[gnso-dow123] Revised draft minutes Whois task force 26 July 2005
[To: gnso-dow123[at]gnso.icann.org] Dear All, Please find attached the revised draft minutes of the Whois combined task force call held on 26 July 2005. Revisions: 1. Task force name: "WHOIS Task Force" With new terms of reference the separate task forces are an arrangement of the past. 2. Addition of the action point summary 2 Please let me know if there are other changes. Thank you. Kind regards, -- -- Glen de Saint Géry GNSO Secretariat - ICANN gnso.secretariat[at]gnso.icann.org http://gnso.icann.org <!--#set var="bartitle" value="WHOIS Task Forces 1 2 3 teleconference minutes"--> <!--#set var="pagetitle" value="WHOIS Task Force 1 2 3 teleconference minutes"--> <!--#set var="pagedate" value="26 July 2005" value=""--> <!--#set var="bgcell" value="#ffffff"--> <!--#include virtual="/header.shtml"--> <!--#exec cmd="/usr/bin/perl /etc/gnso/menu.pl 'WHOIS Task Force 1 2 3 teleconference minutes'"--> <h4 align="center"> </h4> <h4 align="center"><font face="Arial, Helvetica, sans-serif"><b>WHOIS Task Force<br> <br> 26 July 2005 - Minutes</b></font></h4> <p><font face="Arial, Helvetica, sans-serif"><b>ATTENDEES:<br> GNSO Constituency representatives:<br> </b> Jordyn Buchanan - Chair<br> gTLD Registries constituency - Ken Stubbs<br> gTLD Registries constituency - David Maher <br> Registrars constituency - Tim Ruiz (alternate)<br> Registrars constituency - Ross Rader <br> Registrars constituency - Tom Keller <br> Non Commercial Users Constituency - Milton Mueller <br> Commercial and Business Users constituency - Marilyn Cade <br> Internet Service and Connectivity Providers constituency - Tony Harris<br> Internet Service and Connectivity Providers constituency - Maggie Mansourkia <br> Internet Service and Connectivity Providers constituency - Greg Ruth <br> <br> <strong>Liaisons</strong><br> At-Large Advisory Committee (ALAC) liaisons - Wendy Seltzer</font> <font face="Arial, Helvetica, sans-serif"> - absent <br> GAC Liaison - Suzanne Sene - absent - apologies <br> <br> <b>ICANN Staff</b>: <br> Olof Nordling - Manager, Policy Development Coordination <br> Maria Farrell Farrell - ICANN GNSO Policy Officer <br> <b>GNSO Secretariat </b>- Glen de Saint Géry <br> <br> <b>Absent:</b><br> Registrars constituency - Paul Stahura <br> Commercial and Business Users Constituency - David Fares - apologies <br> Intellectual Property Interests Constituency - Steve Metalitz - apologies <br> Intellectual Property Interests Constituency - Niklas Lagergren - apologies <br> Non Commercial Users Constituency - Kathy Kleiman <br> Non Commercial Users Constituency - Frannie Wellings <br> Commercial and Business Users Constituency - Sarah Deutsch - apologies<br> <br> <br> </font> <font face="Arial, Helvetica, sans-serif"><strong><a href="http://gnso-audio.icann.org/WHOIS-20050726-tf123.mp3%20">MP3 Recording </a><br> <a href="http://forum.icann.org/lists/gnso-dow123/msg00470.html">Action point summary </a><br> <br> Agenda <br> 1. Discuss and review the constituency statements on the Conflict with National Laws procedure due Thursday 21 July 2005 and next steps on recommendation <br> 2. Discuss in depth the tiered access documents from task forces 1 and 2 to assess usefulness as a framework for any further work.<br> <br> 1. Discuss and review the constituency statements on the conflict with national laws procedure due Thursday 21 July 2005 and next steps on recommendation </strong></font></p> <p><font face="Arial, Helvetica, sans-serif">Status of constituency statements received:<br> <a href="http://forum.icann.org/lists/gnso-dow123/msg00465.html">The Intellectual Property Interests</a> <br> <a href="http://forum.icann.org/lists/gnso-dow123/msg00468.html">The Non Commercial Users constituency on recommendation 2</a>,<br> <a href="http://forum.icann.org/lists/gnso-dow123/msg00464.html">gTLD registry constituency statements</a><br> The Registrar constituency is 14 days out on the conflicts.<br> The Internet Service Providers and Connectivity Providers constituency end of week 29 July 2005 and the remaining on tasks 1 & 2 a week later.<br> The Non Commercial Users constituency posted their statement on recommendation 2, the statement on Whois purpose will be ready in a couple of days. The tasks 1 &2 on how the technical and administrative contacts were populated were giving the most trouble as there were no serious responses<br> </font><font face="Arial, Helvetica, sans-serif"><strong>Jordyn</strong> urged all the constituencies to submit their statements as soon as possible. <br> <br> <strong>Brief overview of the constituency statements: </strong></font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>David Maher,</strong> the <strong>gTLD registries constituency </strong>supported the statement in its current form and suggested a system of tiered access to resolve the conflict issue. From Steve Metalitz’s <a href="http://forum.icann.org/lists/gnso-dow123/msg00465.html">extensive memorandum</a> on the subject it would seem as though war has been declared if the IPC thinks the present system complies with the European data protection laws. There is a total lack of consensus in the proceeding. <br> <br> <strong>Maggie Mansourkia,</strong> the <strong>ISPCP</strong> was generally supportive, but suggested some language tweaks about uniformity of the process. Ultimately the goal of the ISP was greater accuracy so any movement towards that would be supported. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Milton Mueller </strong>commented that the <strong>NCUC</strong> statement was short and supported the recommendation. They viewed it as a stop gap measure pending comprehensive implementation. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Ross Rader </strong>stated that the draft put to the Registrar constituency was very similar to what the task force was pursuing, with one or two minor amendments and would likely be supported. The current election/ratification process in the constituency, a 14 day process, needed to be executed.<br> <br> <strong>Jordyn Buchanan </strong>commented, in the absence of an IPC member, their statement appeared to make no major revisions to the actual policy recommendations. In general, apart from minor tweaks, it seemed that the task force had reached the point where work on the recommendations could be finalised on the list. </font></p> <p><font face="Arial, Helvetica, sans-serif">Timeline:<br> Goal:<br> </font><font face="Arial, Helvetica, sans-serif"> 23 August or earlier - a formal vote of the task force on the final form of the recommendation <br> 13 September - Staff would need to do the initial report for public comment for 21 days (would allow the required 7 days to present the document to Council ) <br> 22 September. - Council call is scheduled</font></p> <font face="Arial, Helvetica, sans-serif">It was agreed that if the statements were received sooner, the task force could vote earlier. Some task force members were of the opinion that the Initial report could be drafted with the constituency statements outstanding so as to deliver on time as the formal voting process in certain the constituencies took time.</font> <p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan</strong> encouraged task force members to work any proposed amendments or modifications arising from the constituency statements on the list and if a constituency was likely to suggest modifications, it should be brought to the attention of the mailing list as soon as possible.<br> </font></p> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><strong><font face="Arial, Helvetica, sans-serif"><a href="http://forum.icann.org/lists/gnso-dow123/msg00470.html">Action Point Summary </a></font></strong></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><span class="781254415-28072005"><B style="mso-bidi-font-weight: normal"><font face="Arial, Helvetica, sans-serif">1 Constituency statements on recommendation 2 (conflicts with national data protection laws)</font></B><font face="Arial, Helvetica, sans-serif"><o:p></o:p></font></span></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt; mso-layout-grid-align: none"><font face="Arial, Helvetica, sans-serif"><span class="781254415-28072005"><B style="mso-bidi-font-weight: normal"><o:p> </o:p></B></span></font></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><font face="Arial, Helvetica, sans-serif"><span class="781254415-28072005">Not all of the statements had yet been circulated to the list, so discussion on the statements was postponed till the next call. <o:p></o:p></span></font></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><font face="Arial, Helvetica, sans-serif"><span class="781254415-28072005"><o:p> </o:p></span></font></P> <P class=MsoNormal style="MARGIN: 0in 0in 0pt"><font face="Arial, Helvetica, sans-serif"><span class="781254415-28072005"><B style="mso-bidi-font-weight: normal">Actions<o:p></o:p></B></span></font></P> <UL style="MARGIN-TOP: 0in" type=disc> <LI class=MsoNormal style="MARGIN: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in"><font face="Arial, Helvetica, sans-serif"><span class="781254415-28072005">Constituencies that haven’t already sent their constituency statement to the list are asked to do so as quickly as possible. <o:p></o:p> </span> </font> <LI class=MsoNormal style="MARGIN: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in"><font face="Arial, Helvetica, sans-serif"><span class="781254415-28072005">Participants should alert the task force through the mailing list if they believe their constituency statements will propose significant amendments to the recommendation. <o:p></o:p> </span> </font> <LI class=MsoNormal style="MARGIN: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in"><font face="Arial, Helvetica, sans-serif"><span class="781254415-28072005">The task force will work on the mailing list to finalise the recommendation. <o:p></o:p> </span> </font> <LI class=MsoNormal style="MARGIN: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in"><font face="Arial, Helvetica, sans-serif"><span class="781254415-28072005">A formal vote on the recommendations will be taken on during the call on 23 August or earlier if the statements are received and the discussion sufficiently advanced. <o:p></o:p> </span> </font> <LI class=MsoNormal style="MARGIN: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in"><font face="Arial, Helvetica, sans-serif"><span class="781254415-28072005">Time will be reserved on the next task force conference call (August 9<SUP>th</SUP>) to discuss whether the recommendation is ready to be advanced to an initial report. <o:p></o:p></span></font><span class="781254415-28072005"><o:p></o:p></span></LI> </UL> <p><font face="Arial, Helvetica, sans-serif"><strong>2. Discuss in depth the tiered access documents from task forces 1 and 2 to assess usefulness as a framework for any further work.</strong><br> <strong>Jordyn Buchanan</strong> proposed discussing <a href="http://forum.icann.org/lists/gnso-dow123/msg00435.html">Ross Rader's compilation of the previous task force 1&2 recommendations and frameworks</a> and <a href="http://www.gnso.icann.org/mailing-lists/archives/dow1-2tf/msg00125.html">Thomas Roessler's PKI based system</a> on tiered access. The task force was not presupposing recommending tiered access as an outcome with regard to task no. 3. but it would be useful to review past work on tiered access to ascertain whether there would be agreement on how useful the frameworks would be if other work were necessary. The <a href="http://www.gnso.icann.org/issues/whois-privacy/Whois-tf1-preliminary.html">Task Force 1 report </a>made an important distinction to divide Whois data into "sensitive" data and "non-sensitive" data but that the definition was left open and it was decided that the issue belonged in task force 2. issue.<br> <br> Quoting from the recommendations: <br> "1. Dependence on Whois Task Force <BR> <BR> The output of this Whois Task Force depends heavily on the output of Whois TF 2 (which data elements are included in the publicly available Whois). The more sensitive the data: (a) the more value there is to the data; (b) the more likely such data is to be mined, (c) the more this impacts the privacy rights of individuals and (d) creates an incentive for the registrant to make the data inaccurate. In such cases, there may be a need to restrict access to that data. <BR> <BR> 2. Value of Whois Data<BR> <BR> It is believed that if only data deemed to be non-sensitive by the Internet community ("Non-Sensitive Data") were to be publicly displayed (whether on the Web, Port 43 or other automated process), the data itself has little value, is less likely to be data mined, and has little effect on privacy rights. Therefore, imposing restrictions on access to Non-Sensitive data may not be necessary.<BR> <BR> Note, that we have assumed that the less sensitive the data is, the less valuable the data will be and the less data mining will occur. However, there is still some value to the information and therefore, there may be a need for query limits to prevent denial of service attacks. "<BR> </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan </strong>commented that Port 43 could not identify the user or the use, the question had not been put to the technical briefings the task force had. It was one problem, to collect and display data and another to see if it was accurate. </font></p> <p><font face="Arial, Helvetica, sans-serif">Answering Ross Rader's question on DRM solutions, to sense of the validity of the conclusion, none were discussed in detail, there was a paper from Thomas Roessler, but no experts were brought in.</font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan</strong> commented that the level of appetite for tiered access systems had to be assessed, there had to be agreement that going through the work of the task forces 1 & 2 was worthy of consideration, which parts of the previous work would be useful to adopt, what was ongoing work, were there large gaps of work that needed to be done before continuing along the tiered access path. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Marilyn Cade</strong> commented that for a CBUC point of view she was comfortable with closing or keeping open the working session on tiered access. However the perception of the law enforcement people was that the task force was examining tiered access which created a public view that the work was underway and the task force needed to be responsible for it. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Ross Rader</strong> queried whether the GAC/ Whois task force closed session in Luxembourg constituted part of the input to the task force. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Milton Mueller</strong> commented that the task force had got off on the wrong foot. Tiered access was not mentioned in the task forces current description of work there were other items. Tiered access might emerge from the process as one of the solutions but the present discussion was premature and not relevant to what the task force was currently supposed to be doing.<br> <br> <strong>Ken Stubbs</strong> expressed concern that ICANN could be in a position of being caught between different governments with different agencies putting increased pressure on privacy issues. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Tony Harris</strong> commented that tiered access did not come out of the blue but was a logical development of the privacy issue as the only way to accommodate it would be to have tiered access or otherwise the data would be taken away from everyone which would be a problem. Down the road, tiered access if applied was a major overhaul of the display and functionality and someone had to figure out who would pay for it. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan</strong> responded to Milton, that the task force could drop the discussion but that tiered access might be in the scope of task 3 and if it were, the current work would not be wasted as given the calendar and progression of topics, it was not time that the task force would have used for something else.<br> <br> </font><font face="Arial, Helvetica, sans-serif"><strong>Tim Ruiz</strong> was of the opinion that the task force should be spending its effort and time on resolving the purpose of Whois as <a href="http://gnso.icann.org/policies/terms-of-reference.html">tasks 2 & 3 in the terms of reference </a>depended on the resolution of the former being. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Marilyn Cade</strong> commented that it would be useful for the task force chair, Jordyn Buchanan, to join the GNSO Council call in view of the council wanting to work interactively with the task force.</font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Tim Ruiz excused himself and left the call. </strong></font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Ross Rader </strong>commented that recognizing and describing the tiered access systems already available that were not very granular systems, would help destigmatise the concept and build bridges. Tucows' had massive database and all employees got access to all of it, people who did not work there got less access, other registrars got additional levels of detailed access that members of the intellectual property and business community did not get access to, and law enforcement agents got complete access. Cost, structure and implementation depended on what might be decided and what the system looked like. Ross commented further that there were things the registrars would be happy to bear the cost on. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Ross Rader</strong>, responding to<strong> Marilyn Cade's </strong>question whether the interpretation could be extended into proxy and anonymous services said that he was referring to the structures that the formal contracts or formal policy had ‘forced upon us'. Informally or anecdotally local disruptions had been adopted, without judging whether they were good or bad, that were not an intention of current policy and thus a form of tiered access already existed. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Tony Harris</strong> withdrew his remarks about cost after hearing Ross Rader who went on to say it was an acknowledgement that "there are thick and expensive and light and inexpensive ways to do things".<br> <strong>Ross Rader</strong> clarified that his <a href="http://forum.icann.org/lists/gnso-dow123/msg00435.html">document</a> was only an attempt to frame tiered access. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan summarised the discussion on cost: </strong><br> 1. there were more and less costly approaches to implementing tiered access.<br> 2. there may be circumstances where registrars would be willing to bear some costs but not apply to any costs.<br> <br> Thus<strong> Jordyn</strong> concluded that registrars would bear lower cost systems but not higher cost ones, to which <strong>Ross</strong> responded that he would not give an answer to that, but proposed looking at solutions that made sense, calculate the cost, and then figure out how to pay for them. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Marilyn Cade</strong> asked whether, given the diversity of business models among the registrars, there would have to be agreement from them in the RAA to implement the cost?</font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan</strong> responded that when recommendations were made, the impact on the contracts would need to be assessed. There were rules on obtaining approval from the registrar constituency, and although there were several hundred registrars, a group of registrars only had one vote if they were under common control. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Ross Rader</strong> added that the constituency was not the comprehensive list of the total number of accredited registrars. There were currently about 55 members and the voting rules required a majority. The bylaws made provision for pooling of interest restrictions that prevented essentially multiple accreditations controlling the vote. For example, at one point one of the largest registrars had 4 accreditations, they only had one vote. In any vote, there are 17-25 votes normally needed to carry the vote. Another example, register.com had 2 subsidiaries but only one vote. So if there happened to be a company with 200 subsidiaries accredited, they would still only have one vote.</font><font face="Arial, Helvetica, sans-serif"> If the top 80% equaled 35 registrars, the membership of the constituency would get you to that level.</font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Jordyn Buchanan </strong>in summary: <br> 1. A statement of how the existing system provided a state of rough tiered access. <br> There had been some work on how proxy services were done by task force 2 but framing it in the status quo of the tiered access system was not explicitly pursued in the past. <br> 2. Request the staff to take a look at what data element registrars are required to collect at present that they were not required to display on Whois, that is part of the contractual agreement<br> 3. Request the staff to review the work done by previous task forces on proxy services and provide key findings. </font></p> <p><font face="Arial, Helvetica, sans-serif">There will be staff resources available during Maria's leave period.<br> <br> <span class="MsoNormal"><strong><font face="Arial, Helvetica, sans-serif"><a href="http://forum.icann.org/lists/gnso-dow123/msg00470.html">Action Point Summary </a></font></strong></span><strong><br> <span class="781254415-28072005"><o:p> </o:p></span>2 Tiered access – documents from task forces 1 and 2</strong></font></p> <p><font face="Arial, Helvetica, sans-serif">The task force discussed tiered access in the context of documents sent to the list by Ross Rader and Thomas Roessler. The discussion did not pre-suppose any specific action on tiered access.</font></p> <p><font face="Arial, Helvetica, sans-serif">Actions</font></p> <p><font face="Arial, Helvetica, sans-serif"> * Ross Rader will research the issue of current registrar implementations of types of tiered access. The goal is to either document the issue or propose similar work to the list. Ross will also consider whether staff support is needed for this work.<br> * Maria Farrell will produce information on differences between data elements registrars are required to collect and display.<br> * Maria Farrell will provide information from a review of work done by previous task forces on proxy services.</font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>Proposed Agenda for the next call :</strong></font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>9 August 2005 </strong><br> Discuss the recommendation on conflict with national laws and ascertain whether an advance could be made to an initial report. <br> Substantive discussion on the purpose of Whois, ensure constituency statements are present. </font></p> <p><font face="Arial, Helvetica, sans-serif"><strong> </strong></font><font face="Arial, Helvetica, sans-serif">The next Whois task force teleconference:<br> <a href="http://www.gnso.icann.org/calendar/#aug">Tuesday 9 August 2005 at 9:30 EST 13:30 UTC <br> </a><br> <strong>Jordyn Buchanan </strong>thanked all the task force members for participating.</font></p> <p><font face="Arial, Helvetica, sans-serif"><strong>The WHOIS task force call ended at 17 :00 CET </strong></font></p> <p> <font face="Arial, Helvetica, sans-serif"><br> </font></p> <p><font face="Arial, Helvetica, sans-serif">-</font></p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <h1> </h1> <p> </p> <p align="center"> </p> <p> </p> |