At 1:56 PM +0100 on 2/9/07, Vittorio Bertola wrote to a bunch of us, saying:
Neil Schwartzman ha scritto:
The vast majority of investigators who man the ramparts in the fight against such things are not law enforcement agencies nor officials, but ad hoc groups and independents such as myself.
I must say that my tiny home SMTP server has been too often unjustly blacklisted in anti-spam tools (usually on the basis of "you use an ISP that we don't like", even if it's one of the major ISPs in my country, or just of "your ISP address is dynamic") for me to be sympathetic to the needs of self-appointed, unauthorized sheriffs of the Internet.
I won't enter into this debate, sorry.
In any case, you should be aware that there are people that won't accept to give away a bit of their privacy for a bit less of spam and malware. Specifically, this part:
It is a privilege, not a right.
is quite astonishing: you'd better read the Universal Declaration of Human Rights (as well as the Constitutions of many countries and the EU Directives on the matter) before saying this. Privacy is a universally recognized human right, and as such, at least in Europe, people perceive as an insult and a deprivation of rights the suggestion that they should pay for it, as they would do if they had to pay for voting, for basic education, or to get emergency healthcare. How much would it cost is irrelevant.
DOMAINS are a privilege not a right. Please google my name + pipeda if you are wondering about my privacy credibility. I have been working in the privacy field for a decade now, by the way. I look at spam, spyware, and phishing as the most urgent of daily attacks on personal privacy which outstrip the occasions of the needs of an individual to have a personal domain upon which their free speech is simply not contingent on the order of 100s of millions to one. Provide me a list of individuals who need a domain, for which they have to pay, and who cannot pay for obfuscation, and I will personally put out the money to cover them. Are you are willing to look through a list of 100 million spam sent today alone play your part in counterbalancing their 'need'?
LEA rely on the unique and highly-skilled abilities of amateur investigators *heavily* in their efforts; needless to say 'amateurs' have no ability to get court orders to open the kimono of an obfuscated WHOIS record. Indeed, the courts of the world would become clogged with such requests were investigations even able to get to such a point were amateurs to be unable to do their work, and the additional lag would afford the bad guys extra time to vanish.
I do not think that court orders should necessarily be required to gain access to Whois information.
Really? then anyone who asks will be given access? To what end then, the obfuscation?
However, I think that there should be an evaluation by public authority. If law enforcement agencies really need cooperation by private parties (and they do),
They really do. Talk to some, sometime. I'd be happy to coordinate presentation if so requested.
they should be reasonably in touch with them so to be able to help them getting the data when necessary, while at the same time being accountable about what data they disclose.
Perhaps, finding acceptable middle ground could be a better way to get out of this deadlock, rather than questioning the legitimacy of each other's requests.
No, the bay guys move much faster than LEA is able to do given their constraints. -- == Neil Schwartzman Chair, Board of Directors CAUCE Canada: The Canadian Coalition Against Unsolicited Commercial Email Canada: +1 (514) 485-9713 US: +1 (303) 800 6345 UK: 020 8144 6345 Skype: spamfighter666 Fax: +1 (419) 793-0430 [AIM / MSN / Yahoo!]: CAUCECanada [Web]: http://cauce.ca See http://stopspamhere.ca for ways to prevent spam from hitting your inbox.