IETF Logo Mail Archive

Re: [v6ops] Google Alert - IPv6

Tom Herbert <tom@herbertland.com> Wed, 01 November 2017 15:09 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36BF813F73C for <v6ops@ietfa.amsl.com>; Wed, 1 Nov 2017 08:09:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C8J8iVQArlZA for <v6ops@ietfa.amsl.com>; Wed, 1 Nov 2017 08:09:44 -0700 (PDT)
Received: from mail-qt0-x22b.google.com (mail-qt0-x22b.google.com [IPv6:2607:f8b0:400d:c0d::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AFE331386A2 for <v6ops@ietf.org>; Wed, 1 Nov 2017 08:09:43 -0700 (PDT)
Received: by mail-qt0-x22b.google.com with SMTP id f8so3027255qta.5 for <v6ops@ietf.org>; Wed, 01 Nov 2017 08:09:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=yhtXl4WAQ2Tfqj2/wV5SxSrKu5gaVWZ0v8YGkRSqIao=; b=GpF1BaL+pYw8Toxx1dxFLLzqbtVKmLU695eOFYRI7nPFSUn9cHyGZaLdnJTdVSqAqJ XcDO6+8pN3lZAdxYjq4Cs2KWbAVO03kAs2z94UqyRxAwfNY0vpUkGXOqrzp5MHW1EC3P RvgR9Z1dWlo1FTecqOOnHtP8+YvC9B97o436A/HayXhXtPN9eKWID8s9WhgOqd+Xi5Hu nbMRUo7mTxZNTQ2+YZvhq0/KjqHehdI0IyFo7/rI2uojqHoMcYsA0Z8xK2ZG0YJqOq0G q0iU8UXOPiVIVLDrMR1pn9iV79nZrJbSM4fa8T3vp+f40LCQLipXfAwrWituH28du8TY L5wQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=yhtXl4WAQ2Tfqj2/wV5SxSrKu5gaVWZ0v8YGkRSqIao=; b=d+nEFzsqAN5MwRDFldPUsDtTCAlVoax0if7l73sjFS0ojwZQVSmvmcmV/v2q+d5yJ/ x0cZwGYd07ryvMXaX1DcoqHTUWDtCuK+1K9Kp+KR+ydBrXu5u2YWjXzpRWzVEPickKp6 fEqHbWaTyh2D08+yVNyaa4Ucpw8UCqvMoO3sC2NIMYU4GFKJLIsyUJE91gxT/exSkfMb nYyYi0hUf18KZOxgULfnxQABLW8DtJMyzxHQ2o0WRC4U9t/HpvtbRu0tSq7kLY2R8SZT rA77kmabVrX2ikHvuVPbiOOVQ2AN7+W5NOl5KtumWjMya38WYcrB2hf+bK8jSFy0N75p zYNQ==
X-Gm-Message-State: AMCzsaWf//BJDdcVanOjyINbEHAp9npWt6mtVz7Uc7WwzY7UluTd9Ys8 k45nbzdfDQHLJBjEkCNvL9u9Dj7kIqosGsKtuyVlWg==
X-Google-Smtp-Source: ABhQp+S9oz37bzx7K5m+rifceJn+vjF+WmIqcFeB18zxOGxrwVhK8KsqpQxvg9N57dxqYfU70rmUj8ed/FE/glkuuh0=
X-Received: by 10.200.53.89 with SMTP id z25mr325544qtb.58.1509548982686; Wed, 01 Nov 2017 08:09:42 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.237.54.4 with HTTP; Wed, 1 Nov 2017 08:09:41 -0700 (PDT)
In-Reply-To: <2013D3DA-0366-41F2-A0E8-07F5563C5D07@consulintel.es>
References: <f403045ef57ac52962055bd88b84@google.com> <20395E98-DA55-447F-BEFE-CB581A88BB78@gmail.com> <alpine.DEB.2.20.1710190655260.31961@uplift.swm.pp.se> <20171019083506.6627a166@echo.ms.redpill-linpro.com> <alpine.DEB.2.20.1710190856530.31961@uplift.swm.pp.se> <787AE7BB302AE849A7480A190F8B93300A056EB5@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <CAHw9_iLWAMexrfXwsdB8duGa5ueJMofqVRqNck6DeOzA=KChqA@mail.gmail.com> <C4E37677-A2FB-49F8-B362-C29B28DFD570@daveor.com> <CE4906A4-E0CC-4C3F-A1F8-D2B5BED294D7@employees.org> <EDC5E9C7-F193-40CE-B21C-8E1D91E9E7E3@daveor.com> <C71D6C23-2720-403F-B655-D8156898A137@employees.org> <CALx6S37E9TN9SyMQfk3CSx9vWzjBM3bmuhvsyN0tFXGYFz9Mjw@mail.gmail.com> <CAO42Z2yXH0sPJYXJ6Nrq0B=UaDK4mC1R2Tds1tFQeBhuVh5meg@mail.gmail.com> <F0990C2F-0626-4416-AA5D-1AAE41C24510@gmail.com> <A9FAF661-C5DB-4EE2-8175-56FF50792B27@gmail.com> <C01E3F52-46F8-4BDC-91C8-052310673E6E@consulintel.es> <20171101073231.653A48DDFD9C@rock.dv.isc.org> <2013D3DA-0366-41F2-A0E8-07F5563C5D07@consulintel.es>
From: Tom Herbert <tom@herbertland.com>
Date: Wed, 01 Nov 2017 08:09:41 -0700
Message-ID: <CALx6S37D2ziwr39H3SXWYXY48+GgnMBeiVrvsqVmwYCBqwPDcg@mail.gmail.com>
To: Jordi Palet Martinez <jordi.palet@consulintel.es>
Cc: v6ops list <v6ops@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/TqjaTvJL8SmlanQjx4lNZheFPiI>
Subject: Re: [v6ops] Google Alert - IPv6
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Nov 2017 15:09:46 -0000

On Wed, Nov 1, 2017 at 12:53 AM, JORDI PALET MARTINEZ
<jordi.palet@consulintel.es> wrote:
> I’m not a lawyer, but I can tell this are the facts in EU, in general. I’m sure you can google for that.
>
> If the phone has been hacked or the car stolen, your lawyer will need to prove that it was the case. If you know who hacked your phone you lawyer need to prove that, police may believe you and do the investigation by themselves but it they don’t find a way to prove that … it is your problem, unless you have an irrefutable alibi.
>
> I’ve a case recently (and this happened many times in Spain). A company car drove by one employee was exceeding speed limit in 10 Km/h (100 euros fine). The fine comes to the company. Company has 10 days to identify the driver, and did that. The driver denies it. If you don’t have a way to prove that he is lying, you now pay the fine, plus 600 additional euros because the law assumes that you tried to cheat them. So, unless the driver voluntarily recognizes it, or you have a record signed by the person taking the car, you’re lost (because you made the mistake to provide the car to an employee, friend, thief, without actually having a record for that).
>
Jordi,

In California there was a proposal to equip garbage tracks with
cameras that would capture license plates and send them to law
enforcement for tracking. The ostensible rationale was to only track
criminals and that the information wouldn't be used to track otherwise
law abiding citizens. This plan, not unexpectedly, cause a huge
backlash because of privacy concerns. License plates are associated
with vehicles which are associated with owners. Tracking license
plates of personal vehicles is equivalent to tracking the whereabouts
of the owner or at least someone in their family or friends. In the US
at least, there's not a lot of trust in the government that it
wouldn't use such information for widespread surveillance of citizens.

> There are plenty of cases that a car is stolen to do something wrong, and unless you prove that you were at that time in another place, your lawyer need to defend you. Just consider if you were sleeping alone and the car was stolen during the night, and the bad thing happened during the night, but you only claim to the police for the stolen car in the next morning … How you prove that actually was not you?
>
> Note that I fully agree. IP is not personal data (and I tried to argue about that many times), but law says so in EU (not sure in other countries/regions).
>
I think this may contradict your example above. If a crime is
committed and the IP address traces back to my device then it's clear
that I'm going to be investigated at least as a person of interest if
not a suspect. So I personally have been identified by authorities via
IP address and it's now up to me to prove I didn't do anything wrong.
In this case, the IP address is personally identifiable information
because it was used to identify an individual.

Again, it is not within the definition of an IP address that it
doesn't identify individuals. Whether it does or not determined by how
they are used and assigned.

Tom

> Regards,
> Jordi
>
>
> -----Mensaje original-----
> De: Mark Andrews <marka@isc.org>
> Responder a: <marka@isc.org>
> Fecha: miércoles, 1 de noviembre de 2017, 8:32
> Para: <jordi.palet@consulintel.es>
> CC: v6ops list <v6ops@ietf.org>
> Asunto: Re: [v6ops] Google Alert - IPv6
>
>
>     In message <C01E3F52-46F8-4BDC-91C8-052310673E6E@consulintel.es>, JORDI PALET M
>     ARTINEZ writes:
>     > Totally agree, however there is a subtle situation here, when we
>     > associate this to the origin of the thread  CGN
>     >
>     > If an unlawful action has been done with that phone, the phone owner will
>     > be responsible in front of the law to identify the person who has go the
>     > phone. Otherwise, the courts will judge you as the author of the unlawful
>     > action.
>
>     Please cite the relevent law.  Phone are hacked all the time.  Phones
>     are shared all the time.  There is only ever a strong correlation
>     never absolute proof.  For proof you need other data.
>
>     > Same as if you are the owner of a car that has an accident and dont stop,
>     > unless you identify in and undoubtable way a third person driving the
>     > car, it will be your problem.
>
>     Cars get stolen all the time and sometimes the first you know about
>     is a knock on the door.  The owner of the vehicle is just the first
>     step in the investigation.  Things like a speeding fine may get
>     lumbered on you but failure to stop requires more that you are the
>     owner of the vechicle to be proven.
>
>     > So, and this is what I was trying to point to the EU article 29 working
>     > party many years ago, even if you identify an IP address, it is almost
>     > impossible to say this is personal data, you need to correlate that with
>     > many many many other data, and even do, unless you have a live record of
>     > he/she being in front of the keyboard at that specific time.
>     >
>     > However, the implications of CGN for the police is that, without a CGN,
>     > the owner for the phone that done that unlawful act (in EU you need to
>     > provide a legal ID to have a phone line) using that IP address, the
>     > identification is direct, no further investigation is needed and is the
>     > owner the responsible to identify a third party if that's the case. With
>     > CGN, if the IP address is shared and there are no source ports records,
>     > the investigation brings the police to a number of people, may be only
>     > 16, may be hundreds, which is a big issue.
>
>     Only if you are looking at single events.  Multiple events will
>     probably whittle the set down to a subscriber.  That doesn't
>     necessarially identify a individual.
>
>     > Regards,
>     > Jordi
>
>
>     --
>     Mark Andrews, ISC
>     1 Seymour St., Dundas Valley, NSW 2117, Australia
>     PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org
>
>
>
>
> **********************************************
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.consulintel.es
> The IPv6 Company
>
> This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
>
>
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops

v2.23.0 | Report a Bug | By Email