Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6
JORDI PALET MARTINEZ <jordi.palet@consulintel.es> Mon, 30 October 2017 07:04 UTC
Return-Path: <prvs=14764e180b=jordi.palet@consulintel.es>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4297513FDE7 for <v6ops@ietfa.amsl.com>; Mon, 30 Oct 2017 00:04:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, LOTS_OF_MONEY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=consulintel.es; domainkeys=pass (1024-bit key) header.from=jordi.palet@consulintel.es header.d=consulintel.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q6_T-xG8ryWZ for <v6ops@ietfa.amsl.com>; Mon, 30 Oct 2017 00:04:14 -0700 (PDT)
Received: from mail.consulintel.es (mail.consulintel.es [217.126.185.215]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72BBA13F742 for <v6ops@ietf.org>; Mon, 30 Oct 2017 00:04:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=consulintel.es; s=MDaemon; t=1509347052; x=1509951852; q=dns/txt; h=DomainKey-Signature: Received:User-Agent:Date:Subject:From:To:Message-ID:Thread-Topic: References:In-Reply-To:Mime-version:Content-type: Content-transfer-encoding:Reply-To; bh=+h+Dm14INZMkLz19NkWY+GOnK UOIUGXYNn8QGGDXS70=; b=anSDdP7IIvt7jyFmA+gBoxDbXtTZabUYyHINqkRr+ Wbf7RdaBYQy7L1nQAa0E7zWkZC4Th3AeA1mi9zNipuhP+lLTauEix+slSZWDpGJk u3t1KZLe/Fm/r6ultnlq+LwqVIf38fNsjp8j0KHKxfTAkeKPCtt70g8dxNk3A60v nc=
DomainKey-Signature: a=rsa-sha1; s=MDaemon; d=consulintel.es; c=simple; q=dns; h=from:message-id; b=IhK2YE4PZqFKuZsO93++5pUe2wNivKFfCRA1GB3ucYlly1WUdOjIXcBTh9n7 hkMc12J3WBFzQCURQNBRRGsyiypnmDEQCUS6A/aFNF2PAthyUmXGp/J7u ESYZq/6ecz4lZ/C5yrCbZ7bHkRpQgZaj4TYXxYFkabPJ8WXS4paNps=;
X-MDAV-Processed: mail.consulintel.es, Mon, 30 Oct 2017 08:04:12 +0100
X-Spam-Processed: mail.consulintel.es, Mon, 30 Oct 2017 08:04:11 +0100
Received: from [10.10.10.99] by mail.consulintel.es (MDaemon PRO v11.0.3) with ESMTP id md50005609642.msg for <v6ops@ietf.org>; Mon, 30 Oct 2017 08:04:10 +0100
X-MDOP-RefID: re=0.000,fgs=0 (_st=1 _vt=0 _iwf=0)
X-Authenticated-Sender: jordi.palet@consulintel.es
X-HashCash: 1:20:171030:md50005609642::ZdMS7cAhOniY60zG:00002Apy
X-Return-Path: prvs=14764e180b=jordi.palet@consulintel.es
X-Envelope-From: jordi.palet@consulintel.es
X-MDaemon-Deliver-To: v6ops@ietf.org
User-Agent: Microsoft-MacOutlook/f.27.0.171010
Date: Mon, 30 Oct 2017 08:04:10 +0100
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
To: "v6ops@ietf.org" <v6ops@ietf.org>
Message-ID: <E8E9936C-294D-4AB1-8A94-5946720A569B@consulintel.es>
Thread-Topic: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6
References: <f403045ef57ac52962055bd88b84@google.com> <20395E98-DA55-447F-BEFE-CB581A88BB78@gmail.com> <alpine.DEB.2.20.1710190655260.31961@uplift.swm.pp.se> <20171019083506.6627a166@echo.ms.redpill-linpro.com> <alpine.DEB.2.20.1710190856530.31961@uplift.swm.pp.se> <787AE7BB302AE849A7480A190F8B93300A056EB5@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <CAHw9_iLWAMexrfXwsdB8duGa5ueJMofqVRqNck6DeOzA=KChqA@mail.gmail.com> <C4E37677-A2FB-49F8-B362-C29B28DFD570@daveor.com> <D618D79F.8AA1A%lee@asgard.org> <22C655A9-AE02-4885-98B5-7515C49E7F2B@employees.org> <B20ECDCB-1EFD-4265-BE13-5AE1E92335AE@gmail.com> <95274753-7241-47DE-B463-0341248FAE38@employees.org> <5FA44821-D6C2-4A9C-A1A5-59BECB65B4F4@gmail.com> <D4975FFD-0A2A-49C7-BF91-9EE18429E197@daveor.com> <CAO42Z2yW1SGhmcYQNgJk35_ua7nu9LRGLv0_ChC=EavwfydnQA@mail.gmail.com> <1A0AE76A-FA3C-4BDE-B8D9-C8D2E060A8A8@gmail.com>
In-Reply-To: <1A0AE76A-FA3C-4BDE-B8D9-C8D2E060A8A8@gmail.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Reply-To: jordi.palet@consulintel.es
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/clj3rPONDaMSBceKuFNUu-dG55Q>
Subject: Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Oct 2017 07:04:17 -0000
In 2003, I was involved with the EU working party (art. 29) in charge for the decision about considering or not IPs as personal data. We didn’t succeed, and finally they concluded that IP is personal data. My arguments, about that included many topics, including the possibility to use privacy addresses, many prefixes, and what Fred mentions, that there is no way you can actually say even if this is your computer, that any specific action is being done by you, a friend, a bot, or somebody that is using remotely your computer/network. I also was explaining that the most interesting way for any “bad guy” to track someone, is actually not the IP address, but information disclosed by the browsers and many other apps that we commonly use. I recall having seen several web sites that actually dig into your browser and tell you how much you’re disclosing. At the end, the EU courts accept that you, store IP data, like any other personal data that can be captured automatically, if you have a valid purpose for that (for operational purposes of the network), or it is your customer, but you disclose that data. For example, to explain it better, I will do it with another type of personal data “emails”. I could capture in my database any email publicly found if I’ve a valid purpose for that (“I’m going to do a research of what are the most common domains or text used in emails”). To do so, you need to inform the data owner that you have registered it and the way he can access, amend, or cancel that data in your database. What I can’t do, for example, is to use that data to send any kind of commercial info which has not previous and explicitly accepted by the owner of the email. Not informing the user for having captured the email is an unlawful act, sending spam is another unlawful act. Both can be fined up to 600.000 euros by data protection agencies, and the owner can request also economical compensation for the use of his/her personal data in the courts. Of course, if you’re customer of an operator, or customer from a hotspot, etc., you accept a contract, that explicitly should say that they are capturing that data (including IP) as it is required for the network operation, etc. Regards, Jordi -----Mensaje original----- De: v6ops <v6ops-bounces@ietf.org> en nombre de Fred Baker <fredbaker.ietf@gmail.com> Responder a: <fredbaker.ietf@gmail.com> Fecha: lunes, 30 de octubre de 2017, 3:41 Para: Mark Smith <markzzzsmith@gmail.com> CC: "v6ops@ietf.org" <v6ops@ietf.org>, Tore Anderson <tore@fud.no>, Dave O'Reilly <rfc@daveor.com> Asunto: Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 > On Oct 29, 2017, at 11:48 PM, Mark Smith <markzzzsmith@gmail.com> wrote: > > Geoff Huston's article on > > Metadata Retention and the Internet > > https://telsoc.org/ajtde/2015-04-v3-n1/a4 > > might be of interest. > > "The Metadata Retention measures being considered in Australia make some sweeping assumptions about the semantics of IP addresses and their association with individual subscribers to the Internet. But are these assumptions warranted?" In that context, the European Data Retention Directive (which has now been struck down by the European Privacy Court) and the activities by the "Five Eyes" in that regard, notably the US NSA, have been very much about metadata. I asked a Dutch agency representative once what their reason for lawful intercept in general and metadata capture specifically was, and he indicated "mapping criminal networks". They wanted to determine who spoke with whom, with a view to identifying members of a community, presumably an evil community. I note that the European Privacy Court has (apparently) specified that an IP address is "Individually Identifiable Information", the kind of thing that might be discussed in https://tools.ietf.org/html/rfc7721. I have asked repeatedly what privacy folks think might be an IID below the application layer, and that is the one thing they have come up with. On the point, I would argue that data of that type is not *identification*, but it might be possible to correlate it with other information due to operational practice. To my mind, stomping out correlations is a game of whack-a-mole; someone that desperately wants to find a correlation will probably find something that mostly works for their purposes, even if they have to discard spurious correlations to do so. In my view, that's what we see here: we might be able to correlate an IP address with a computer or subscriber, but we can't stop people in a business or family from using each other's computers. It is at best an investigative tool, not proof of something in particular. _______________________________________________ v6ops mailing list v6ops@ietf.org https://www.ietf.org/mailman/listinfo/v6ops ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
- Re: [v6ops] Google Alert - IPv6 Paul Marks
- Re: [v6ops] Google Alert - IPv6 Fred Baker
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Brian E Carpenter
- Re: [v6ops] Google Alert - IPv6 Rajiv Asati (rajiva)
- Re: [v6ops] Google Alert - IPv6 Ca By
- Re: [v6ops] Google Alert - IPv6 Erik Kline
- Re: [v6ops] Google Alert - IPv6 Mikael Abrahamsson
- Re: [v6ops] Google Alert - IPv6 Tore Anderson
- Re: [v6ops] Google Alert - IPv6 Mikael Abrahamsson
- Re: [v6ops] Google Alert - IPv6 mohamed.boucadair
- Re: [v6ops] Google Alert - IPv6 Ca By
- Re: [v6ops] Google Alert - IPv6 Lorenzo Colitti
- Re: [v6ops] Google Alert - IPv6 Alexandre Petrescu
- Re: [v6ops] Google Alert - IPv6 Warren Kumari
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 Ca By
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] Google Alert - IPv6 mohamed.boucadair
- Re: [v6ops] [SUSPECTED SPAM] RE: Google Alert - I… Ole Troan
- Re: [v6ops] [SUSPECTED SPAM] RE: Google Alert - I… mohamed.boucadair
- Re: [v6ops] Google Alert - IPv6 Lee Howard
- Re: [v6ops] Google Alert - IPv6 Erik Nygren
- Re: [v6ops] Google Alert - IPv6 Lee Howard
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Ole Troan
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Fred Baker
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Ole Troan
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Fred Baker
- Re: [v6ops] Google Alert - IPv6 Fernando Gont
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Gert Doering
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Mark Smith
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Fred Baker
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] Google Alert - IPv6 Fred Baker
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] Google Alert - IPv6 Mark Smith
- Re: [v6ops] Google Alert - IPv6 DY Kim
- Re: [v6ops] Google Alert - IPv6 Fred Baker
- Re: [v6ops] Google Alert - IPv6 DY Kim
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Mark Andrews
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Lee Howard
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 JORDI PALET MARTINEZ
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 t.petch
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Dave O'Reilly
- Re: [v6ops] Google Alert - IPv6 Tom Herbert
- Re: [v6ops] Google Alert - IPv6 Ole Troan
- Re: [v6ops] [SUSPECTED SPAM] Google Alert - IPv6 Mark Smith