ICANN ICANN Email List Archives

[gnso-dow123]


<<< Chronological Index >>>    <<< Thread Index >>>

[gnso-dow123] Whois task force draft minutes 9 August 2005]

  • To: gnso-dow123@xxxxxxxxxxxxxx
  • Subject: [gnso-dow123] Whois task force draft minutes 9 August 2005]
  • From: "GNSO.SECRETARIAT@xxxxxxxxxxxxxx" <gnso.secretariat@xxxxxxxxxxxxxx>
  • Date: Thu, 11 Aug 2005 23:31:55 +0200


[To: gnso-dow123[at]gnso.icann.org]

Dear All,

Please find attached the draft minutes of the Whois task force call held
on 9 August 2005.

Please let me know what changes should be made.

Thank you.
Kind regards,

Glen
--
Glen de Saint Géry
GNSO Secretariat - ICANN
gnso.secretariat[at]gnso.icann.org
http://gnso.icann.org

<!--#set var="bartitle" value="WHOIS Task Force teleconference minutes"-->
<!--#set var="pagetitle" value="WHOIS Task Force teleconference minutes"-->
<!--#set var="pagedate" value="9 August 2005" value=""-->
<!--#set var="bgcell" value="#ffffff"-->
<!--#include virtual="/header.shtml"-->
<!--#exec cmd="/usr/bin/perl /etc/gnso/menu.pl 'WHOIS Task Force teleconference 
minutes'"-->
<h4 align="center">&nbsp;</h4>
<h4 align="center"><font face="Arial, Helvetica, sans-serif"><b>WHOIS Task 
Force<br>
  <br>
 9 August 2005 - Minutes</b></font></h4>
<p><font face="Arial, Helvetica, sans-serif"><b>ATTENDEES:<br>
GNSO Constituency representatives:<br>
  </b> Jordyn Buchanan - Chair<br>
  gTLD Registries constituency - Ken Stubbs<br>
gTLD Registries constituency - David Maher <br>
Registrars constituency - Paul Stahura <br>
Registrars constituency - Ross Rader <br>
Registrars constituency - Tom Keller <br>
Non Commercial Users Constituency - Milton Mueller <br>
Non Commercial Users Constituency - Kathy Kleiman<br>
Commercial and Business Users constituency - Marilyn Cade<br>
Commercial and Business Users Constituency - David Fares <br>
Intellectual Property Interests Constituency - Niklas Lagergren <br>
Internet Service and Connectivity Providers constituency - Greg Ruth <br>
  <br>
  <strong>Liaisons</strong><br>
  At-Large Advisory Committee (ALAC) liaisons - Wendy Seltzer</font> <font 
face="Arial, Helvetica, sans-serif"> - absent      - apologies <br>
  GAC Liaison - Suzanne Sene<br>
  <b>ICANN Staff</b>: <br>
  Olof Nordling - Manager, Policy Development Coordination<br>
  Liz Williams - 
  <br>
  Maria Farrell Farrell - ICANN GNSO Policy Officer -absent - apologies <br>
  <b>GNSO Secretariat </b>-  Glen 
    de Saint G&eacute;ry <br>
    <br>
    gTLD Registries constituency - Phil Colebrook - observer     <br>
  <br>
    <b>Absent:</b><br>
    Registrars constituency - Tim Ruiz (alternate)    <br>
    Intellectual Property Interests Constituency - Steve Metalitz - apologies 
<br>
Internet Service and Connectivity Providers constituency - Tony Harris      - 
apologies <br>
Internet Service and Connectivity Providers constituency - Maggie Mansourkia    
  - apologies <br>
  Non Commercial Users Constituency - Frannie Wellings <br>
  Commercial and Business Users Constituency - Sarah Deutsch   - apologies<br>
  <br>
  <a href="http://gnso-audio.icann.org/WHOIS-20050809-tf123.mp3";>MP3 
Recording<br> 
  </a><strong><br>
  Agenda <br>
 1. Discuss proposal on the Conflict with National Laws procedure<br>
 2. Discuss statements on the purpose of Whois and the purpose of the various 
contacts<br>
 3. Discuss <a 
href="http://forum.icann.org/lists/gnso-dow123/msg00469.html";>recommendation 1
 </a> on improving notification to Registered Name Holders of the public access 
to contact data via the WHOIS service</strong></font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>  1. Discuss proposal on 
the Conflict with National Laws procedure<br>
  Jordyn Buchanan </strong>referred to <a 
href="http://forum.icann.org/lists/gnso-dow123/msg00472.html";>Olof Nordling's 
document</a> that gathered all the constituency statements to date. <br>
  Constituency statements had been received from:
  <br>
  <a href="http://forum.icann.org/lists/gnso-dow123/msg00465.html";>The 
Intellectual Property Interests</a> constituency<br>
  <a href="http://forum.icann.org/lists/gnso-dow123/msg00468.html";>The Non 
Commercial Users constituency on recommendation 2</a>,<br>
  <a href="http://forum.icann.org/lists/gnso-dow123/msg00464.html";>gTLD 
registry constituency </a><br>
  <a href="http://forum.icann.org/lists/gnso-dow123/msg00471.html";>The Internet 
Service Providers and Connectivity Providers constituency </a><br>
  <br>
  There was general agreement among the members that no further changes were 
needed to the text in the light of the constituency statements.<br>
  The outstanding  statements from the Commercial and Business Users and 
Registrars constituencies should be provided within the next two weeks if they 
were to be included in the report. <br>
  Jordyn Buchanan proposed working with Olof Nordling and getting an initial 
report out to the list within the next week so that the task force members 
would have one week to review the report and be ready to vote on 23 August 
2005.<br>
  <br>
  </font><font face="Arial, Helvetica, sans-serif"><strong>ACTION - Next 
steps<br> 
  - provide Initial report <br>
  - vote on initial report on next call 23 August 2005<br> 
  <br>
  2. Discuss statements on the purpose of Whois and the purpose of the various 
contacts</strong></font></p>
<p><font face="Arial, Helvetica, sans-serif">Status of constituency statements 
received:<br>
    <a href="http://forum.icann.org/lists/gnso-dow123/msg00465.html";>The  
Intellectual Property Interests</a>  <br>
    <a href="http://forum.icann.org/lists/gnso-dow123/msg00471.html";>The 
Internet Service Providers and Connectivity Providers constituency</a> <br>
    <a href="http://forum.icann.org/lists/gnso-dow123/msg00476.html";>The Non 
Commercial Users constituency on purpose of Whois</a>, (the contacts still 
outstanding). <br>
  <strong>Brief overview of the constituency statements:
</strong></font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>Niklas Largergren 
</strong>summarised the<strong> <a 
href="http://forum.icann.org/lists/gnso-dow123/msg00465.html";>Intellectual 
Property Interests constituency's statement</a> </strong>(IPC) stating that  in 
the IPC&rsquo;s view, it was clear that the purpose of the Whois database 
&ndash; from its inception, through the commercialization of the Internet, and 
continuing today &ndash; had always included to provide the public with ready 
access to the identity and contact information for domain name registrants. 
That purpose had never changed, and registrants have always been on notice of 
this purpose, regardless of when they registered their domains. This purpose 
was also fully consistent with the contextual factors listed in <a 
href="http://gnso.icann.org/policies/terms-of-reference.html";>Terms of 
Reference #1. </a><br>
  In addition the constituency provided a background paper which referred to 
specific national situations such as <br>
</font> <font face="Arial, Helvetica, sans-serif">European Data Protection 
Directive, </font> <font face="Arial, Helvetica, sans-serif">the Canadian 
Personal Information Protection and Electronic Documents Act,  International 
and National Laws that Relate Specifically to Whois Services, the </font> <font 
face="Arial, Helvetica, sans-serif">The Changing Nature of Registered Name 
Holders, and </font> <font face="Arial, Helvetica, sans-serif">traced the Whois 
database  back to as early as 1982, during the days of ARPANET, the U.S. 
Department of Defense&rsquo;s precursor to today&rsquo;s Internet.&nbsp;<br>
<strong>Milton Mueller</strong> referred to &quot;included to provide the 
public with ready access to the identity and contact information for domain 
name registrants&quot; and asked why that had been included as it did not refer 
to the purpose of the Whois data available .<br>
<strong>Niklas Largergren</strong> responded that use made of the whois data  
should be distinguished from  the actual purpose. The IPC's view was to provide 
access regardless of  the intended use.<br>
<strong>Kathy Kleiman</strong> noted a change in the IPC view in that National 
laws  did apply to whois data. <br>
<strong>Niklas Largergren</strong> commented that the 1995 data protection 
directive was applicable to Whois. There could be deferring points of view on 
what was meant by applicable and what the consequences of the applicability 
were </font><font face="Arial, Helvetica, sans-serif">but clearly personal data 
was intended and not sensitive data.<br>
 <strong>Kathy Kleiman</strong> asked whether   the statements filed by the 
European Union regarding the data protection official interpretation of their 
own laws were included in the background paper. <br>
  <strong>Niklas Largergren</strong> responded that it was their interpretation 
but not the European Union's position. The Article 29 Working Party was an 
informal group that gathered the data protection commissioners from the 25 
member states of the European Union and they adopted the document but it did 
not mean that it was the official view of the European Union. The only body 
which could fully pronounce on the applicability would be the Court of Justice 
and to a lesser extent the European Commission. The Article 29 Working Party  
was an advisory group to which the European Commission provided the 
secretariat.<br>
  <strong>Kathy Kleiman</strong> informed the task force that the NCUC would 
also be providing a parallel background paper.<br>
  <br>
  <strong>Greg Ruth</strong> said that the <a 
href="http://forum.icann.org/lists/gnso-dow123/msg00471.html";>Internet Service 
and Connectivity Providers constituency (ISPCP) </a>view point was that data 
was needed to provide a service to their customers usually in tracking down  
perpetrators of illegal or anti-social behaviour and as much information as 
existed was necessary for this purpose.<br>
  <strong>Jordyn Buchanan </strong>read <a 
href="http://forum.icann.org/lists/gnso-dow123/msg00471.html";>extracts from the 
statement</a>:<br>
&quot;The Whois database serves the purpose of providing contact information to 
the public regarding the individual or organization that has registered a 
domain name. This is true today, and it has been true throughout the history of 
the domain name system&rsquo;s Whois database. The ISPCP believes that 
regardless of the vast growth of the number of domain registrations, some core 
principles should remain unchanged, and ready access to all <br>
<br>
Whois data is one such principle. </font></p>
<p> <font face="Arial, Helvetica, sans-serif">Despite the confusion over the 
&ldquo;use&rdquo; versus the &ldquo;purpose&rdquo;, in fact both are dependant 
on the type of notice that is provided at time of registration. If adequate 
notice is provided regarding the intended purposes of data collection, then all 
uses (but nothing more) consistent with that notice shall be valid. </font></p>
<p><font face="Arial, Helvetica, sans-serif">Nevertheless, here again are the 
following purposes of Whois for the ISPCP.</font></p>
<p><font face="Arial, Helvetica, sans-serif">1. to research and verify domain 
registrants that could vicariously cause liability for ISPs b/c of illegal, 
deceptive or infringing content. <br>
  2. to prevent or detect sources of security attacks of their networks and 
servers<br>
  3. to identify sources of consumer fraud, spam and denial of service attacks 
and incidents<br>
  4. to effectuate UDRP proceedings<br>
  5. to support technical operations of ISPs or network administrators&quot;<br>
  <strong>Ken Stubbs </strong>commented on an apparent contradiction in the 
ISPCP statement and Verizon's aggressive defense of a suite filed by the 
recording industry where they refused access. If there was  legitimate right to 
access,  that right needed to be clearly indicated.<br>
  <strong>Greg Ruth </strong>commented that there was a distinction between 
what was accessible by the general public and what needed to be accessed by the 
service providers who had access to as much data as required , however if there 
were a consent statement of trust with a registrar to supply data, then that 
too was appropriate to provide all the access needed.<br>
  <strong>Milton Mueller </strong>asked how the concepts of the usefulness of 
the data
were linked to the ICANN mission and <strong>Greg Ruth</strong> responded that 
&quot;stability of the Internet &quot; was the link. <br>
Did ISPs need to know the identity of the registrant or did they need to 
contact the registrant? The more information there was the better the 
inappropriate use of  network problems like fraud, spam, could be resolved. <br>
 Problems could be divided into technical and contact.<br>
 <br>
 <strong>Milton Mueller</strong> and<strong> Kathy Kleiman</strong> over viewed 
the <a 
href="http://forum.icann.org/lists/gnso-dow123/msg00476.html";>Non-commercial 
Users constituency statement</a> <br>
 <em>&quot;The importance of defining &quot;purpose&quot;<br>
 </em><br>
Regarding international and national privacy laws, NCUC notes that it is 
well-established in data protection law that the purpose of data and data 
collection processes must be well-defined before policies regarding data 
collection, use and access can be established. The need for an explicit, 
well-defined purpose is meant to protect data subjects from abuse by either the 
data collectors or third parties using the data. A definition of purpose is 
intended to impose strict constraints on the collection and use of contact 
data. </font></p>
<p><font face="Arial, Helvetica, sans-serif"><em>WHOIS and ICANN's mission and 
core values</em></font></p>
<p><font face="Arial, Helvetica, sans-serif">Regarding ICANN's mission and 
relevant core values, we note that ICANN's mission is primarily technical: In 
enumerating ICANN's core values, we find that the first three are most relevant 
to a discussion of WHOIS and its purpose:</font></p>
<p><font face="Arial, Helvetica, sans-serif">1. Preserving and enhancing the 
operational stability, reliability, security, and global interoperability of 
the Internet.</font></p>
<p><font face="Arial, Helvetica, sans-serif">2. Respecting the creativity, 
innovation, and flow of information made possible by the Internet by limiting 
ICANN's activities to those matters within ICANN's mission requiring or 
significantly benefiting from global<br>
  coordination.</font></p>
<p><font face="Arial, Helvetica, sans-serif">3. To the extent feasible and 
appropriate, delegating coordination functions to or recognizing the policy 
role of other responsible entities that reflect the interests of affected 
parties.</font></p>
<p><font face="Arial, Helvetica, sans-serif">The original purpose of the WHOIS 
protocol, when the Internet was an experimental network, was the identification 
of and provision of contact information for, domain administrators for purposes 
of solving technical problems. </font></p>
<p><font face="Arial, Helvetica, sans-serif">Vinton G. Cerf, speaking at the 
&quot;Freedom 2.0&quot; conference held in Washington DC in May 2004 confirmed 
directly that the original purpose of WHOIS was indeed purely 
technical.**</font></p>
<p><font face="Arial, Helvetica, sans-serif">Further, Core Value #3 expressly 
recognizes the &quot;policy role&quot; of &quot;other ,responsible 
entities.&quot; It is incumbent on ICANN to limit its role in the collection, 
use and especially disclosure of data to only that needed for technical<br>
  and operational tasks. </font></p>
<p><font face="Arial, Helvetica, sans-serif"><em>Proposed definition of 
purpose:</em><br>
</font><font face="Arial, Helvetica, sans-serif">NCUC proposes the following 
definition of purpose for the WHOIS service:<br>
  The purpose of the WHOIS is to provide to third parties an accurate and 
authoritative link between a domain name and a responsible party who can either 
act to resolve, or reliably pass information to those who can<br>
resolve, technical problems associated with or caused by the domain. </font></p>
<p><font face="Arial, Helvetica, sans-serif">By &quot;technical problems&quot; 
we mean problems affecting the operational stability, reliability, security, 
and global interoperability of the Internet.</font></p>
<p><font face="Arial, Helvetica, sans-serif"><em>Excluded or invalid 
purposes</em></font></p>
<p><font face="Arial, Helvetica, sans-serif">It is important to also identify 
purposes that are inconsistent with ICANN's stated mission and core 
values.</font></p>
<p><font face="Arial, Helvetica, sans-serif">First, WHOIS is not designed to be 
a global data mining operation with completely unlimited access to all 
registrant data by any Internet user for any purpose, including 
marketing.</font></p>
<p><font face="Arial, Helvetica, sans-serif">Second, the purpose of WHOIS data 
is not to facilitate legal or other kinds of retribution by those interested in 
pursuing companies and individuals who criticize and compete against them. 
</font></p>
<p><font face="Arial, Helvetica, sans-serif">Third, the purpose of WHOIS is not 
to expand the surveillance powers given to law enforcement under law, or to 
bypass the protections and limitations imposed by sovereign governments to 
prevent the abuse and misuse of personal data, even by law enforcement. 
</font></p>
<p><font face="Arial, Helvetica, sans-serif"><em>CONCLUSION<br>
  </em><br>
Overall, the published WHOIS data should serve only the original purpose of the 
database and the powers of ICANN - technical and interoperability functions of 
ICANN. Additional access to information should be regulated otherwise. 
&quot;<br>
  <strong>Milton Mueller </strong>commented that he had difficulties with fraud 
being presented as a security and stability issue and was of the opinion that 
it was a policy law enforcement issue. <br>
<strong>Jordyn Buchanan</strong> asked how  not displaying the broader possible 
range of Whois data would be viewed by the NCUC as meeting the ICANN core 
mission? <br>
  <strong>Milton Mueller</strong> referred back to the concept of purpose in 
the data protection laws and stated that the purpose was to resolve technical 
problems associated with the domain name  and  the IP address system, thus any 
data that was not absolutely necessary to fulfill that purpose should not be 
made available to third parties. <br>
  <br>
  <strong>David Maher </strong>commented that the gTLD registries fundamentally 
agreed with the NCUC that there was no need to make all of the information 
public. The IPC background paper presented a distortion of the European 
Commission position stating that the European Commission supported the total 
public availability of personal data. The statement was so grossly out of 
perspective that the IPC should consider withdrawing the statement.<br> 
  The Commission statement cited in the footnote was also erroneous and the 
accurate cite was: <br>
Article 29 Working Party Opinion 2/2003 on the application of the data 
protection principles to the Whois directories, available at <br>
<a class="moz-txt-link-freetext" 
href="http://europa.eu.int/comm/justice_home/fsj/privacy/docs/wpdocs/2003/wp76_en.pdf";>http://europa.eu.int/comm/justice_home/fsj/privacy/docs/wpdocs/2003/wp76_en.pdf</a>
 <br>
Further <strong>David Maher</strong> quoting from the Working Party Opinion: 
<br>
&ldquo;&hellip;it is essential to limit the amount of personal data to be 
collected and processed.&rdquo;<br>
&ldquo;The registration of domain names by individuals raises different legal 
considerations than that of companies or other legal persons registering domain 
names.&rdquo;<br>
&ldquo;In the light of the proportionality principle, it is necessary to look 
for less intrusive methods that would still serve the purpose of the Whois 
directories without having all data directly available on-line to 
everybody.&rdquo;<br>
In conclusion:<br>
<b>&ldquo;The Working Party encourages ICANN and the Whois community to look at 
privacy enhancing ways to run the Whois directories in a way that serves its 
original purpose whilst protecting the rights of individuals. It should in any 
case be possible for individuals to register domain names without their 
personal details appearing on a publicly available register.&rdquo;<br>
&nbsp;</b>[emphasis in original]<br>
The European Commission had made it very clear what their views were, and it 
was not what the Intellectual Property Constituency had represented the views 
to be.<br>
<strong>Davis Fares</strong> sought clarification about a unified European 
Commission position on the issue and did not believe that there was one.<br>
<strong>David Maher</strong> said he was referring to the use of the Article 29 
Working Party Opinion in 2003 which was the base support of the IPC background 
paper. <br>
<strong>Suzanne Sene</strong> stated that there would be a publicly available 
report on the Whois/Law Enforcement session in Luxembourg. Another workshop was 
being planned in Vancouver to focus on some of the public policy aspects of the 
use of Whois data protection. <br>
<strong>David Fares</strong> commented from the CBUC's statement still in draft 
form:<br>
</font><font face="Arial, Helvetica, sans-serif">&quot;</font><font 
face="Arial, Helvetica, sans-serif"> The Whois database may have originally 
been conceived as a database of technical contacts. However, the Internet has 
evolved through commercialization, becoming a medium for commerce and a source 
of information. The purpose of the Whois database must therefore reflect this 
evolution.<br>
 <br>
With the above in mind, the BC proposes the following purpose of the Whois 
database: </font></p>
<p><font face="Arial, Helvetica, sans-serif">A database of contact information 
sufficient to contact the registrant or their agent(s) to enable the prompt 
resolution of technical, legal and other matters relating to the 
registrant&rsquo;s registration and use of its domain name.&quot;<br>
  <br>
  Clarification was sought on &quot;agent&quot;, generally someone acting on 
behalf of the registrant, an ISP or an anonymysing company etc.<br>
  <strong>Ross Rader</strong> suggested that another term be used as 
&quot;agent&quot; had a strict legal definition.<br>
  <br>
  <strong>Jordyn Buchanan</strong> suggested further discussion on the European 
Union perspective. <br>
  <strong>Niklas Largergren</strong> commented that   the <a 
href="http://europa.eu.int/ISPO/legal/en/dataprot/compenfr.html";>1995 Data 
Protection Directive</a> was applicable, but   questioned the meaning of 
applicability. A basic confusion was the belief that any processing of personal 
data was prohibited and in fact the Directive  stated that the only data that 
could not be processed was sensitive data, such as sexual orientation, ethnic 
origin, political belief etc. and there was none of that in Whois data bases. 
Personal data and not sensitive data was the issue. The 1995 directive actually 
provided for flexibility in particular article 7 was mentioned which indeed 
foresaw that sometimes processing could be necessary for the purposes of the 
legitimate interest pursued by the controller or the third party that did 
process the personal data. <br>
  The IPC wanted to point that out in the submissions.<br>
  <br>
  <strong>David Maher </strong>responded that the statement was deceptive and a 
distortion. The mistake in the background paper was not the quote itself, that 
the url was wrong. <br>
  <strong>Niklas Largergren</strong> and <strong>David Maher </strong>agreed to 
take the topic off list and review the paper.<br>
  <br>
  <strong>Jordyn Buchanan</strong> summarised commonalities between the purpose 
statements:<br>
  <strong>Key differences </strong></font></p>
<p><font face="Arial, Helvetica, sans-serif">Both the IPC and the ISPCP 
statements said that the purpose of Whois was to provide accurate contact 
information for the registrant whereas the NCUC stated that the purpose was to 
provide a link to the responsible parties who could act to resolve or reliably 
pass information to those who could resolve the problems, and the CBUC 
statement seemed to indicate that it could be either the registrant or an 
agent.<br>
  <br>
 Two areas were highlighted where a common view could possibly be reached:<br>
 1. Whether or not the task force thought that the purpose of Whois was to 
provide information about:<br>
 - 
 the registrant per se - or<br>
 - 
 whether it was in order to provide information about either the registrant or 
the agent - or <br>
 - whether it had to be someone capable of resolving issues related to the 
domain?<br>
 <br>
  The NCUC purpose was limited to resolving technical problems, <br>
  The ISPCP statement    to a certain extent reflected the same, <br>
  The CBUC appeared to have a broader set of issues that Whois was intended to 
help resolve, <br>
  The IPC stated that the purpose of the Whois was simply to provide the data 
regardless of what the purpose was.<br>
  <br>
  2. 
W</font><font face="Arial, Helvetica, sans-serif">hat types of problems or 
issues was Whois intended to resolve?<br>
  <br>
  Jordyn Buchanan proposed  initiating discussion on the two topics on the 
mailing list. <br>
  </font><font face="Arial, Helvetica, sans-serif"><br>
  <strong>3. Discuss <a 
href="http://forum.icann.org/lists/gnso-dow123/msg00469.html";>recommendation 1 
</a> on improving notification to Registered Name Holders of the public access 
to contact data via the WHOIS service</strong><br>
  <strong>Ross Rader</strong> commented that there were various opinions that 
recommendation 1 constituted a privacy waiver and did not believe that it was 
the task force's intention, thus would like to have a better sense whether the 
interpretation was consistent with the intent of the task force or not and if 
it was not then it should be resolved before the recommendation went to the 
GNSO Council.<br>
  <strong>Jordyn Buchanan</strong> stated that the topic had not been raised 
during discussions on the issue, thus there was no intention for it to be a 
privacy waiver.<br>
  <strong>Milton Mueller</strong> commented that perhaps it was a question of 
people working unconsciously at cross purposes. The NCUC would never view 
notification as being consent because there was no other domain name system 
that could be participated in, therefore once  notification was given it was 
taken as  consent was a travesty, or in legal terms a contract of adhesion. The 
NCUC supported the notification to let people know what was happening and 
believed that it might stimulate the use of privacy protection services 
registrars were offering as well as supporting the ICANN process and making the 
Whois policy more rational. Being presented with notification and being told 
that it was  waiving rights and as the ISP representative said, that anything 
could be done with the information as long as the registrant was notified, was 
presenting a stark choice, no domain name or no privacy, or no rights over 
information. <br>
  <strong>Nicolas Larger</strong>commented that he was not aware of any 
previous discussion mentioning a privacy waiver. In the <a 
href="http://www.icann.org/registrars/ra-agreement-17may01.htm";>RAA, provision 
3.7.7.4. and 3.7.7.5</a> there was language that stated that a registrar was 
required to notify a registrant about Who is and what it meant and that the 
registrar was required to obtain consent from the registrant for the 
publication of personal data in the Who is database. The concern of the task 
force appeared to be that the notification made to the registrant was not 
conspicuous and very often hidden in a long text in small print that the 
registrant would click on to proceed to the next stage. The task force members 
believed that it would be useful to make the notification procedure more 
conspicuous so that the registrant would know what he was signing up to.<br>
  <strong>Jordan Buchanan </strong>added that the task force also looked at 
ways in which the registrant consented to that use and it was explicitly 
removed to only apply to notice. <br>
<strong>Kathy Kleiman</strong> stated that outside opinions viewed the text as 
a privacy waiver and it was clearly not the intent of the task force. 
Emphasising the language of the EU Privacy Directive article 7</font></p>
<p><font face="Arial, Helvetica, sans-serif">&quot;Member States shall provide  
that personal data may be processed only if <br>
  a) the data subject has unambiguously given his consent&quot;<br>
  <br>
 would lead to the notice provision being  interpreted as a privacy waiver, 
Kathy felt that the task force should take action.<br>
 <br>
 <strong>Jordyn Buchanan</strong>, supported by <strong>Ross Rader</strong>, 
and <strong>Milton Mueller</strong>, <strong>Niklas Largergren</strong></font> 
<font face="Arial, Helvetica, sans-serif">and <strong>Kathy Kleiman</strong><br>
 ( 
 the latter two suggested that the communication to the Council should 
emphasise timing and not withdrawing the recommendation)</font> <br>
 <font face="Arial, Helvetica, sans-serif">proposed:<br>
 Drafting a letter to Bruce Tonkin, the GNSO Council chair about a concern  
raised that the current proposal relating to improving notice to registrants 
regarding the use of their contact details in the Whois system may be viewed as 
a waiver of registrants privacy rights. It was not the intent of the task force 
that the recommendation act as any sort of waiver, but the issue was not 
considered during the work of the task force. Since the task force believed 
that it was an important issue and believed that it would be premature for the 
Council to adopt the policy recommendations without considering it Council was 
requested to either:</font></p>
<p><font face="Arial, Helvetica, sans-serif">a) Refer the recommendation back 
to the Task Force for further consideration of this specific issue; 
alternatively, the Council may want to consider this specific issue itself, 
or</font></p>
<p><font face="Arial, Helvetica, sans-serif">b) Delay adoption of this 
recommendation until such time as the full range of issues currently being 
considered by the task force have resulted in a broader set of recommendations 
that may render this issue moot.</font><br>
<br>
<font face="Arial, Helvetica, sans-serif"><strong>Next call</strong> 
<strong>Tuesday 23 August 2005 </strong><br>
</font><font face="Arial, Helvetica, sans-serif">1. Voting on the procedure for 
National Laws <br>
2. Discuss two questions on purpose:<br>
1. Whether or not the task force thought that the purpose of Whois was to 
provide information about:<br>
- the registrant per se - or<br>
- whether it was in order to provide information about either the registrant or 
the agent - or <br>
- whether it had to be someone capable of resolving issues related to the 
domain?<br>
2. W</font><font face="Arial, Helvetica, sans-serif">hat types of problems or 
issues was Whois intended to resolve?<br>
</font><font face="Arial, Helvetica, sans-serif"></font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>  </strong></font><font 
face="Arial, Helvetica, sans-serif">The next Whois task force 
teleconference:<br>
  <a href="http://www.gnso.icann.org/calendar/#aug";>Tuesday 23 August 2005 at 
9:30 EST 13:30 UTC
  <br>
  </a><br>
    <strong>Jordyn Buchanan </strong>thanked all the task force members for 
participating.</font></p>
<p><font face="Arial, Helvetica, sans-serif"><strong>The WHOIS task force call 
ended at 17 :10 CET </strong></font></p>
<p> <font face="Arial, Helvetica, sans-serif"><br>
</font></p>
<p><font face="Arial, Helvetica, sans-serif">-</font></p>
<p>&nbsp;</p>
<p> </p>
<p> </p>
<p> </p>
<p>&nbsp; </p>
<p>&nbsp;</p>
<h1>&nbsp;</h1>
<p>&nbsp;</p>
<p align="center">&nbsp;</p>
<p>&nbsp;</p>



<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy