[alac] RE: [whois-legal] Definitions of "legal issues"

[Bret Fausett <bfausett@xxxxxxxxxxxxxxxx>]

Let me wade in with a couple of thoughts about the term "legal uses."
Since I'm trying to decide what I think about these issues myself, I
find myself starting with "first principles." 

I don't know how far this moves the ball, but I believe the following
things to be true:

(1) Laws are made by governments in processes that are completely
external to ICANN. ICANN does not make laws and, because ICANN is not a
police arm of any government, ICANN does not enforce laws. 

(2) Given (1) above, the questions for registrars and registrants are
(a) how to comply with applicable laws made by governments with
jurisdiction over them; and, (b) how to respond to law enforcement
personnel.

        (For my own part, I think (2) is a pretty fair, 
        if overly simplistic, definition of the term 
        "legal issues" for purposes of whois: i.e., "how to comply
        with applicable laws, and how to respond to law 
        enforcement.")

(3) Registrars and registrants must comply with applicable law.

(4) Registrars may or may not have an obligation to assist law
enforcement, depending on applicable law and the nature of the request.
(For example, in the United States, if law enforcement asks you a
question, you are free to decline or remain silent. You do, however,
have an obligation to respond to a subpoena issued by a court.)

(5) Registrars and registrants also must comply with their registration
agreements. For registrars, this means the RAA and their various
agreements with registries. For registrants, this means their
registration agreements with registrars.

----------------------------------------------------------------

Here are two conclusions I draw from the above:

* To the extent that the RAA and registrar-registrant registration
agreements place conflicting obligations upon either registrars or
registrants with the law of the jurisdiction in which they live or
operate their business, ICANN should consider how to handle this
conflict. This is a suitable issue for policy development. The possible
outcomes of a PDP are: 

(a) if you live in a jurisdiction that places legal obligations on you
that are inconsistent with ICANN's contracts, then you cannot be a
registrar or register a domain name; or, 

(b) if you live in a jurisdiction that places legal obligations on you
that are inconsistent with ICANN's contracts, then the inconsistent
provisions of ICANN's contract are deemed void.

* Because of Principle (1) above, ICANN should not include non-technical
information in the whois database solely for the purpose of aiding law
enforcement. Laws are made outside the ICANN process, and ICANN has no
way of keeping track of all of the ways that registrant data might be
useful for the purpose of some law in some nation. If law enforcement
wants to use the core set of whois information for any lawful purpose,
it can and should do so. Registrars and registrants should cooperate
with law enforcement to the extent they wish to do so or are required to
do so by the laws of their own jurisdiction.