Search RPD Archives
[rpd] Policy Development Process and Elections
Owen DeLong
owen at delong.com
Thu Aug 20 20:56:24 UTC 2020
> On Aug 20, 2020, at 04:20 , JORDI PALET MARTINEZ via RPD <rpd at afrinic.net> wrote:
>
> Hi Ronald,
>
> In general, companies such as Google, Facebook, etc. cooperate with LEA (examples such as Spanish Guardia Civil, Europol, Interpol) even if the request comes from outside the US. I know this from a couple of cases and in Spain you can read cases in the newspaper every day (for example harassment cases via email or social networks). They even respond to Data Protection Agencies.
Yes and no… Presented with a lawful subpoena or equivalent, they will cooperate. OTOH, we’ve also seen (e.g. Google’s departure from China) where cooperation was known to be aiding the government in hunting down dissidents) situations where companies choose not to comply with “unreasonable” law enforcement.
> If you need to investigate who is the owner of "email xxx at gmail.com" and you're a LEA, you have the right contacts with those companies to query for data in an investigation.
It’s very easy to create a gmail account anonymously and without giving Google any truthful PII, so even if you get Google to give you everything they have, an individual that chooses to do so carefully can be traced to a library computer somewhere without anything else.
> We are not asking for access to "xxx at gmail.com" or all the account data, but just to know what is the email or phone number used to create the account. So, for example "xxx at gmail.com" was created by jp at theipv6company.com.
Someone doing a careful job of creating a sock puppet would do so without either of those data or if they used a phone number, it would be a burner (which is quite cheap and easy these days).
> I understand that in most cases they may not be willing to respond with *other information*, unless a third country court ask an US court to provide it, etc.
In most cases, if it really is a cutout, what they have won’t be useful anyway.
Owen
>
> Regards,
> Jordi
> @jordipalet
>
>
> PS: I just recalled the case we were talking about. See:
> https://lists.afrinic.net/pipermail/rpd/2019/009470.html
> https://lists.afrinic.net/pipermail/rpd/2019/009512.html
>
>
>
> El 20/8/20 12:47, "Ronald F. Guilmette" <rfg at tristatelogic.com> escribió:
>
> In message <F8E03026-1A1B-4B32-89A2-C73713895155 at consulintel.es>,
> JORDI PALET MARTINEZ <jordi.palet at consulintel.es> wrote:
>
>> In-line below as [Jordi]
>
>> El 19/8/20 22:37, "Ronald F. Guilmette" <rfg at tristatelogic.com> escribió:
>> I have no problem with people participating. I had gathered however that
>> there was an issue currently being discussed with respect to -voting-.
>>
>> [Jordi] However there should not be difference in participating and voting! We are not voting for membership roles, but community roles.
>
> Oh! Ok. I was under the mistaken impression that what was being discussed
> was vogfting rights with respect to voting on POLICY PROPOSALS.
>
> In that case, I do think that "member only" voting should perhaps be the
> rule, and that non-resource-holding membetrshisp should be given out
> liberally, to anyone who wants to participate, and who can pass some
> minimal vetting.
>
>> ... Google can be legally queried for "who is this person", nothing else...
>
> Jordi, I mean no offense, but you REALLY do not know how this works.
>
> In the first place, Google is a U.S. company, so legal action would have
> to commence in the U.S. That right there means potentially MAJOR costs.
>
> But forget about that. It isn't relevant, because you/AFRINIC would not
> even get that far.
>
> Do you think that Google or Twitter or any other major U.S. tech company
> just hands over the secret identities of their users at the drop of a
> hat, just because they have been sued and/or just because you have requested
> the information??
>
> Hint: They don't. In fact quite the opposite. They will fight you all
> of the way up to the U.S. Supreme Court in order to NOT be obliged to
> give you that inforation.
>
>> More to the point however... and I hope that someone will correct me if
>> I have misunderstood... it seems that the real issue is "sock puppets"
>> infiltrating the mailing lists AND then asking to vote, or being allowed
>> to vote.
>>
>> [Jordi] That's what we are trying to prevent now...
>
> I say again that there are good and well tested technical ways of achieving
> this. The most rudimentary example is a CAPTCHA, but there are many others
> that are better for thwarting even a determined attacker.
>
> Try creating a Goole Voice account. This is just one more example of another
> methodology to solve the problem. There are many others out there.
>
>
> Regards,
> rfg
>
>
> _______________________________________________
> RPD mailing list
> RPD at afrinic.net
> https://lists.afrinic.net/mailman/listinfo/rpd
>
>
>
> **********************************************
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.theipv6company.com
> The IPv6 Company
>
> This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
>
>
>
>
> _______________________________________________
> RPD mailing list
> RPD at afrinic.net
> https://lists.afrinic.net/mailman/listinfo/rpd
More information about the RPD
mailing list