IETF Logo Mail Archive

Re: [v6ops] Google Alert - IPv6

JORDI PALET MARTINEZ <jordi.palet@consulintel.es> Wed, 01 November 2017 07:08 UTC

Return-Path: <prvs=1478feaab1=jordi.palet@consulintel.es>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3A4213F639 for <v6ops@ietfa.amsl.com>; Wed, 1 Nov 2017 00:08:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=consulintel.es; domainkeys=pass (1024-bit key) header.from=jordi.palet@consulintel.es header.d=consulintel.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LSfblT6u_Ujj for <v6ops@ietfa.amsl.com>; Wed, 1 Nov 2017 00:08:56 -0700 (PDT)
Received: from mail.consulintel.es (mail.consulintel.es [217.126.185.215]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E87E913FE13 for <v6ops@ietf.org>; Wed, 1 Nov 2017 00:08:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=consulintel.es; s=MDaemon; t=1509520134; x=1510124934; q=dns/txt; h=DomainKey-Signature: Received:User-Agent:Date:Subject:From:To:Message-ID:Thread-Topic: References:In-Reply-To:Mime-version:Content-type: Content-transfer-encoding:Reply-To; bh=5Lep8wy+qPVh896KZSPnV67sZ /OZuiuTRJ/zqF2HhN8=; b=DwW67R7l/9XqZ4v3WMy8UhuMBeKBbWUgiXbWiaZtB NrEAMGXq39qbMLQCzU6/b91mowo5i5p5pw4x6hBZEcLSxXKH3a8nl3YJXxGyk8DK c5utvvCV6FtTsNX0nGPgKAIqKgG2288qGEHXNrN1ZAz42Vpj5uLYm6a7PQZaHHMV /s=
DomainKey-Signature: a=rsa-sha1; s=MDaemon; d=consulintel.es; c=simple; q=dns; h=from:message-id; b=rV2oZ2nmAHa1M2GOXXpbp+6n9g6VZvdj9vVt9iH0ukRgqmDKx/fwLf2lE+1H PjHAWJ8TPaH2WtBlaz1MkwDx+W6Yl2C5KrO8+KFMUijzUAl3eY2GkOS6x aOF9r/qofZGfuO3pCFVYlS8gezY76MWNnIIolBwK9Oqa+JG/FxCbYg=;
X-MDAV-Processed: mail.consulintel.es, Wed, 01 Nov 2017 08:08:54 +0100
X-Spam-Processed: mail.consulintel.es, Wed, 01 Nov 2017 08:08:53 +0100
Received: from [10.10.10.134] by mail.consulintel.es (MDaemon PRO v11.0.3) with ESMTP id md50005612204.msg for <v6ops@ietf.org>; Wed, 01 Nov 2017 08:08:53 +0100
X-MDOP-RefID: re=0.000,fgs=0 (_st=1 _vt=0 _iwf=0)
X-Authenticated-Sender: jordi.palet@consulintel.es
X-HashCash: 1:20:171101:md50005612204::IREC808LZIq2XLbI:00001Q++
X-Return-Path: prvs=1478feaab1=jordi.palet@consulintel.es
X-Envelope-From: jordi.palet@consulintel.es
X-MDaemon-Deliver-To: v6ops@ietf.org
User-Agent: Microsoft-MacOutlook/f.27.0.171010
Date: Wed, 01 Nov 2017 08:08:51 +0100
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
To: v6ops list <v6ops@ietf.org>
Message-ID: <C01E3F52-46F8-4BDC-91C8-052310673E6E@consulintel.es>
Thread-Topic: [v6ops] Google Alert - IPv6
References: <f403045ef57ac52962055bd88b84@google.com> <20395E98-DA55-447F-BEFE-CB581A88BB78@gmail.com> <alpine.DEB.2.20.1710190655260.31961@uplift.swm.pp.se> <20171019083506.6627a166@echo.ms.redpill-linpro.com> <alpine.DEB.2.20.1710190856530.31961@uplift.swm.pp.se> <787AE7BB302AE849A7480A190F8B93300A056EB5@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <CAHw9_iLWAMexrfXwsdB8duGa5ueJMofqVRqNck6DeOzA=KChqA@mail.gmail.com> <C4E37677-A2FB-49F8-B362-C29B28DFD570@daveor.com> <CE4906A4-E0CC-4C3F-A1F8-D2B5BED294D7@employees.org> <EDC5E9C7-F193-40CE-B21C-8E1D91E9E7E3@daveor.com> <C71D6C23-2720-403F-B655-D8156898A137@employees.org> <CALx6S37E9TN9SyMQfk3CSx9vWzjBM3bmuhvsyN0tFXGYFz9Mjw@mail.gmail.com> <CAO42Z2yXH0sPJYXJ6Nrq0B=UaDK4mC1R2Tds1tFQeBhuVh5meg@mail.gmail.com> <F0990C2F-0626-4416-AA5D-1AAE41C24510@gmail.com> <A9FAF661-C5DB-4EE2-8175-56FF50792B27@gmail.com>
In-Reply-To: <A9FAF661-C5DB-4EE2-8175-56FF50792B27@gmail.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Reply-To: jordi.palet@consulintel.es
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/e9kKPK-E65UTAQF9lFwaSp6K94o>
Subject: Re: [v6ops] Google Alert - IPv6
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Nov 2017 07:09:00 -0000

Totally agree, however there is a subtle situation here, when we associate this to the origin of the thread … CGN

If an unlawful action has been done with that phone, the phone owner will be responsible in front of the law to identify the person who has go the phone. Otherwise, the courts will judge you as the author of the unlawful action.

Same as if you are the owner of a car that has an accident and don’t stop, unless you identify in and undoubtable way a third person driving the car, it will be your problem.

So, and this is what I was trying to point to the EU article 29 working party many years ago, even if you identify an IP address, it is almost impossible to say this is personal data, you need to correlate that with many many many other data, and even do, unless you have a live record of he/she being in front of the keyboard at that specific time.

However, the implications of CGN for the police is that, without a CGN, the owner for the phone that done that unlawful act (in EU you need to provide a legal ID to have a phone line) using that IP address, the identification is “direct”, no further investigation is needed and is the owner the responsible to identify a third party if that's the case. With CGN, if the IP address is shared and there are no source ports records, the investigation brings the police to a number of people, may be only 16, may be hundreds, which is a big issue.

Regards,
Jordi
 

-----Mensaje original-----
De: v6ops <v6ops-bounces@ietf.org> en nombre de Fred Baker <fredbaker.ietf@gmail.com>
Responder a: <fredbaker.ietf@gmail.com>
Fecha: miércoles, 1 de noviembre de 2017, 2:59
Para: DY Kim <dykim6@gmail.com>
CC: v6ops list <v6ops@ietf.org>, Tore Anderson <tore@fud.no>, Dave O'Reilly <rfc@daveor.com>
Asunto: Re: [v6ops] Google Alert - IPv6

    I think that misses the point. If you identify yourself to the phone, it knows that you are holding it. You might then pass it to someone else, who uses it. The phone doesn't know who is holding it, only that you unlocked it.
    
    But that's not the point. The point is that someone *else* observing your phone's traffic or location data makes the assumption that the phone is with or being used by you. You didn't present your fingerprint to them; they are observing after the fact and making inferences.
    
    Now, as an investigative tool, that makes sense - in a high percentage of cases, the person using your phone is you. So they can use that as a working assumption in the conduct of an investigation. But the working assumption doesn't prove anything, it only gives hints that have to be further verified to turn into proof.
    
    > On Nov 1, 2017, at 5:47 AM, DY Kim <dykim6@gmail.com> wrote:
    > 
    > When unlocking your smart phone, you might use the ‘finger touch’ identification, in which case the device use might identify the individual.
    > 
    > When a password or swipe pattern is used, the association might be weaker since those could be stolen.
    > 
    > ---
    > DY
    > 
    >> On 1 Nov 2017, at 10:42, Mark Smith <markzzzsmith@gmail.com> wrote:
    >> 
    >> There really needs to be something else that supports or proves use of a device other than an assumption that an IP address is tightly coupled to a device's owner, and therefore all actions associated with an IP address are those of the device's owner.
    > 
    > _______________________________________________
    > v6ops mailing list
    > v6ops@ietf.org
    > https://www.ietf.org/mailman/listinfo/v6ops
    
    _______________________________________________
    v6ops mailing list
    v6ops@ietf.org
    https://www.ietf.org/mailman/listinfo/v6ops
    



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.

v2.23.0 | Report a Bug | By Email