Re: [gnso-whois-wg] Re: [gnso-acc-sgb] GAC's position on Whois

[Jeff Williams <jwkckid1@xxxxxxxxxxxxx>]

Dr. Dierker and all sgb members,

  I really don't care what the GAC likes or doesn't like as far as this
WG and subgroups are concerned.  GAC's position on Whois
is only good for background information and not a bible for how,
who, what, and/or when any third party has or desires access to
private Whois data.  I am reading far too many comments as they
relate to the GAC and Whois.  From what I have so far understood
this WG and the subgroups are task with coming up with our own
uninfluenced recommendations.

  This now again restated, Dr. Dierkers remarks and/or suggestions
do reflect nicely and very simply where my concerns have been coming
from.  It is the WHO and/or WHICH banking organization specifically
we believe can and/or should be able to be trusted with access to
private Whois data AND under what specific set of rules and/or
conditions said banks have that level of access.  Here is where
I believe we need to concentrate our efforts.

  Therefore I will be happy to glean a short list of which banks,
and a set or rules by which these banks can access said private
Whois data.  One caveat is any bank or financial institution whether
a regional bank, state bank, or otherwise that is on the treasuries
watch list or has been in the past 5 years is not a viable or reasonable

candidate.

Hugh Dierker wrote:

>    Dear Sir,
>
>   Your #3 makes perfect sense. Defining first a legitimate purpose is
> paramount to concluding with legitimate users. I mostly am troubled by
> the dual purpose problem. A bank may have a perfectly legitimate
> reason for access but then it may easily corrupt that access for an
> iligitmate purpose. So once we decide "why" and then we decide "who",
> who does GAC think should decide when.
>
>   Eric
>
> Bertrand de La Chapelle <bdelachapelle@xxxxxxxxx> wrote:
>   Dear all,
>
>   On 5/12/07, Milton Mueller <mueller@xxxxxxx> wrote:  Let me correct
> what seems to be an increasingly common set of errors on
> interpreting the GAC principles. [snip]
>
> Fourth, the GAC statement on Whois deliberately did _not_ say that
> access to the whois data as it now exists should be retained. It
> enumerated several "legitimate activities" that use the whois data.
> That
> was compromise wording deliberately chosen to avoid saying what
> Christopher Gibson is saying below. In other words, in the GAC
> principles it is the activities that are legitimate, but not
> necessarily
> the open access to them that we have now.
>
> 1) As a GAC member directly involved in the last discussions on the
> GAC's WHOIS principles, I fully confirm Milton's comment above, which
> is of the highest importance to understand the GAC's document.
>
> The GAC's position is to recognize that there are legitimate
> activities that have progressively used WHOIS data (because it
> happened to be available) and at the same time that there is conflict
> between the present international WHOIS regime for gTLDs and some
> national privacy laws (in particular within the european union).
>
> It purposefully avoided to say that the use of WHOIS data for these
> activities is "per se" legitimate and that WHOIS data should remain
> accessible in the present form to allow them, precisely because of the
> legal issues of compatibility with national laws.
>
> As a matter of fact, this is the very problem we are all trying to
> solve : how to support legitimate activities and make sure that the
> WHOIS services protect privacy.
>
> 2) I can also confirm that ccTLDs are a different issue, as their
> management is handled by more national frameworks. National privacy
> laws are therefore usually taken into account.
>
> 3) As a side note : the - non-exhaustive - list of "legitimate
> activities" in the GAC principles illustrate the different "purposes"
> I have refered to in the conference calls. Maybe this could be kept in
> mind while defining the "legitimate third parties". Maybe we structure
> our work more around legitimate needs, and try to define the
> corresponding legitimate parties and technical modalities of access to
> specific sets of whois data ?
>
> And we must also be aware that WHOIS is not the only tool available.
> Maybe other additional procedures could be chartered separately.
>
> 4) Finally, as a general comment, the WHOIS  regime for gTLDs is a
> template issue for a recurring problem in terms of "international
> public policy related to the Internet" : what principles, norms, rules
> and decision-making procedures can be established to allow both a
> sufficiently unified global regime and the respect of heterogeneous
> national legislations.
>
> It is also neither surprising nor bad that within each country, LEAs
> and Privacy authorities have different viewpoints. The purpose of
> public policy is not to make one win against the other but precisely
> to see how both legitimate concerns can be combined and conciliated in
> the best public interest balance
>
>
>
> Hope the clarification helps us move forward.
>
> Best
>
> Bertrand
>
> --
> ____________________
> Bertrand de La Chapelle
> Délégué Spécial pour la Société de l'Information / Special Envoy for
> the Information Society
> Ministère des Affaires Etrangères / French Ministry of Foreign Affairs
>
> Tel : +33 (0)6 11 88 33 32
>
> "Le plus beau métier des hommes, c'est d'unir les hommes" Antoine de
> Saint Exupéry
> ("there is no better mission for humans than uniting humans")
>
>
> -

Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security
IDNS. div. of Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402
E-Mail jwkckid1@xxxxxxxxxxxxx
 Registered Email addr with the USPS
Contact Number: 214-244-4827