RE: [gnso-dow123] Third draft of WHOIS task force terms of reference
ICANN's bylaws very clearly state that any ICANN body making a
recommendation *shall* consider the Core Values set out within it. I
believe it's important that this not be overlooked and added language
to that affect (directly from the bylaws) to the draft.
The attached document leaves Marilyn's redline in tact and includes my
changes. My changes in the text version below are enclosed between
*asterisks.*
Tim
----------------------------------------------------------------------------
Changes provided by Marilyn Cade, BC Councilor, as modifications to
Bruce Tonkin?s
Additional changes proposed by Tim Ruiz enclosed between *asterisks.*
Third Draft of Terms of Reference for WHOIS task force
The mission of The Internet Corporation for Assigned Names and Numbers
("ICANN") is to coordinate, at the overall level, the global Internet's
systems of unique identifiers, and in particular to ensure the stable
and secure operation of the Internet's unique identifier systems.
*In performing this mission, ICANN's bylaws set out 11 core values (Core
Values) to guide its decisions and actions. Any ICANN body making a
recommendation or decision shall exercise its judgment to determine
which of these Core Values are most relevant and how they apply to the
specific circumstances of the case at hand, and to determine, if
necessary, an appropriate and defensible balance among competing
values.*
ICANN has agreements with gTLDS registrars and gTLDS registries that
require the provision of a WHOIS service via three mechanisms: port-43,
web based access, and bulk access. The agreements also require a
Registered Name Holder to provide accurate contact information for
themselves, as well as technical and administrative contact information
adequate to facilitate timely resolution of any problems that arise in
connection with the Registered Name. A registrar is required in the
Registrar Accreditation Agreement (RAA) to take reasonable precautions
to protect Personal Data from loss, misuse, unauthorized access or
disclosure, alteration, or destruction.
The goal of the WHOIS task force is to improve the effectiveness of the
WHOIS service in maintaining the stability and security of the
Internet's unique identifier systems, whilst *considering the relevant
Core Values and* taking into account where appropriate the issues of
privacy for the personal data of individuals that may be Registered
Name Holders, or the administrative or technical contact for a domain
name.
Tasks:
(1) Define the purpose of the WHOIS service in the context of ICANN's
mission *and relevant Core Values*, relevant applicable international
and national laws, including, but not limited to those regarding
privacy, and the changing nature of Registered Name Holders.
(2) Define the purpose of the registered name holder, technical and
administrative contacts, in the context of the purpose of WHOIS, and
the purpose for which the data was collected. Relevant definitions are
taken from Exhibit C of the Transfers Task force report as a starting
point (from
http://www.icann.org/gnso/transfers-tf/report-exhc-12feb03.htm):
"Contact: Contacts are individuals or entities associated with domain
name records. Typically, third parties with specific inquiries or
concerns will use contact records to determine who should act upon
specific issues related to a domain name record. There are typically
three of these contact types associated with a domain name record, the
Administrative contact, the Billing contact and the Technical contact.
Contact, Administrative: The administrative contact is an individual,
role or organization authorized to interact with the Registry or
Registrar on behalf of the Domain Holder. The administrative contact
should be able to answer non-technical questions about the domain
name's registration and the Domain Holder. In all cases, the
Administrative Contact is viewed as the authoritative point of contact
for the domain name, second only to the Domain Holder.
Contact, Billing: The billing contact is the individual, role or
organization designated to receive the invoice for domain name
registration and re-registration fees.
Contact, Technical: The technical contact is the individual, role or
organization that is responsible for the technical operations of the
delegated zone. This contact likely maintains the domain name server(s)
for the domain. The technical contact should be able to answer technical
questions about the domain name, the delegated zone and work with
technically oriented people in other zones to solve technical problems
that affect the domain name and/or zone."
Contact: Domain Holder: The individual or organization that registers a
specific domain name. This individual or organization holds the right o
use that specific domain name for a specified period of time, provided
certain conditions are met and the registration fees are paid. This
person or organization is the ?legal entity? bound by the terms of the
relevant service agreements with the Registry operation of the TLD in
question.?
(3) Determine what data collected should be available for public access
in the context of the purpose of WHOIS. Determine how to access data
that is not available for public access.
The current elements that must be displayed by a registrar are:
- The name of the Registered Name;
- The names of the primary name server and secondary name server(s) for
the Registered Name;
- The identity of Registrar (which may be provided through Registrar's
website);
- The original creation date of the registration;
- The expiration date of the registration;
- The name and postal address of the Registered Name Holder;
- The name, postal address, e-mail address, voice telephone number, and
(where available) fax number of the technical contact for the
Registered Name; and
- The name, postal address, e-mail address, voice telephone number, and
(where available) fax number of the administrative contact for the
Registered Name.
(4) Determine how to improve the process for notifying a registrar of
inaccurate WHOIS data, and the process for investigating and correcting
inaccurate data. Currently a registrar must require a ?Registered Name
Holder [to] provide to Registrar accurate and reliable contact details
and promptly correct and update them during the term of the Registered
Name registration;? ?shall abide by any specifications or policies
established according to Section 4 requiring reasonable and
commercially practicable (a) verification, at the time of registration,
of contact information associated with a Registered Name sponsored by
Registrar or (b) periodic re-verification of such information; ? and
"shall, upon notification by any person of an inaccuracy in the contact
information associated with a Registered Name sponsored by Registrar,
take reasonable steps to investigate that claimed inaccuracy. In the
event Registrar learns of inaccurate contact information associated
with a Registered Name it sponsors, it shall take reasonable steps to
correct that inaccuracy."
Insert here the relevant sections being drafted by Jordyn and Maria that
captures the existing work.
Submitted by Marilyn Cade, BC Councilor
Additions submitted by Tim Ruiz for the Go Daddy Group.
Attachment:
WHOIS ToR - RUIZ - Proposed Changes.doc |