I'm not sure who you suggest should
"buy a box from mail boxes etc. yourself and set up
mail forwarding each time you set up a new apartment
complex" -- the ISP? How does that help? This is, as
you say, a way to contact the apartment complex owners, right?
Steven,
Getting a post office box is a standard and widely accepted way to
receive mail when for any reason you don't want the mail addressed to
your physical location. Companies like Mail Boxes Etc. take the
service one step further - they'll repackage the received mail and
send it to your physical address so you don't have to stop by and
check the box. Essentially, they provide a second postal address for
the recipient unbound from the recipient's physical address.
That's what you wanted, right? To avoid revealing the resource
consumer's physical address?
The issues have to do with knowledge and expenditure.
For the most part, consumers and apartment complex
owners have no knowledge of IP geolocation or SWIP.
It is consumer privacy at risk here, but consumers have
no opportunity to opt out of this scheme even if they
knew about it. "Discuss it with the apartment complex"
is generally null advice; apart from the fact that consumers
have exactly zero leverage in many markets, the apartment
managers (a) don't know about it, either, and (b) can't be
bothered to get a PO box and collect the (rare) mail from it.
If you feel that way, I suggest you take the issue up on the ARIN
public policy mailing list. Solicit public consensus for a change in
handling for SWIPs for "apartment complexes as ISP resellers." Absent
such a change, redacting identity and contact info for the apartment
management company remains simple fraud.
Regards,
Bill Herrin
I'm not at all convinced that mere redaction qualifies as fraud. It certainly
qualifies as *deceptive* - but does it rise to "fraudulent"? Is the fact that
I use a Mail Boxes Etc-type service and don't accept mail at my home address
because it's a very physically insecure mailbox fraudulent? Yes, it's somewhat
deceptive, because it's not my actual home address. But unless you stretch
"deception for personal gain" to the point where "gain" is "I don't want mail
stolen from my mailbox", I don't think it's actual fraud.
There's usually a 50/50 split between the HOA (Home Owners Association)
and the individual that are our customers. In the case of a HOA it's
not that the HOA is reselling it's that we are contracted to service
every member of the HOA and the HOA gives us one check for everyone.
Valdis,
It takes some creative reading to think I claimed using an alternate
but still correct address (e.g. supplied by mailboxes etc.)
constituted fraud. Alternate != redacted.
Regards,
Bill Herrin
Hi ML,
For individuals, you get significant privacy:
https://www.arin.net/policy/nrpm.html#six551
Home owners' associations seem like a gray area to me. You're talking
about a non-profit organization whose sole purpose is to represent a
group of residences collectively. I think I'd err on the side of
listing the HOA's legal name along with the postal address at which
the HOA prefers to be contacted but I also think it would be worth
bringing up the question on the ARIN PPML. ARIN public policy is a
dynamic thing -- it changes and clarifies when good reasons are
presented and frankly I think you've hit on a good reason.
Apartment management companies, where the entity is unambiguously
for-profit, are really past the gray area. Their customers are
residential, but they themselves are a commercial entity vending
services. Their customers may be entitled to privacy but they aren't.
Regards,
Bill Herrin
Right. The point is that by the same "what is the personal gain" standard, it
isn't obvious that redacted == fraud by definition. If I have an alternate
physical mailbox and a redacted electronic address for the exact same reason
(privacy and security), how is one fraudulent and the other not?
What personal gain standard? I certainly didn't advocate one, and I
don't find anything like that in ARIN's rules. As far as I can tell,
anyone can pick an alternate postal address, a hotmail email address
and a vonage phone number for their SWIP information if they so
choose, quite regardless of whether any personal gain is involved.
Regards,
Bill Herrin
What personal gain standard? I certainly didn't advocate one, and I
don't find anything like that in ARIN's rules.
What you said:
Absent such a change, redacting identity and contact info for the apartment
management company remains simple fraud.
"fraud" is usually defined as "deception with intent for personal gain". *That*
standard. My point is that redation does not *in and of itself* rise to the level of fraud.
Valdis,
Nitpicking someone's word choice can straddle the border between
debate and trolling but if you insist then I suggest you first learn
the meaning of the word. "Fraud" is about loss, not gain, and there's
nothing "personal" about it.
http://legal-dictionary.thefreedictionary.com/fraud
"A false representation of a matter of fact—whether by words or by
conduct, by false or misleading allegations, or by concealment of what
should have been disclosed—that deceives and is intended to deceive
another so that the individual will act upon it to her or his legal
injury."
Regards,
Bill Herrin
And the mere fact that an address is redacted has the intent to decieve so that
another will act on it to legal injury is where, exactly?