<<<
Chronological Index
>>> <<<
Thread Index
>>>
RE: [gnso-dow123] WHOIS Issues discussed at the GNSO Council meeting 2 June 2005
- To: <gnso-dow123@xxxxxxxxxxxxxx>
- Subject: RE: [gnso-dow123] WHOIS Issues discussed at the GNSO Council meeting 2 June 2005
- From: "Bruce Tonkin" <Bruce.Tonkin@xxxxxxxxxxxxxxxxxx>
- Date: Tue, 7 Jun 2005 12:23:12 +1000
Hello Tim,
Yes - that is an error.
It should read:
c. "Linking to an external web page is not sufficient." was not
supported by the Registrars
Regards,
bruce
________________________________
From: owner-gnso-dow123@xxxxxxxxx
[mailto:owner-gnso-dow123@xxxxxxxxx] On Behalf Of Tim Ruiz
Sent: Tuesday, 7 June 2005 5:42 AM
To: 'GNSO.SECRETARIAT@xxxxxxxxxxxxxx';
gnso-dow123@xxxxxxxxxxxxxx
Subject: RE: [gnso-dow123] WHOIS Issues discussed at the GNSO
Council meeting 2 June 2005
c. "Linking to an external web page is not sufficient." was
supported by the Registrars
The above excerpt from the minutes below is not correct is it? I
believe that it was *not* supported by the Registrars.
Tim
-----Original Message-----
From: owner-gnso-dow123@xxxxxxxxx
[mailto:owner-gnso-dow123@xxxxxxxxx] On Behalf Of
GNSO.SECRETARIAT@xxxxxxxxxxxxxx
Sent: Monday, June 06, 2005 7:35 AM
To: gnso-dow123@xxxxxxxxxxxxxx
Subject: [gnso-dow123] WHOIS Issues discussed at the GNSO
Council meeting 2 June 2005
Extract of the draft GNSO Council minutes
relating to the WHOIS task force items
GNSO Council Teleconference held on 2 June 2005
Item 3: Consideration of the final report from the WHOIS task
force with respect to improving notification and consent for the use of
contact data in the Whois system.
http://www.gnso.icann.org/mailing-lists/archives/council/msg00963.html
Bruce Tonkin referred to his posting to the Council list
<http://gnso.icann.org/mailing-lists/archives/council/msg00977.html>
stating, that with respect to considering the final report
<http://www.gnso.icann.org/mailing-lists/archives/council/msg00963.html>
from the WHOIS task force on improving notification and consent for the
use of contact data in the Whois system, the GNSO council would follow
the ICANN bylaws, section 10, of Annex A
<http://www.icann.org/general/bylaws.htm#AnnexA> , for the Policy
Development Process.
Section 10 states:
10. Council Deliberation
a. Upon receipt of a Final Report, the Council chair will
(i) distribute the Final Report to all Council members;
The Final report has been distributed
<http://gnso.icann.org/mailing-lists/archives/council/msg00963.html> to
all council members and
(ii) call for a Council meeting, which has been done on 2 June
2005.
"The Council may commence its deliberation on the issue prior to
the formal meeting, including via in-person meetings, conference calls,
e-mail discussions or any other means the Council may choose. The
deliberation process shall culminate in a formal Council meeting either
in person or via teleconference, wherein the Council will work towards
achieving a Supermajority Vote to present to the Board."
Bruce Tonkin proposed adjourning the vote until the next council
meeting on 23 June 2005 to assure that proxy votes had specific voting
instructions, but using the current debate to determine if Council could
reach a Supermajority vote, 66%, based on the recommendation or whether
changes were needed.
If the Council could reach a SuperMajority vote on the
recommendation, the Council might decide to create an implementation
committee to flesh out some of the implementation details before
providing the Final Report
to the Board.
If the Council could not reach a SuperMajority position, then
the Council members that voted against the recommendations needed to
provide written reasons within 5 days for inclusion in the Final Report
to the Board why they voted against the recommendation.
Text of the recommendation:
<http://gnso.icann.org/mailing-lists/archives/council/docEAuV3mXmul.doc>
"1. Registrars must ensure that disclosures regarding
availability
and third-party access to personal data associated with domain
names
actually be presented to registrants during the registration
process.
Linking to an external web page is not sufficient.
2. Registrars must ensure that these disclosures are set aside
from
other provisions of the registration agreement if they are
presented to
registrants together with that agreement. Alternatively,
registrars may
present data access disclosures separate from the registration
agreement. The wording of the notice provided by registrars
should, to
the extent feasible, be uniform.
3. Registrars must obtain a separate acknowledgement from
registrants that they have read and understand these
disclosures. This
provision does not affect registrars' existing obligations to
obtain
registrant consent to the use of their contact information in
the WHOIS
system. "
Philip Sheppard, representing the Commercial and Business Users
constituency, Niklas Lagergren, a task force member and representing the
Intellectual Property Interests constituency and Maureen Cubberley,
elected by the Nominating Committee all spoke in favour of the
recommendation as being clear, concise, implementable, maintained
privacy as well as a high standard of data protection.
Tom Keller, a task force member and Bruce Tonkin, both
representing the Registrar constituency spoke against the
recommendation.
Tom Keller, against supporting the recommendation, commented
that it placed too much constraint on Registrars, it was unnecessary to
single out one issue especially in view of the list of issues
<http://gnso.icann.org/mailing-lists/archives/council/docvXuOBc9Yat.doc>
to be clarified, and pointed out that there was a difference between
acknowledgement and consent.
Bruce Tonkin commented from a registrars view point that the
recommendation dealt with consumer education and moved away from ICANN's
core issues regarding security and stability. There were many elements
of registrar agreements that consumers should be made aware of such as
delete, expiration of names practices, UDRP requirements, registering
names in good faith, and rather than single one ICANN, the Intellectual
Property and Business Users should be encouraging their communities to
read all the terms and conditions.
Regarding part one, Registrars support making information about
WHOIS practices available, but disagreed that it was not possible to use
a link to a separate webpage. This is a standard way of linking to
privacy policies and terms and conditions.
Obtaining a separate acknowledgement from registrants placed an
unnecessary burden on the registration process.
The Registrar Accreditation Agreement
<http://www.icann.org/registrars/ra-agreement-17may01.htm#2> had a
standard text that registrars should use to inform registrants 2.7.4
Ken Stubbs, a task force member and a gTLD registries
constituency representative, proposed a uniform disclosure policy agreed
on by the registrars.
Jordyn Buchanan, the chair of the combined WHOIS task force,
commented that the current recommendation arose from concern the Whois
task force 2
<http://gnso.icann.org/issues/whois-privacy/Whois-tf2-preliminary.html>
had expressed that in the current notification to registrants it was
neither very conspicuous nor obvious that their data would be published
in a public data base.
2.1 Notification and Consent
<http://gnso.icann.org/issues/whois-privacy/Whois-tf2-preliminary.html#N
otificationandConsent>
"According to the ICANN Registrar Accreditation Agreement (RAA),
Registrars are required to form an agreement with Registered Name
Holders containing the following elements.
Section 3.7.7 of the RAA addresses the requirements of the
Registrar/Registrant agreement, including the need for accurate and
reliable registrant contact information. To the extent the notice to
registrants of data elements collected and displayed are not clear or
may be overlooked by registrants based on the overall length and
complexity of the registration agreement, it is useful to change the
format so that better notice is delivered to registrants. The task force
finds that disclosures regarding availability and access to Who is data
should be set aside from other provisions of a registration agreement by
way of bigger or bolded font, a highlighted section, simplified language
or otherwise made more conspicuous.
It follows that separate consent to the Whois disclosures is
also useful. By obtaining separate consent from registrants, at the time
of agreement, to the specific Whois data provisions, it would further
draw attention to and facilitate better understanding of the registrar's
Whois disclosure policy."
In summary:
a. There could be general agreement on:
2." Registrars must ensure that these disclosures are set aside
from other provisions of the registration agreement if they are
presented to registrants together with that agreement. Alternatively,
registrars may
present data access disclosures separate from the registration
agreement. The wording of the notice provided by registrars should, to
the extent feasible, be uniform. "
b. This recommendation would appear to be unacceptable
3. Registrars must obtain a separate acknowledgement from
registrants that they have read and understand these disclosures. This
provision does not affect registrars' existing obligations to obtain
registrant consent to the use of their contact information in the WHOIS
system."
c. "Linking to an external web page is not sufficient." was
supported by the Registrars
ACTION ITEM:
Marilyn Cade suggested as an administrative assignment to the
ICANN policy staff:
Review of the top 10 registrars and a random selection of 10
other registrars to determine how registrars make registrants aware of
their obligations to provide contact information for public display via
the WHOIS service.
Report back to Council and the combined Whois task force.
Timeframe: one week
Vote adjourned until the next Council meeting June 23 2005, all
councillors unable to attend that meeting should provide proxy votes
with instructions.
Item 4. Approval of new terms of reference for combined WHOIS
task force
<http://www.gnso.icann.org/mailing-lists/archives/council/msg00968.html>
, and approval of membership and voting rules.
Bruce Tonkin commented that the current terms of reference
<http://www.gnso.icann.org/mailing-lists/archives/council/msg00968.html>
, version 5, had undergone minor additions since the council meeting
held on May 12, 2005.
<http://www.gnso.icann.org/meetings/minutes-gnso-12may05.htm>
Niklas Lagergren proposed:
that a requirement be added to the draft terms of reference v5,
task 4
<http://www.gnso.icann.org/mailing-lists/archives/council/msg00968.html>
, to develop a policy for up-front verification of WHOIS information.
Discussion on the motion:
Marilyn Cade stated that the Commercial and Business Users
constituency supported the need for accurate data, but did not support
mandating how the data should be validated.
Bruce Tonkin suggested investigating the incidence of WHOIS
problem reports, how frequent was their follow up and was the complaint
system working
The motion received 12 votes in favour, 7 votes against and 6
abstentions (count as votes against) out of a total of 26 votes. Kiyoshi
Tsuru no vote, absent without proxy
The motion failed.
Bruce Tonkin proposed a vote:
to accept the Draft terms of reference v5
<http://www.gnso.icann.org/mailing-lists/archives/council/msg00968.html>
for the combined WHOIS task force.
The motion received 22 votes in favour, out of a total of 26
votes, (4 councillors were absent for the vote).
The motion carried
Marilyn Cade proposed instructions on the process:
- The task force should be encouraged to have an interactive
relationship with Council by reporting on a continual basis the stages
of work undertaken.
In order to define the purpose of WHOIS, the current uses should
be identified and data collected by previous task forces with the help
of the ICANN policy staff should be documented.
The GNSO Council accepted the Terms of Reference for the
combined WHOIS task force
<http://gnso.icann.org/policies/terms-of-reference.html> , noted below:
The mission of The Internet Corporation for Assigned Names and
Numbers ("ICANN") is to coordinate, at the overall level, the global
Internet's systems of unique identifiers, and in particular to ensure
the stable and secure operation of the Internet's unique identifier
systems.
In performing this mission, ICANN's bylaws set out 11 core
values to guide its decisions and actions. Any ICANN body making a
recommendation or decision shall exercise its judgment to determine
which of these core values are most relevant and how they apply to the
specific circumstances of the case at hand, and to determine, if
necessary, an appropriate and defensible balance among competing values.
ICANN has agreements with gTLD registrars and gTLD registries
that require the provision of a WHOIS service via three mechanisms:
port-43, web based access, and bulk access. The agreements also require
a
Registered Name Holder to provide to a Registrar accurate and
reliable contact details and promptly correct and update them during the
term of the Registered Name registration, including: the full name,
postal
address, e-mail address, voice telephone number, and fax number
if available of the Registered Name Holder; name of authorized person
for contact purposes in the case of an Registered Name Holder that is an
organization, association, or corporation; the name, postal
address, e-mail address, voice telephone number, and (where available)
fax number of the technical contact for the Registered Name; and the
name, postal
address, e-mail address, voice telephone number, and (where
available) fax number of the administrative contact for the Registered
Name. The contact information must be adequate to facilitate timely
resolution of
any problems that arise in connection with the Registered Name.
A registrar is required in the Registrar Accreditation Agreement
(RAA) to take reasonable precautions to protect Personal Data from loss,
misuse, unauthorized access or disclosure, alteration, or destruction.
The goal of the WHOIS task force is to improve the effectiveness
of the WHOIS service in maintaining the stability and security of the
Internet's unique identifier systems, whilst taking into account where
appropriate the need to ensure privacy protection for the
Personal Data of natural persons that may be Registered Name Holders,
the authorised representative for contact purposes of a Register Name
Holder, or the administrative or technical contact for a domain name.
Tasks:
(1) Define the purpose of the WHOIS service in the context of
ICANN's mission and relevant core values, international and national
laws protecting privacy of natural persons, international and national
laws
that relate specifically to the WHOIS service, and the changing
nature of Registered Name Holders.
(2) Define the purpose of the Registered Name Holder, technical,
and administrative contacts, in the context of the purpose of WHOIS, and
the purpose for which the data was collected. Use the relevant
definitions from Exhibit C of the Transfers Task force report
<http://www.icann.org/gnso/transfers-tf/report-exhc-12feb03.htm> as a
starting point
(from
http://www.icann.org/gnso/transfers-tf/report-exhc-12feb03.htm):
"Contact: Contacts are individuals or entities associated with
domain
name records. Typically, third parties with specific inquiries
or
concerns will use contact records to determine who should act
upon
specific issues related to a domain name record. There are
typically
three of these contact types associated with a domain name
record, the
Administrative contact, the Billing contact and the Technical
contact.
Contact, Administrative: The administrative contact is an
individual,
role or organization authorized to interact with the Registry or
Registrar on behalf of the Domain Holder. The administrative
contact
should be able to answer non-technical questions about the
domain name's
registration and the Domain Holder. In all cases, the
Administrative
Contact is viewed as the authoritative point of contact for the
domain
name, second only to the Domain Holder.
Contact, Billing: The billing contact is the individual, role or
organization designated to receive the invoice for domain name
registration and re-registration fees.
Contact, Technical: The technical contact is the individual,
role or
organization that is responsible for the technical operations of
the
delegated zone. This contact likely maintains the domain name
server(s)
for the domain. The technical contact should be able to answer
technical
questions about the domain name, the delegated zone and work
with
technically oriented people in other zones to solve technical
problems
that affect the domain name and/or zone.
Domain Holder: The individual or organization that registers a
specific
domain name. This individual or organization holds the right to
use that
specific domain name for a specified period of time, provided
certain
conditions are met and the registration fees are paid. This
person or
organization is the "legal entity" bound by the terms of the
relevant
service agreement with the Registry operator for the TLD in
question."
(3) Determine what data collected should be available for public
access in the context of the purpose of WHOIS. Determine how to access
data that is not available for public access. The current elements that
must be displayed by a registrar are:
- The name of the Registered Name;
- The names of the primary nameserver and secondary
nameserver(s) for the Registered Name;
- The identity of Registrar (which may be provided through
Registrar's website);
- The original creation date of the registration;
- The expiration date of the registration;
- The name and postal address of the Registered Name Holder;
- The name, postal address, e-mail address, voice telephone
number, and (where available) fax number of the technical contact for
the Registered Name; and
- The name, postal address, e-mail address, voice telephone
number, and (where available) fax number of the administrative contact
for the Registered Name.
(4) Determine how to improve the process for notifying a
registrar of inaccurate WHOIS data, and the process for investigating
and correcting inaccurate data. Currently a registrar "shall, upon
notification by any person of an inaccuracy in the contact information
associated with a Registered Name sponsored by Registrar, take
reasonable steps to investigate that claimed inaccuracy. In the event
Registrar learns of
inaccurate contact information associated with a Registered Name
it sponsors, it shall take reasonable steps to correct that inaccuracy."
(5) Determine how to resolve differences between a Registered
Name Holder's, gTLD Registrar's, or gTLD Registry's obligation to abide
by all applicable laws and governmental regulations that relate to the
WHOIS service, as well as the obligation to abide by the terms
of the agreements with ICANN that relate to the WHOIS service. [Note
this task refers to the current work in the WHOIS task force called
'Recommendation 2', A Procedure for conflicts, when there are conflicts
between a registrar's of registry's legal obligations under local
privacy laws and their contractual obligations to ICANN.]
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|