RE: [gnso-dow123] Third draft of WHOIS task force terms of reference
ICANN's bylaws very clearly state that any ICANN body making a recommendation *shall* consider the Core Values set out within it. I believe it's important that this not be overlooked and added language to that affect (directly from the bylaws) to the draft. The attached document leaves Marilyn's redline in tact and includes my changes. My changes in the text version below are enclosed between *asterisks.* Tim ---------------------------------------------------------------------------- Changes provided by Marilyn Cade, BC Councilor, as modifications to Bruce Tonkin?s Additional changes proposed by Tim Ruiz enclosed between *asterisks.* Third Draft of Terms of Reference for WHOIS task force The mission of The Internet Corporation for Assigned Names and Numbers ("ICANN") is to coordinate, at the overall level, the global Internet's systems of unique identifiers, and in particular to ensure the stable and secure operation of the Internet's unique identifier systems. *In performing this mission, ICANN's bylaws set out 11 core values (Core Values) to guide its decisions and actions. Any ICANN body making a recommendation or decision shall exercise its judgment to determine which of these Core Values are most relevant and how they apply to the specific circumstances of the case at hand, and to determine, if necessary, an appropriate and defensible balance among competing values.* ICANN has agreements with gTLDS registrars and gTLDS registries that require the provision of a WHOIS service via three mechanisms: port-43, web based access, and bulk access. The agreements also require a Registered Name Holder to provide accurate contact information for themselves, as well as technical and administrative contact information adequate to facilitate timely resolution of any problems that arise in connection with the Registered Name. A registrar is required in the Registrar Accreditation Agreement (RAA) to take reasonable precautions to protect Personal Data from loss, misuse, unauthorized access or disclosure, alteration, or destruction. The goal of the WHOIS task force is to improve the effectiveness of the WHOIS service in maintaining the stability and security of the Internet's unique identifier systems, whilst *considering the relevant Core Values and* taking into account where appropriate the issues of privacy for the personal data of individuals that may be Registered Name Holders, or the administrative or technical contact for a domain name. Tasks: (1) Define the purpose of the WHOIS service in the context of ICANN's mission *and relevant Core Values*, relevant applicable international and national laws, including, but not limited to those regarding privacy, and the changing nature of Registered Name Holders. (2) Define the purpose of the registered name holder, technical and administrative contacts, in the context of the purpose of WHOIS, and the purpose for which the data was collected. Relevant definitions are taken from Exhibit C of the Transfers Task force report as a starting point (from http://www.icann.org/gnso/transfers-tf/report-exhc-12feb03.htm): "Contact: Contacts are individuals or entities associated with domain name records. Typically, third parties with specific inquiries or concerns will use contact records to determine who should act upon specific issues related to a domain name record. There are typically three of these contact types associated with a domain name record, the Administrative contact, the Billing contact and the Technical contact. Contact, Administrative: The administrative contact is an individual, role or organization authorized to interact with the Registry or Registrar on behalf of the Domain Holder. The administrative contact should be able to answer non-technical questions about the domain name's registration and the Domain Holder. In all cases, the Administrative Contact is viewed as the authoritative point of contact for the domain name, second only to the Domain Holder. Contact, Billing: The billing contact is the individual, role or organization designated to receive the invoice for domain name registration and re-registration fees. Contact, Technical: The technical contact is the individual, role or organization that is responsible for the technical operations of the delegated zone. This contact likely maintains the domain name server(s) for the domain. The technical contact should be able to answer technical questions about the domain name, the delegated zone and work with technically oriented people in other zones to solve technical problems that affect the domain name and/or zone." Contact: Domain Holder: The individual or organization that registers a specific domain name. This individual or organization holds the right o use that specific domain name for a specified period of time, provided certain conditions are met and the registration fees are paid. This person or organization is the ?legal entity? bound by the terms of the relevant service agreements with the Registry operation of the TLD in question.? (3) Determine what data collected should be available for public access in the context of the purpose of WHOIS. Determine how to access data that is not available for public access. The current elements that must be displayed by a registrar are: - The name of the Registered Name; - The names of the primary name server and secondary name server(s) for the Registered Name; - The identity of Registrar (which may be provided through Registrar's website); - The original creation date of the registration; - The expiration date of the registration; - The name and postal address of the Registered Name Holder; - The name, postal address, e-mail address, voice telephone number, and (where available) fax number of the technical contact for the Registered Name; and - The name, postal address, e-mail address, voice telephone number, and (where available) fax number of the administrative contact for the Registered Name. (4) Determine how to improve the process for notifying a registrar of inaccurate WHOIS data, and the process for investigating and correcting inaccurate data. Currently a registrar must require a ?Registered Name Holder [to] provide to Registrar accurate and reliable contact details and promptly correct and update them during the term of the Registered Name registration;? ?shall abide by any specifications or policies established according to Section 4 requiring reasonable and commercially practicable (a) verification, at the time of registration, of contact information associated with a Registered Name sponsored by Registrar or (b) periodic re-verification of such information; ? and "shall, upon notification by any person of an inaccuracy in the contact information associated with a Registered Name sponsored by Registrar, take reasonable steps to investigate that claimed inaccuracy. In the event Registrar learns of inaccurate contact information associated with a Registered Name it sponsors, it shall take reasonable steps to correct that inaccuracy." Insert here the relevant sections being drafted by Jordyn and Maria that captures the existing work. Submitted by Marilyn Cade, BC Councilor Additions submitted by Tim Ruiz for the Go Daddy Group. Attachment:
WHOIS ToR - RUIZ - Proposed Changes.doc |