[gnso-dow123] Revised draft minutes Whois task force 26 July 2005
[To: gnso-dow123[at]gnso.icann.org] Dear All, Please find attached the revised draft minutes of the Whois combined task force call held on 26 July 2005. Revisions: 1. Task force name: "WHOIS Task Force" With new terms of reference the separate task forces are an arrangement of the past. 2. Addition of the action point summary 2 Please let me know if there are other changes. Thank you. Kind regards, -- -- Glen de Saint Géry GNSO Secretariat - ICANN gnso.secretariat[at]gnso.icann.org http://gnso.icann.org <!--#set var="bartitle" value="WHOIS Task Forces 1 2 3 teleconference
minutes"-->
<!--#set var="pagetitle" value="WHOIS Task Force 1 2 3 teleconference
minutes"-->
<!--#set var="pagedate" value="26 July 2005" value=""-->
<!--#set var="bgcell" value="#ffffff"-->
<!--#include virtual="/header.shtml"-->
<!--#exec cmd="/usr/bin/perl /etc/gnso/menu.pl 'WHOIS Task Force 1 2 3
teleconference minutes'"-->
<h4 align="center"> </h4>
<h4 align="center"><font face="Arial, Helvetica, sans-serif"><b>WHOIS Task
Force<br>
<br>
26 July 2005 - Minutes</b></font></h4>
<p><font face="Arial, Helvetica, sans-serif"><b>ATTENDEES:<br>
GNSO Constituency representatives:<br>
</b> Jordyn Buchanan - Chair<br>
gTLD Registries constituency - Ken Stubbs<br>
gTLD Registries constituency - David Maher <br>
Registrars constituency - Tim Ruiz (alternate)<br>
Registrars constituency - Ross Rader <br>
Registrars constituency - Tom Keller <br>
Non Commercial Users Constituency - Milton Mueller <br>
Commercial and Business Users constituency - Marilyn Cade <br>
Internet Service and Connectivity Providers constituency - Tony Harris<br>
Internet Service and Connectivity Providers constituency - Maggie Mansourkia
<br>
Internet Service and Connectivity Providers constituency - Greg Ruth <br>
<br>
<strong>Liaisons</strong><br>
At-Large Advisory Committee (ALAC) liaisons - Wendy Seltzer</font> <font
face="Arial, Helvetica, sans-serif"> - absent <br>
GAC Liaison - Suzanne Sene - absent - apologies <br>
<br>
<b>ICANN Staff</b>: <br>
Olof Nordling - Manager, Policy Development Coordination
<br>
Maria Farrell Farrell - ICANN GNSO Policy Officer <br>
<b>GNSO Secretariat </b>- Glen
de Saint Géry <br>
<br>
<b>Absent:</b><br>
Registrars constituency - Paul Stahura <br>
Commercial and Business Users Constituency - David Fares - apologies
<br>
Intellectual Property Interests Constituency - Steve Metalitz - apologies
<br>
Intellectual Property Interests Constituency - Niklas Lagergren - apologies
<br>
Non Commercial Users Constituency - Kathy Kleiman <br>
Non Commercial Users Constituency - Frannie Wellings <br>
Commercial and Business Users Constituency - Sarah Deutsch - apologies<br>
<br>
<br>
</font> <font face="Arial, Helvetica, sans-serif"><strong><a
href="http://gnso-audio.icann.org/WHOIS-20050726-tf123.mp3%20";>MP3 Recording
</a><br>
<a href="http://forum.icann.org/lists/gnso-dow123/msg00470.html";>Action point
summary
</a><br>
<br>
Agenda <br>
1. Discuss and review the constituency statements on the Conflict with
National Laws procedure due Thursday 21 July 2005 and next steps on
recommendation <br>
2. Discuss in depth the tiered access documents from task forces 1 and 2 to
assess usefulness as a framework for any further work.<br>
<br>
1. Discuss and review the constituency statements on the conflict with
national laws procedure due Thursday 21 July 2005 and next steps on
recommendation </strong></font></p>
<p><font face="Arial, Helvetica, sans-serif">Status of constituency statements
received:<br>
<a href="http://forum.icann.org/lists/gnso-dow123/msg00465.html";>The
Intellectual Property Interests</a> <br>
<a href="http://forum.icann.org/lists/gnso-dow123/msg00468.html";>The Non
Commercial Users constituency on recommendation 2</a>,<br>
<a href="http://forum.icann.org/lists/gnso-dow123/msg00464.html";>gTLD registry
constituency statements</a><br>
The Registrar constituency is 14 days out on the conflicts.<br>
The Internet Service Providers and Connectivity Providers constituency end of
week 29 July 2005 and the remaining on tasks 1 & 2 a week later.<br>
The Non Commercial Users constituency posted their statement on recommendation
2, the statement on Whois purpose will be ready in a couple of days. The tasks
1 &2 on how the technical and administrative contacts were populated were
giving the most trouble as there were no serious responses<br>
</font><font face="Arial, Helvetica, sans-serif"><strong>Jordyn</strong> urged
all the constituencies to submit their statements as soon as possible. <br>
<br>
<strong>Brief overview of the constituency statements:
</strong></font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>David Maher,</strong> the
<strong>gTLD registries constituency </strong>supported the statement in its
current form and suggested a system of tiered access to resolve the conflict
issue. From Steve Metalitz’s <a
href="http://forum.icann.org/lists/gnso-dow123/msg00465.html";>extensive
memorandum</a> on the subject it would seem as though war has been declared if
the IPC thinks the present system complies with the European data protection
laws. There is a total lack of consensus in the proceeding. <br>
<br>
<strong>Maggie Mansourkia,</strong> the <strong>ISPCP</strong> was generally
supportive, but suggested some language tweaks about uniformity of the
process. Ultimately the goal of the ISP was greater accuracy so any movement
towards that would be supported. </font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Milton Mueller
</strong>commented that the <strong>NCUC</strong> statement was short and
supported the recommendation. They viewed it as a stop gap measure pending
comprehensive implementation. </font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Ross Rader
</strong>stated that the draft put to the Registrar constituency was very
similar to what the task force was pursuing, with one or two minor amendments
and would likely be supported. The current election/ratification process in the
constituency, a 14 day process, needed to be executed.<br>
<br>
<strong>Jordyn Buchanan </strong>commented, in the absence of an IPC member,
their statement appeared to make no major revisions to the actual policy
recommendations. In general, apart from minor tweaks, it seemed that the task
force had reached the point where work on the recommendations could be
finalised on the list. </font></p>
<p><font face="Arial, Helvetica, sans-serif">Timeline:<br>
Goal:<br>
</font><font face="Arial, Helvetica, sans-serif"> 23 August or earlier - a
formal vote of the task force on the final form of the recommendation <br>
13 September - Staff would need to do the initial report for public comment
for 21 days (would allow the required 7 days to present the document to
Council ) <br>
22 September. - Council call is scheduled</font></p>
<font face="Arial, Helvetica, sans-serif">It was agreed that if the statements
were received sooner, the task force could vote earlier. Some task force
members were of the opinion that the Initial report could be drafted with the
constituency statements outstanding so as to deliver on time as the formal
voting process in certain the constituencies took time.</font>
<p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan</strong>
encouraged task force members to work any proposed amendments or modifications
arising from the constituency statements on the list and if a constituency was
likely to suggest modifications, it should be brought to the attention of the
mailing list as soon as possible.<br>
</font></p>
<P class=MsoNormal style="MARGIN: 0in 0in 0pt"><strong><font face="Arial,
Helvetica, sans-serif"><a
href="http://forum.icann.org/lists/gnso-dow123/msg00470.html";>Action Point
Summary </a></font></strong></P>
<P class=MsoNormal style="MARGIN: 0in 0in 0pt"><span
class="781254415-28072005"><B
style="mso-bidi-font-weight: normal"><font face="Arial, Helvetica,
sans-serif">1
Constituency statements on recommendation 2 (conflicts with national data
protection laws)</font></B><font face="Arial, Helvetica,
sans-serif"><o:p></o:p></font></span></P>
<P class=MsoNormal
style="MARGIN: 0in 0in 0pt; mso-layout-grid-align: none"><font face="Arial,
Helvetica, sans-serif"><span class="781254415-28072005"><B
style="mso-bidi-font-weight: normal"><o:p> </o:p></B></span></font></P>
<P class=MsoNormal style="MARGIN: 0in 0in 0pt"><font face="Arial, Helvetica,
sans-serif"><span class="781254415-28072005">Not all of the statements had yet
been circulated to the list, so discussion on the statements was postponed till
the next call. <o:p></o:p></span></font></P>
<P class=MsoNormal style="MARGIN: 0in 0in 0pt"><font face="Arial, Helvetica,
sans-serif"><span class="781254415-28072005"><o:p> </o:p></span></font></P>
<P class=MsoNormal style="MARGIN: 0in 0in 0pt"><font face="Arial, Helvetica,
sans-serif"><span class="781254415-28072005"><B
style="mso-bidi-font-weight: normal">Actions<o:p></o:p></B></span></font></P>
<UL style="MARGIN-TOP: 0in" type=disc>
<LI class=MsoNormal
style="MARGIN: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list
.5in"><font face="Arial, Helvetica, sans-serif"><span
class="781254415-28072005">Constituencies that haven’t already sent their
constituency statement to the list are asked to do so as quickly as possible.
<o:p></o:p> </span>
</font>
<LI class=MsoNormal
style="MARGIN: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list
.5in"><font face="Arial, Helvetica, sans-serif"><span
class="781254415-28072005">Participants should alert the task force through the
mailing list if they believe their constituency statements will propose
significant amendments to the recommendation. <o:p></o:p> </span>
</font>
<LI class=MsoNormal
style="MARGIN: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list
.5in"><font face="Arial, Helvetica, sans-serif"><span
class="781254415-28072005">The task force will work on the mailing list to
finalise the recommendation. <o:p></o:p> </span>
</font>
<LI class=MsoNormal
style="MARGIN: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list
.5in"><font face="Arial, Helvetica, sans-serif"><span
class="781254415-28072005">A formal vote on the recommendations will be taken
on during the call on 23 August or earlier if the statements are received and
the discussion sufficiently advanced. <o:p></o:p> </span>
</font>
<LI class=MsoNormal
style="MARGIN: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list
.5in"><font face="Arial, Helvetica, sans-serif"><span
class="781254415-28072005">Time will be reserved on the next task force
conference call (August 9<SUP>th</SUP>) to discuss whether the recommendation
is ready to be advanced to an initial report. <o:p></o:p></span></font><span
class="781254415-28072005"><o:p></o:p></span></LI>
</UL>
<p><font face="Arial, Helvetica, sans-serif"><strong>2. Discuss in depth the
tiered access documents from task forces 1 and 2 to assess usefulness as a
framework for any further work.</strong><br>
<strong>Jordyn Buchanan</strong> proposed discussing <a
href="http://forum.icann.org/lists/gnso-dow123/msg00435.html";>Ross Rader's
compilation of the previous task force 1&2 recommendations and
frameworks</a> and <a
href="http://www.gnso.icann.org/mailing-lists/archives/dow1-2tf/msg00125.html";>Thomas
Roessler's PKI based system</a> on tiered access. The task force was not
presupposing recommending tiered access as an outcome with regard to task no.
3. but it would be useful to review past work on tiered access to ascertain
whether there would be agreement on how useful the frameworks would be if
other work were necessary. The <a
href="http://www.gnso.icann.org/issues/whois-privacy/Whois-tf1-preliminary.html";>Task
Force 1 report </a>made an important distinction to divide Whois data into
"sensitive" data and "non-sensitive" data but that the
definition was left open and it was decided that the issue belonged in task
force 2. issue.<br>
<br>
Quoting from the recommendations:
<br>
"1. Dependence on Whois Task Force <BR>
<BR>
The output of this Whois Task Force depends heavily on the output of Whois TF 2
(which data elements are included in the publicly available Whois). The more
sensitive the data: (a) the more value there is to the data; (b) the more
likely such data is to be mined, (c) the more this impacts the privacy rights
of individuals and (d) creates an incentive for the registrant to make the data
inaccurate. In such cases, there may be a need to restrict access to that data.
<BR>
<BR>
2. Value of Whois Data<BR>
<BR>
It is believed that if only data deemed to be non-sensitive by the Internet
community ("Non-Sensitive Data") were to be publicly displayed (whether on the
Web, Port 43 or other automated process), the data itself has little value, is
less likely to be data mined, and has little effect on privacy rights.
Therefore, imposing restrictions on access to Non-Sensitive data may not be
necessary.<BR>
<BR>
Note, that we have assumed that the less sensitive the data is, the less
valuable the data will be and the less data mining will occur. However, there
is still some value to the information and therefore, there may be a need for
query limits to prevent denial of service attacks. "<BR>
</font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan
</strong>commented that Port 43 could not identify the user or the use, the
question had not been put to the technical briefings the task force had. It
was one problem, to collect and display data and another to see if it was
accurate. </font></p>
<p><font face="Arial, Helvetica, sans-serif">Answering Ross Rader's question on
DRM solutions, to sense of the validity of the conclusion, none were discussed
in detail, there was a paper from Thomas Roessler, but no experts were brought
in.</font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan</strong>
commented that the level of appetite for tiered access systems had to be
assessed, there had to be agreement that going through the work of the task
forces 1 & 2 was worthy of consideration, which parts of the previous work
would be useful to adopt, what was ongoing work, were there large gaps of
work that needed to be done before continuing along the tiered access path.
</font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Marilyn Cade</strong>
commented that for a CBUC point of view she was comfortable with closing or
keeping open the working session on tiered access. However the perception of
the law enforcement people was that the task force was examining tiered access
which created a public view that the work was underway and the task force
needed to be responsible for it. </font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Ross Rader</strong>
queried whether the GAC/ Whois task force closed session in Luxembourg
constituted part of the input to the task force. </font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Milton Mueller</strong>
commented that the task force had got off on the wrong foot. Tiered access was
not mentioned in the task forces current description of work there were other
items. Tiered access might emerge from the process as one of the solutions but
the present discussion was premature and not relevant to what the task force
was currently supposed to be doing.<br>
<br>
<strong>Ken Stubbs</strong> expressed concern that ICANN could be in a
position of being caught between different governments with different agencies
putting increased pressure on privacy issues. </font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Tony Harris</strong>
commented that tiered access did not come out of the blue but was a logical
development of the privacy issue as the only way to accommodate it would be to
have tiered access or otherwise the data would be taken away from everyone
which would be a problem. Down the road, tiered access if applied was a major
overhaul of the display and functionality and someone had to figure out who
would pay for it. </font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan</strong>
responded to Milton, that the task force could drop the discussion but that
tiered access might be in the scope of task 3 and if it were, the current work
would not be wasted as given the calendar and progression of topics, it was not
time that the task force would have used for something else.<br>
<br>
</font><font face="Arial, Helvetica, sans-serif"><strong>Tim Ruiz</strong> was
of the opinion that the task force should be spending its effort and time on
resolving the purpose of Whois as <a
href="http://gnso.icann.org/policies/terms-of-reference.html";>tasks 2 & 3
in the terms of reference </a>depended on the resolution of the former being.
</font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Marilyn Cade</strong>
commented that it would be useful for the task force chair, Jordyn Buchanan, to
join the GNSO Council call in view of the council wanting to work
interactively with the task force.</font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Tim Ruiz excused himself
and left the call. </strong></font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Ross Rader
</strong>commented that recognizing and describing the tiered access systems
already available that were not very granular systems, would help destigmatise
the concept and build bridges. Tucows' had massive database and all employees
got access to all of it, people who did not work there got less access, other
registrars got additional levels of detailed access that members of the
intellectual property and business community did not get access to, and law
enforcement agents got complete access. Cost, structure and implementation
depended on what might be decided and what the system looked like. Ross
commented further that there were things the registrars would be happy to bear
the cost on. </font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Ross Rader</strong>,
responding to<strong> Marilyn Cade's </strong>question whether the
interpretation could be extended into proxy and anonymous services said that he
was referring to the structures that the formal contracts or formal policy had
‘forced upon us'. Informally or anecdotally local disruptions had been
adopted, without judging whether they were good or bad, that were not an
intention of current policy and thus a form of tiered access already existed.
</font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Tony Harris</strong>
withdrew his remarks about cost after hearing Ross Rader who went on to say it
was an acknowledgement that "there are thick and expensive and light and
inexpensive ways to do things".<br>
<strong>Ross Rader</strong> clarified that his <a
href="http://forum.icann.org/lists/gnso-dow123/msg00435.html";>document</a> was
only an attempt to frame tiered access. </font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan summarised
the discussion on cost: </strong><br>
1. there were more and less costly approaches to implementing tiered access.<br>
2.
there may be circumstances where registrars would be willing to bear some costs
but not apply to any costs.<br>
<br>
Thus<strong> Jordyn</strong> concluded that registrars would bear lower cost
systems but not higher cost ones, to which <strong>Ross</strong> responded that
he would not give an answer to that, but proposed looking at solutions that
made sense, calculate the cost, and then figure out how to pay for them.
</font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Marilyn Cade</strong>
asked whether, given the diversity of business models among the registrars,
there would have to be agreement from them in the RAA to implement the
cost?</font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan</strong>
responded that when recommendations were made, the impact on the contracts
would need to be assessed. There were rules on obtaining approval from the
registrar constituency, and although there were several hundred registrars, a
group of registrars only had one vote if they were under common control.
</font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Ross Rader</strong> added
that the constituency was not the comprehensive list of the total number of
accredited registrars. There were currently about 55 members and the voting
rules required a majority. The bylaws made provision for pooling of interest
restrictions that prevented essentially multiple accreditations controlling
the vote. For example, at one point one of the largest registrars had 4
accreditations, they only had one vote. In any vote, there are 17-25 votes
normally needed to carry the vote. Another example, register.com had 2
subsidiaries but only one vote. So if there happened to be a company with 200
subsidiaries accredited, they would still only have one vote.</font><font
face="Arial, Helvetica, sans-serif"> If the top 80% equaled 35 registrars, the
membership of the constituency would get you to that level.</font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan
</strong>in summary: <br>
1. A statement of how the existing system provided a state of rough tiered
access. <br>
There had been some work on how proxy services were done by task force 2 but
framing it in the status quo of the tiered access system was not explicitly
pursued in the past. <br>
2. Request the staff to take a look at what data element registrars are
required to collect at present that they were not required to display on Whois,
that is part of the contractual agreement<br>
3. Request the staff to review the work done by previous task forces on proxy
services and provide key findings. </font></p>
<p><font face="Arial, Helvetica, sans-serif">There will be staff resources
available during Maria's leave period.<br>
<br>
<span class="MsoNormal"><strong><font face="Arial, Helvetica, sans-serif"><a
href="http://forum.icann.org/lists/gnso-dow123/msg00470.html";>Action Point
Summary </a></font></strong></span><strong><br>
<span class="781254415-28072005"><o:p> </o:p></span>2 Tiered access –
documents from task forces 1 and 2</strong></font></p>
<p><font face="Arial, Helvetica, sans-serif">The task force discussed tiered
access in the context of documents sent to the list by Ross Rader and Thomas
Roessler. The discussion did not pre-suppose any specific action on tiered
access.</font></p>
<p><font face="Arial, Helvetica, sans-serif">Actions</font></p>
<p><font face="Arial, Helvetica, sans-serif"> * Ross Rader will research the
issue of current registrar implementations of types of tiered access. The goal
is to either document the issue or propose similar work to the list. Ross will
also consider whether staff support is needed for this work.<br>
* Maria Farrell will produce information on differences between data elements
registrars are required to collect and display.<br>
* Maria Farrell will provide information from a review of work done by
previous task forces on proxy services.</font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Proposed
Agenda for the next call :</strong></font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>9 August 2005
</strong><br>
Discuss the recommendation on conflict with national laws and ascertain
whether an advance could be made to an initial report. <br>
Substantive discussion on the purpose of Whois, ensure constituency
statements are present. </font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong> </strong></font><font
face="Arial, Helvetica, sans-serif">The next Whois task force
teleconference:<br>
<a href="http://www.gnso.icann.org/calendar/#aug";>Tuesday 9 August 2005 at
9:30 EST 13:30 UTC
<br>
</a><br>
<strong>Jordyn Buchanan </strong>thanked all the task force members for
participating.</font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>The WHOIS task force call
ended at 17 :00 CET </strong></font></p>
<p> <font face="Arial, Helvetica, sans-serif"><br>
</font></p>
<p><font face="Arial, Helvetica, sans-serif">-</font></p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<h1> </h1>
<p> </p>
<p align="center"> </p>
<p> </p>
|