[gnso-dow123] Draft preliminary report
Hello: Maria has put together a draft preliminary report for review. This includes the recommendations that we will be voting on next Tuesday. (Which should be no surpr Maria's indicated that she's having some problems tracking down the BC constituency statement, but that will get added in before this gets posted. Jordyn Attachment:
TF 123 Conflicts draft Prelim Report.html <BASE href="https://owa.register.com/Exchange/jbuchanan/Deleted%20Items/No%20Subject-8476.EML/"; /> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <html > <head> <meta name=ProgId content=Word.Document> <meta name=Generator content="Microsoft Word 11"> <meta name=Originator content="Microsoft Word 11"> <title> </title> <style> <!-- font-face {font-family:Batang;} font-face {font-family:Georgia;} font-face {font-family:Garamond;} font-face {font-family:"\@Arial Unicode MS";} font-face {font-family:"\@Batang";} p.MsoNormal, li.MsoNormal, div.MsoNormal { margin:0in; margin-bottom:.0001pt; font-size:12.0pt; font-family:"Times New Roman";} h1 { margin-right:0in; margin-left:0in; font-size:24.0pt; font-family:"Times New Roman"; font-weight:bold;} h2 { margin-right:0in; margin-left:0in; font-size:18.0pt; font-family:"Times New Roman"; font-weight:bold;} h3 { margin-right:0in; margin-left:0in; font-size:13.5pt; font-family:"Times New Roman"; font-weight:bold;} h4 { margin-top:12.0pt; margin-right:0in; margin-bottom:3.0pt; margin-left:0in; page-break-after:avoid; font-size:14.0pt; font-family:"Times New Roman"; font-weight:bold;} p.MsoFootnoteText, li.MsoFootnoteText, div.MsoFootnoteText { margin:0in; margin-bottom:.0001pt; font-size:10.0pt; font-family:Georgia;} p.MsoHeader, li.MsoHeader, div.MsoHeader {margin:0in; margin-bottom:.0001pt; font-size:12.0pt; font-family:"Times New Roman";} span.MsoFootnoteReference { vertical-align:super;} p.MsoBodyText, li.MsoBodyText, div.MsoBodyText {margin:0in; margin-bottom:.0001pt; font-size:12.0pt; font-family:"Times New Roman";} a:link, span.MsoHyperlink {color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {color:purple; text-decoration:underline;} p {margin:0in; margin-bottom:.0001pt; font-size:12.0pt; font-family:"Times New Roman";} pre {margin:0in; margin-bottom:.0001pt; font-size:10.0pt; font-family:"Courier New";} p.Style1, li.Style1, div.Style1 { margin-right:0in; margin-left:0in; font-size:12.0pt; font-family:Georgia; font-weight:bold;} p.Default, li.Default, div.Default { margin:0in; margin-bottom:.0001pt; font-size:12.0pt; font-family:"Times New Roman"; color:black;} div.Section1 {page:Section1;} ol {margin-bottom:0in;} ul {margin-bottom:0in;} --> </style> </head> <body lang=EN-US link=blue vlink=purple style=''> <div class=Section1> <h3><a name="_Toc100224739"> </a></h3> <h3> </h3> <h3 align=center style='text-align:center'><a name="_Toc101951776">Combined WHOIS Task Force (1, 2, 3) of the GNSO Council</a></h3> <h3> </h3> <p> </p> <p align=center style='text-align:center'><strong>Preliminary task force report on a policy recommendation and advice on a procedure for handling </strong></p> <p align=center style='text-align:center'><b style=''>conflicts between a registrar/registry’s legal obligations under privacy laws and their contractual obligations to ICANN</b><strong><span style='font-weight: normal;'> </span></strong><b style=''></b></p> <p align=center style='text-align:center'><strong> </strong></p> <p align=center style='text-align:center'><strong> </strong></p> <p align=center style='text-align:center'><strong>For public comment from xx August 2005 to xx September 2005</strong></p> <p align=center style='text-align:center'> </p> <h3> </h3> <p class=MsoNormal> </p> <h2><strong>Table of contents </strong></h2> <p> </p> <p><a href="#_Toc101951776">Combined WHOIS Task Force (1, 2, 3) of the GNSO Council </a></p> <p><a href="#_Toc101951777">1 Introduction & background </a></p> <p><a href="#_Toc101951778">1.1 Text of recommendation and advice on a procedure </a></p> <p><a href="#Section1_2">1.2 Task Force Vote</a></p> <p><a href="#_Toc101951780">2 Constituency statements </a></p> <p><a href="#_Toc101951781">2.1 Commercial and Business User Constituency </a></p> <p><a href="#_Toc101951782">2.2 Non-Commercial User Constituency </a></p> <p><a href="#_Toc101951783">2.3 Intellectual Property Constituency </a></p> <p><a href="#_Toc101951784">2.4 Registrar Constituency </a></p> <p><a href="#_Toc101951785">2.5 Registry Constituency</a></p> <p><a href="#_Toc101951786">2.6 Internet Service Providers & Connectivity Providers Constituency </a></p> <p><a href="#_Toc101951795">Annex 1 Relevant provisions of the Registrar Accreditation Agreement </a></p> <h3><br> </h3> <h1><a name="_Toc101951777">1 Introduction & background</a></h1> <p class=MsoNormal>This document is the Preliminary Task Force Report on a consensus policy recommendation and advice on a procedure for handling WHOIS conflicts with local or national privacy laws.<span style=''> </span>It is comprised of the proposed recommendation and advice, background information, and the constituency statements on the recommendation and advice. <p> </p> <p>In December 2003, WHOIS Task Force 2 was tasked with “document(ing) examples of existing privacy laws in regard to display/transmittal of data”.<span style=''> </span>(Task Force 2 terms of reference, point 4 of ‘tasks and milestones’; <a href="/exchweb/bin/redir.asp?URL=http://gnso.icann.org/issues/whois-privacy/tor2.shtml"; target=_blank>http://gnso.icann.org/issues/whois-privacy/tor2.shtml</a>).</p> <p> </p> <p>Task Force 2’s preliminary report was published for public comment in June 2004 at <a href="/exchweb/bin/redir.asp?URL=http://gnso.icann.org/issues/whois-privacy/Whois-tf2-preliminary.html%23ProxyServices"; target=_blank>http://gnso.icann.org/issues/whois-privacy/Whois-tf2-preliminary.html#ProxyServices</a>. The report found (in section 2.3) that:<span style=''> </span></p> <p> </p> <p class=MsoNormal>“<i style=''>After documenting and reviewing the examples of local privacy laws it is the Task Force’s finding that different nations have very different privacy laws and that the determination whether they are applicable to the gTLD WHOIS situation is not an easy one. However, situations have arisen in which privacy laws or regulations have conflicted with WHOIS-related contractual obligations with ICANN. </i></p> <p class=MsoNormal><i style=''>…</i></p> <p class=MsoNormal style=''><i style=''>The Task Force believes that there is an ongoing risk of conflict between a registrars’ or registries’ legal obligations under local privacy laws and their contractual obligations to ICANN. </i></p> <p class=MsoNormal style=''><i style=''>Since the variety of the existing local privacy laws does not allow for a one-size-fits-all solution, the registrars and registries encountering such local difficulties should be allowed an exception from the contractual WHOIS obligation for the part of the WHOIS data in question by the local regulation, after proving the existence of such a conflict with a law or regulation. In addition, a procedure should be established for seeking to resolve such conflicts with local authorities as new regulations evolve in a way that promotes stability and uniformity of the WHOIS system. </i></p> <p class=MsoNormal style=''><i style=''>Such steps will undoubtedly achieve a greater legal certainty and foster the international competition on the domain name market.”</i></p> <p class=MsoNormal style=''>The report recommended (section 3.3) that ICANN “<i style=''>develop and implement a procedure for dealing with the situation where a registrar (or registry, in thick registry settings) can credibly demonstrate that it is legally prevented by local mandatory privacy law or regulations from fully complying with applicable provisions of its ICANN contract regarding the collection, display and distribution of personal data via Whois. The goal of the procedure should be to resolve the conflict in a manner conducive to stability and uniformity of the Whois system.”</i><span style=''> </span></p> <p class=MsoNormal style=''>The report gave details for the steps to be included in such a procedure: </p> <ul type=disc> <li class=MsoNormal style=' '><i style=''>“Written notification by the affected registrar/registry to ICANN with a detailed report which includes but is not limited to: </i></li> <ul type=circle> <li class=MsoNormal style=''><i style=''>The law or regulation that causes the conflict.</i></li> <li class=MsoNormal style=''><i style=''>The part of the Whois obligation in question.</i></li> <li class=MsoNormal style=''><i style=''>The steps that will have to be taken to cure the conflict.</i></li> </ul> <li class=MsoNormal style=' '><i style=''>If data elements are removed this must be notified to the requester by the insertion of standardized notice in the Whois results advising the requester of the problem and, if possible, directing requester to another source or alternative procedure for obtaining access to this data element.</i></li> <li class=MsoNormal style=' '><i style=''>Prompt notification from ICANN to the public informing it of the change and of the reasons for ICANN’s forbearance from enforcement of full compliance with the contractual provision in question. </i></li> <li class=MsoNormal style=' '><i style=''>The changes must be archived on a public website for future research</i></li> </ul> <p class=MsoNormal style=''><i style=''>Except in those cases arising from a formal complaint or contact by a local law enforcement authority that will not permit consultation with ICANN prior to resolution of the complaint under local law, the procedure should be initiated using the following steps:</i></p> <ul type=disc> <li class=MsoNormal style=' '><i style=''>prompt notification by the affected registrar/registry to ICANN with detailed summary of the problem arising including: </i></li> <ul type=circle> <li class=MsoNormal style=''><i style=''>The law or regulation that causes the conflict.</i></li> <li class=MsoNormal style=''><i style=''>The part of the Whois obligation in question.</i></li> </ul> <li class=MsoNormal style=' '><i style=''>consultation by the registrar/registry with ICANN and other parties (which may include government agencies) to try to resolve the problem/ remove the impediment to full compliance with contract.</i>”</li> </ul> <p><b style=''><span style=''> </span></b></p> <p>On 30 November 2004, the WHOIS Task Forces 1 and 2 produced <b><a href="/exchweb/bin/redir.asp?URL=http://gnso.icann.org/issues/whois-privacy/whois-tf-conflict-30nov04.pdf"; target=_blank>Recommendation 1 – A<span style=''> </span>Procedure for conflicts, when there are conflicts between a registrar's of registry's legal obligations under local privacy laws and their contractual obligations to ICANN.</a> <span style=''> </span></b>This recommendation was presented to the GNSO Council during the GNSO public forum at the ICANN meeting in Capetown in December 2004. </p> <p> </p> <p class=MsoNormal style=''>On February 17, 2005, the WHOIS task force’s 1, 2 and 3 were combined into a single, combinedWHOIS Task Force. (<span style='font-size:10.0pt;font-family: "Courier New"'><a href="/exchweb/bin/redir.asp?URL=http://www.gnso.icann.org/meetings/minutes-gnso-17feb05.shtml"; target=_blank>http://www.gnso.icann.org/meetings/minutes-gnso-17feb05.shtml</a>) The combined WHOIS task force was chartered by the GNSO Council with terms of reference and set of tasks on 2nd June 2005:</span></p> <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New"'><a href="/exchweb/bin/redir.asp?URL=http://gnso.icann.org/policies/terms-of-reference.html"; target=_blank>http://gnso.icann.org/policies/terms-of-reference.html</a>.</span><span style='font-family:Garamond;'></span></p> <p class=MsoNormal style=''>“<span style='font-family:Garamond;'>(5) Determine how to resolve differences between a Registered Name Holder's, gTLD Registrar's, or gTLD Registry's obligation to abide by all applicable laws and governmental regulations that relate to the<br> WHOIS service, as well as the obligation to abide by the terms of the agreements with ICANN that relate to the WHOIS service. [Note this task refers to the current work in the WHOIS task force called 'Recommendation 2', A Procedure for conflicts, when there are conflicts between a registrar's of registry's legal obligations under local privacy laws and their contractual obligations to ICANN.]”</span></p> <p class=MsoNormal><span style='font-family:Garamond;'>Task 5 of the terms of reference required the Combined WHOIS Task Force to conclude its work on this recommendation. Task force members continued to develop the recommendation through June 2005.<span style=''> </span>The task force voted </span>on May 24, 2005 to divide its work into a recommendation for consensus policy accompanied by advice for a procedure.</p> <p class=MsoNormal style=''><span style='font-family:Garamond;'>Constituency statements on the recommendation were solicited by 21 July 2005.<span style=''> </span></span></p> <p><span style=''> </span> </p> <h2><a name="_Toc101951778">1.1 Text of recommendation</a> and advice on a procedure</h2> <p class=MsoNormal align=center style='text-align:center'> <b style=''><span style='font-size:14.0pt'>WHOIS Task Force</span></b></p> <p class=MsoNormal align=center style='text-align:center'><b style=''><span style='font-size:14.0pt'>Policy recommendation and advice on Whois conflicts with national and local privacy laws</span></b></p> <p class=MsoNormal><b style=''><span style='font-size:14.0pt'> </span></b></p> <p class=MsoNormal><b>Preamble:</b></p> <p class=MsoNormal><b> </b></p> <p class=MsoNormal>Task Force 2 spent over a year collecting data and working on the conflict between a registrar/registry’s legal obligations under privacy laws and their contractual obligations to ICANN.<span style=''> </span>Its report included the statement:<span style=''> </span>“The Task Force believes that there is an ongoing risk of conflict between a registrar’s or registry’s legal obligations under local privacy laws and their contractual obligations to ICANN<i>.<span style=''> </span>TF2 Report, Section 2.3,</i> http://www.gnso.icann.org/issues/whois-privacy/Whois-tf2-preliminary.html.</p> <p class=MsoNormal> </p> <p class=MsoNormal>By vote of the Task Force, now merged, on May 24, 2005, the work of Task Force 2 is hereby divided into a recommendation for “consensus policy” accompanied by “well-developed advice for a procedure.”</p> <p class=MsoNormal> </p> <p class=MsoNormal><b>I.<span style=''> </span>Task Force Policy for WHOIS Conflicts with Privacy Law</b></p> <p class=MsoNormal><b><span style='font-variant:small-caps'> </span></b></p> <p class=MsoNormal><b><span style='font-variant:small-caps'>Consensus Policy Recommendation</span></b></p> <p class=MsoNormal> </p> <p class=MsoNormal>In order to facilitate reconciliation of any conflicts between local/national mandatory privacy laws or regulations and applicable provisions of the ICANN contract regarding the collection, display and distribution of personal data via Whois, ICANN should: </p> <p class=MsoNormal> </p> <p class=MsoNormal>1.<span style=''> </span>Develop and publicly document a procedure for dealing with the situation in which a registrar or registry can credibly demonstrate that it is legally prevented by local/national privacy laws or regulations from fully complying with applicable provisions of its ICANN contract regarding the collection, display and distribution of personal data via WHOIS.<span style=''> </span></p> <p class=MsoNormal> </p> <p class=MsoNormal>2.<span style=''> </span>Create goals for the procedure which include:<span style=''> </span></p> <p class=MsoNormal> </p> <p class=MsoNormal><span style=''> </span>a.<span style=''> </span>Ensuring that ICANN staff is informed of a conflict at the earliest appropriate juncture;</p> <p class=MsoNormal> </p> <p class=MsoNormal><span style=''> </span>b.<span style=''> </span>Resolving the conflict, if possible, in a manner conducive to ICANN’s Mission, applicable Core Values and the stability and uniformity of the Whois system;</p> <p class=MsoNormal> </p> <p class=MsoNormal><span style=''> </span>c.<span style=''> </span>Providing a mechanism for the recognition, if appropriate, in<span style=''> </span>circumstances where the conflict cannot be otherwise resolved, of an exception to contractual obligations with regard to collection, display and distribution of personally identifiable data via Whois; and </p> <p class=MsoNormal> </p> <p class=MsoNormal><span style=''> </span>d.<span style=''> </span>Preserving sufficient flexibility for ICANN staff to respond to particular factual situations as they arise.</p> <p class=MsoNormal> </p> <p class=MsoNormal> </p> <p class=MsoNormal><b>II.<span style=''> </span>Text of Recommended Procedure</b></p> <p class=MsoNormal><b> </b></p> <p class=MsoNormal><b><span style='font-variant:small-caps'>Well-Developed Advice on a Procedure for Handling WHOIS Conflicts</span></b></p> <p class=MsoNormal><b><span style='font-variant:small-caps'><span style=''> </span>with Privacy Law<span style=''> </span></span></b></p> <p class=MsoNormal> </p> <p class=MsoNormal>Based on extensive research and negotiation among Task Force 2 together with the merged Task Force and ICANN staff, the following procedure for handling the policy recommendation set out in Section I above is set out as a Recommended </p> <p class=MsoNormal>Step-by-Step Procedure for Resolution of WHOIS Conflicts with Privacy Law.<span style=''> </span>We encourage ICANN staff to use this Recommended Procedure as a starting point for developing the procedure called for in the Consensus Policy Recommendation above. </p> <p class=MsoNormal> </p> <p class=MsoNormal> </p> <p class=MsoNormal><i style=''>Step One: Notification of Initiation of Action</i></p> <p class=MsoNormal> </p> <p class=MsoNormal>Once receiving notification of an investigation, litigation, regulatory proceeding or other government or civil action that might affect its compliance with the provisions of the RAA or other contractual agreement with ICANN dealing with the collection, display or distribution of personally identifiable data via Whois (“Whois Proceeding”), a Registrar/ Registry must within thirty (30) days provide ICANN’s General Counsel (or other staff member as designated by ICANN)<a style='' href="#_ftn1" name="_ftnref1" title=""><span class=MsoFootnoteReference><span style=''><span class=MsoFootnoteReference><span style='font-size:12.0pt;font-family:"Times New Roman"; '>[1]</span></span></span></span></a> with the following information: </p> <p class=MsoNormal> </p> <p class=MsoNormal style='margin-left:39.35pt;text-indent:-.25in; '><span style='font-family:Symbol; '><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>Summary description of the nature and status of the action (e.g., inquiry, investigation, litigation, threat of sanctions, etc.)</p> <p class=MsoNormal style='margin-left:39.35pt;text-indent:-.25in; '><span style='font-family:Symbol; '><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>Contact information for the responsible official of the registrar/registry for resolving the problem.</p> <p class=MsoNormal style='margin-left:39.35pt;text-indent:-.25in; '><span style='font-family:Symbol; '><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>Contact information for the responsible territorial government agency or other claimant and a statement from the registrar/registry authorizing ICANN to communicate with those officials or claimants on the matter. If the registrar/registry is prevented by applicable law from granting such authorization, the notification should document this.</p> <p class=MsoNormal style='margin-left:39.35pt;text-indent:-.25in; '><span style='font-family:Symbol; '><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>The text of the applicable law or regulations upon which the local government or other claimant is basing its action or investigation, if such information has been indicated by the government or other claimant.</p> <p class=MsoNormal> </p> <p class=MsoNormal>Meeting the notification requirement permits Registrars/Registries to participate in investigations and respond to court orders, regulations, or enforcement authorities in a manner and course deemed best by their counsel.</p> <p class=MsoNormal> </p> <p class=MsoNormal>Depending on the specific circumstances of the Whois Proceeding, the Registrar/Registry may request that ICANN keep all correspondence between the parties confidential pending the outcome of the Whois Proceeding.<span style=''> </span>It is recommended that ICANN respond favorably to such requests to the extent that they can be accommodated with other legal responsibilities and basic principles of transparency applicable to ICANN operations.<span style=''> </span></p> <p class=MsoNormal style='text-indent:.5in'> </p> <p class=MsoNormal style=' page-break-after:avoid'><i style=''>Step Two: Consultation</i></p> <p class=MsoNormal style=' page-break-after:avoid'><i style=''> </i></p> <p class=MsoNormal style=' page-break-after:avoid'>Unless impractical under the circumstances, we recommend that the ICANN General Counsel, upon receipt and review of the notification and, where appropriate, dialogue with the registrar/registry, consider beginning a process of consultation with the local/national enforcement authorities or other claimant together with the registrar/registry.<span style=''> </span>The goal of the consultation process should be to seek to resolve the problem in a manner that preserves the ability of the registrar/registry to comply with its contractual obligations to the greatest extent possible.<span style=''> </span></p> <p class=MsoNormal> </p> <p class=MsoNormal>If the Whois proceeding<span style=''> </span>ends without requiring any changes and/or the required changes in registrar/registry practice do not, in the opinion of the General Counsel, constitute a deviation from the R.A.A. or other contractual obligation , then the General Counsel and the registrar/registry need to take no further action.<span style=''> </span></p> <p class=MsoNormal> </p> <p class=MsoNormal>If the registrar/registry is required by local law enforcement authorities or a court to make changes in its practices affecting compliance with Whois-related<span style=''> </span>contractual obligations before any consultation process can occur, the registrar/registry shall promptly notify the General Counsel of the changes made and the law/regulation upon which the action was based.<span style=''> </span>The Registrar/Registry may request that ICANN keep all correspondence between the parties confidential pending the outcome of the Whois Proceeding.<span style=''> </span>It is recommended that ICANN respond favorably to such requests to the extent that they can be accommodated with other legal responsibilities and basic principles of transparency applicable to ICANN operations.<span style=''> </span></p> <p class=MsoNormal> </p> <p class=MsoNormal> </p> <p class=MsoNormal><i style=''>Step Three:<span style=''> </span>General Counsel analysis and recommendation</i></p> <p class=MsoNormal><i style=''> </i></p> <p class=MsoNormal>If the local/national government requires changes (whether before, during or after the consultation process described above)<span style=''> </span>that, in the opinion of the General Counsel, prevent full compliance with contractual WHOIS obligations, ICANN should consider the following alternative to the normal enforcement procedure.<span style=''> </span>Under this alternative, ICANN would refrain, on a provisional basis, from taking enforcement action against the registrar/registry for non-compliance, while the General Counsel prepares a report and recommendation and submits it to the ICANN Board for a decision. Such a report may contain:<span style=''> </span></p> <p class=MsoNormal> </p> <p class=MsoNormal style='margin-left:1.0in;text-indent:-.5in; '><span style=''>i.<span style='font:7.0pt "Times New Roman"'> </span></span>A summary of the law or regulation involved in the conflict;</p> <p class=MsoNormal style='margin-left:.5in'> </p> <p class=MsoNormal style='margin-left:1.0in;text-indent:-.5in; '><span style=''>ii.<span style='font:7.0pt "Times New Roman"'> </span></span>Specification of the part of the registry or registrar’s contractual WHOIS obligations with which full compliance if being prevented; </p> <p class=MsoNormal style='margin-left:1.0in;text-indent:-.5in; '><span style=''>iii.<span style='font:7.0pt "Times New Roman"'> </span></span>Summary of the consultation process if any under step two; and<span style=''> </span></p> <p class=MsoNormal> </p> <p class=MsoNormal style='margin-left:1.0in;text-indent:-.5in; '><span style=''>iv.<span style='font:7.0pt "Times New Roman"'> </span></span>Recommendation of how the issue should be resolved, which may include whether ICANN should provide an exception for the registrar/registry from one or more identified WHOIS contractual provisions. The report should include a detailed justification of its recommendation, including the anticipated impact <span style=' color:black'>on the operational stability, reliability, security, or global interoperability of the </span><span style=' '>Internet's unique identifier systems if the recommendation were to be approved or denied </span><span style='color:black'>. </span></p> <p class=MsoNormal style='text-indent:.5in'> </p> <p class=MsoNormal>The registrar/registry should be provided a copy of the report and provided a reasonable opportunity to comment on it to the Board.<span style=''> </span>The Registrar/Registry may request that ICANN keep such report confidential prior to any resolution of the Board.<span style=''> </span>It is recommended that ICANN respond favorably to such requests to the extent that they can be accommodated with other legal responsibilities and basic principles of transparency applicable to ICANN operations.<span style=''> </span></p> <p class=MsoNormal> </p> <p class=MsoNormal style='text-indent:.5in'> </p> <p class=MsoNormal style='text-indent:.5in'> </p> <p class=MsoNormal style=' page-break-after:avoid'><i style=''>Step Four:<span style=''> </span>Resolution </i></p> <p class=MsoNormal style=' page-break-after:avoid'> </p> <p class=MsoNormal style=' page-break-after:avoid'>Keeping in the mind the anticipated impact <span style='color:black'>on the operational stability, reliability, security, or global interoperability of the </span><span style=''>Internet's unique identifier systems</span>, the Board should consider and take appropriate action on the recommendations contained in the General Counsel’s report as soon as practicable.<span style=''> </span>Actions could include, but are not limited to:</p> <p class=MsoNormal> </p> <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in; '><span style='font-family:Symbol; '><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>Approving or rejecting the report’s recommendations, with or without modifications;</p> <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in; '><span style='font-family:Symbol; '><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>Scheduling a public comment period on the report; or </p> <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in; '><span style='font-family:Symbol; '><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>Referring the report to GNSO for its review and comment by a date certain.</p> <p class=MsoNormal> </p> <p class=MsoNormal><span style=''> </span></p> <p class=MsoNormal style='margin-left:.75in'> </p> <p class=MsoNormal> </p> <p class=MsoNormal><i style=''>Step Five:<span style=''> </span>Public Notice</i></p> <p class=MsoNormal> </p> <p class=MsoNormal><span style=''> </span>The Board’s resolution of the issue, together with the General Counsel’s report, should ordinarily be made public, along with the reasons for it, and be archived on a public website (along with other related materials) for future research. Prior to release of such information to the public, the Registry/Registrar may request that certain information (including, but not limited to, communications between the Registry/Registrar and ICANN, or other privileged/confidential information) be redacted from the public notice.<span style=''> </span>In the event that such redactions make it difficult to convey to the public the nature of the actions being taken by the Registry/Registrar, the General Counsel should work with the Registry/Registrar on an appropriate notice to the public describing the actions being taken and the justification for such actions. </p> <p class=MsoNormal> </p> <p class=MsoNormal>Unless the Board decides otherwise, if the result of its resolution of the issue is that data elements in the registrar’s Whois output will be removed or made less accessible, ICANN should issue an appropriate notice to the public of the resolution and of the reasons for ICANN’s forbearance from enforcement of full compliance with the contractual provision in question. </p> <p class=MsoHeader style=''> </p> <p class=MsoNormal> </p> <p><span style=''> </span></p> <p> </p> <p> </p> <h3><a name="Section1_2">1.2 Results of Task Force Vote</a> <p>This report will be the subject of a task force vote to be held on Tuesday, August 30<sup>th</sup>, 2005. Results of the vote will be inserted at that time.</p> <h1><a name="_Toc100224740"></a><a name="OLE_LINK2"></a><a name="OLE_LINK1"></a><a name="_Toc101951780"></a><span style=''>2 Constituency statements</span></h1> <h3><a name="_Toc101951781">2.1 Commercial and Business User Constituency</a></h3> <p><strong> TBA</strong></p> <p><strong> </strong></p> <h3><a name="_Toc101951782">2.2 Non-Commercial User Constituency</a></h3> <p class=MsoNormal style=''>NCUC Statement on "Whois Task Force Policy Recommendation and Advice on Whois Conflicts with National and local Privacy Laws."</p> <p class=MsoNormal style=''> </p> <p class=MsoNormal style=''>The NCUC supports passage and quick implementation of the "Whois Task Force Policy Recommendation and<span style=''> </span>Advice on Whois Conflicts with National Privacy Laws." The NCUC views this procedure as a stop-gap measure that needs to be implemented pending a more comprehensive reform of the Whois service to make it conform to ICANN's<span style=''> </span>mission, national privacy laws and international privacy norms.</p> <p class=MsoNormal><span style=''> </span></p> <p><strong><span style=''> </span> </strong></p> <h3><a name="_Toc101951783">2.3 Intellectual Property Constituency</a></h3> <p class=Default>This statement responds to the request for constituency input on the Whois Task Force<span style=''> </span>recommendations regarding conflicts between local law and Whois requirements.<span style=''> </span><i>See </i>Call for constituency statements: WHOIS Consensus Policy & Procedure for conflicts with national law, <i style=''>at</i> <a href="/exchweb/bin/redir.asp?URL=http://forum.icann.org/lists/gnso-dow123/msg00415.html"; target=_blank>http://forum.icann.org/lists/gnso-dow123/msg00415.html</a>.<span style=''> </span>Pursuant to requirements of the GSNO policy development process, outlined by the ICANN bylaws, see Annex A, Sec. 7(d), available at <u>http://www.icann.org/general/archive-bylaws/bylaws-19apr04.htm</u>, the IPC came to the following conclusion. </p> <p class=MsoNormal><span style=''> </span></p> <p class=MsoNormal>The Intellectual Property Interests Constituency (IPC) generally supports the “Policy/Advice Recommendation on conflicts between national privacy laws and registries’ or registrars’ contractual obligations to ICANN.”</p> <p class=MsoNormal> </p> <p class=MsoNormal>While we agree with the statement by Whois Task Force 2 that “there is an ongoing risk of conflict between a registrar’s or registry’s legal obligations under local privacy laws and their contractual obligations to ICANN,” we believe this risk is generally low in the gTLD environment.<span style=''> </span>Public access to Whois and local privacy laws have coexisted for many years, and the likelihood is that this will continue to be the case in the future.<span style=''> </span>The main reasons for this are (1) under ICANN’s contracts, no domain name may be registered in a generic Top Level Domain until the registrant has been notified of, and consented to, the uses and disclosures that may be made of personally identifiable data submitted in connection with the registration;<a style='' href="#_ftn2" name="_ftnref2" title=""><span class=MsoFootnoteReference><span style=''><span class=MsoFootnoteReference><span style='font-size:12.0pt;font-family:"Times New Roman"; '>[2]</span></span></span></span></a> and (2) Whois data has historically been, and continues to be, collected for the broad purpose of enabling contact with the entities responsible for a given Internet resource. Current ICANN agreements and long-standing registrar practices make clear that public access is one of the purposes for which Whois data is collected.<span style=''> </span>Indeed, the contractual obligations of the Registered Name Holder <i style=''>depend</i> on the public’s ability to access the information and use it. <a style='' href="#_ftn3" name="_ftnref3" title=""><span class=MsoFootnoteReference><span style=''><span class=MsoFootnoteReference><span style='font-size:12.0pt;font-family:"Times New Roman"; '>[3]</span></span></span></span></a></p> <p class=MsoNormal> </p> <p class=MsoNormal>However, because the risk of conflict between RAA obligations and national law, while probably very low, is not zero, we support the idea that ICANN should have a procedure in place for handling claims of such conflicts.<span style=''> </span>The alternative<span style=''> </span>-- to have no formal procedure in place for this eventuality – could have adverse consequences.<span style=''> </span>Registrars and registries might simply unilaterally change their policies and practices so that they fail to comply with ICANN agreements, and wait for compliance action from ICANN, if any.<span style=''> </span>This could create uncertainty, insecurity and instability in the domain name system, and reduce uniformity of Whois policies.<span style=''> </span>The result could be confusion and frustration of the purposes of the Whois database, to the detriment of intellectual property owners, businesses, consumers, parents, law enforcement agencies, and others who rely upon access to it.<span style=''> </span></p> <p class=MsoNormal style='text-indent:.5in'> </p> <p class=MsoNormal style='text-indent:.5in'>The goals for the procedure, set out in item 2 of the Consensus Policy Recommendation, are critical: </p> <p class=MsoNormal style='text-indent:.5in'> </p> <p class=MsoNormal style='margin-left:75.0pt;text-indent:-.25in; '><span style='font-family:Symbol; '><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>ICANN should be made aware of a potential or asserted conflict as soon as possible, and where appropriate ICANN should actively assist in efforts to resolve the issue in a way that allows full compliance with both local law and contractual obligations.<span style=''> </span>For example, local law may require that the registrar do more than the ICANN contract requires in order to obtain a consent from the registrant, which is legally valid under that jurisdiction’s laws, for a use of Whois data.<span style=''> </span>In such a circumstance, the registrar should be required to take those extra steps to obtain such consent, if it is practical to do so, and if consent obtained simply by following the contractual obligations would make the use problematic under local law.<span style=''> </span></p> <p class=MsoNormal style='margin-left:75.0pt;text-indent:-.25in; '><span style='font-family:Symbol; '><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>The mechanism for recognizing an exception to contractual obligations should be exercised only in extraordinary circumstances, and should not be mandatory or automatic whenever efforts at resolution meet an impasse. Recognizing exceptions could have adverse impacts on the security and stability of the current system, and on the competitive playing field among registrars. Conceivably, the application of some local law could be so rigid or </p> <p class=MsoNormal style='margin-left:75.0pt;text-indent:-.25in; '><span style='font-family:Symbol; '><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>demanding that a registrar or registry subject to that law simply cannot fulfill its contractual obligations to ICANN and thus the contractual relationship must be phased out.<a style='' href="#_ftn4" name="_ftnref4" title=""><span class=MsoFootnoteReference><span style=''><span class=MsoFootnoteReference><span style='font-size:12.0pt;font-family:"Times New Roman"; '>[4]</span></span></span></span></a> </p> <p class=MsoNormal style='margin-left:75.0pt;text-indent:-.25in; '><span style='font-family:Symbol; '><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><span style=''> </span>Finally, flexibility is critical, since we cannot now anticipate the specific contours of a future potential conflict, and the legal issues – beginning with which jurisdiction’s law is even applicable – may be extremely complex.<span style=''> </span></p> <p class=MsoNormal style='text-indent:.5in'> </p> <p class=MsoNormal>In general, IPC believes the Recommended Procedure meets these goals and forms a good starting point for development of the policy.<span style=''> </span>The General Counsel (or some other ICANN staff person) should be designated to receive notifications of potential conflicts, to engage in consultation efforts to help resolve them, and to inform the Board and ultimately the ICANN community of any action that needs to be taken.<span style=''> </span>While this may include, in an extraordinary case, forbearance from full enforcement of contractual obligations, it may also include enforcement action to compel compliance.<span style=''> </span></p> <p class=MsoNormal style='text-indent:.5in'> </p> <p class=MsoNormal style='text-indent:.5in'>IPC offers a few specific comments regarding the Recommended Procedure, which it urges the ICANN staff to consider in formulating its own procedure:</p> <p class=MsoNormal style='text-indent:.5in'> </p> <p class=MsoNormal style='text-indent:.5in'>A.<span style=''> </span>We are concerned that the confidentiality provisions in Steps One, Two, and Three could, as a practical matter, foreclose the ability of interested parties to question or rebut the need for a departure from the RAA on a case-by-case basis. Such an ability to question a registrar’s assertion of a conflict in a specific case is particularly important in light of the sparse or non-existent history of insurmountable conflicts between national laws and the RAA. Although we agree there could be circumstance in which confidentiality might be necessary, the policy should not favor such requests, and in fact should specify that they would be granted only in unusual circumstances.</p> <p class=MsoNormal style='text-indent:.5in'> </p> <p class=MsoNormal style='text-indent:.5in'>B.<span style=''> </span>The statement near the end of Step One that “Meeting the notification requirements permits Registrar/Registries to participate in investigations and respond to court orders, regulations, or enforcement authorities in a manner and course deemed best by their counsel” is ambiguous.<span style=''> </span>This language may be intended to provide an incentive for registrars to comply with the notification requirements set out in Step One.<span style=''> </span>However, the consequence of failing to meet the notification requirements is not specified.<span style=''> </span>On the other hand, it may be that this sentence is intended as an explanatory comment only.<span style=''> </span></p> <p class=MsoNormal style='text-indent:.5in'> </p> <p class=MsoNormal style='text-indent:.5in'>C.<span style=''> </span><span style=''> </span>"Step Four:<span style=''> </span>Resolution” should re-emphasize the goal of achieving uniform Whois disclosure requirements.<span style=''> </span>Therefore, we suggest amending the first sentence to read as follows: “Keeping in the mind the anticipated impact on the operational stability, reliability, security, or global interoperability of the Internet's unique identifier systems, <i style=''><u>and the value of<span style=''> </span>uniform Whois requirements applying to all Registrars/Registries to the extent possible,</u></i> the Board should consider and take appropriate action on the recommendations contained in the General Counsel’s report as soon as practicable.”</p> <p class=MsoNormal style='text-indent:.5in'> </p> <p class=MsoNormal style='text-indent:.5in'>D.<span style=''> </span>The Public Notice portion of the Procedure should include information about how information made less accessible can be accessed through other sources.<span style=''> </span>For example, if a departure from the RAA resulted in the registrant’s name but not address being made available, the notice should include information on alternative ways in which such information might be obtained.<span style=''> </span>Therefore, the final sentence of the recommendation should be amended as follows: “Unless the Board decides otherwise, if the result of its resolution of the issue is that data elements in the registrar’s Whois output will be removed or made less accessible, ICANN should issue an appropriate notice to the public of the resolution and of the reasons for ICANN’s forbearance from enforcement of full compliance with the contractual provision in question<i style=''><u>, including relevant contact information for how such data might be accessed in appropriate circumstances</u></i>.” </p> <p class=MsoNormal style='text-indent:.5in'><span style=''> </span></p> <p class=MsoNormal style='text-indent:.5in'> </p> <pre><span style='font-size:12.0pt;font-family:"Times New Roman"'>i) If a Supermajority Vote was reached, a clear statement of the constituency's position on the issue;</span></pre><pre><span style='font-size:12.0pt;font-family:"Times New Roman"'> </span></pre><pre><span style='font-size:12.0pt;font-family:"Times New Roman"'>See above.<span style=''> </span></span></pre> <p class=MsoNormal style=''> </p> <pre><span style='font-size:12.0pt;font-family:"Times New Roman"'>(ii) If a Supermajority Vote was not reached, a clear statement of all positions espoused by constituency members;</span></pre> <p class=MsoNormal style=''> </p> <p class=MsoNormal style=''>N/A </p> <p class=MsoNormal style=''> </p> <pre><span style='font-size:12.0pt;font-family:"Times New Roman"'>(iii) A clear statement of how the constituency arrived at its position(s). Specifically, the statement should detail specific constituency meetings,</span></pre><pre><span style='font-size:12.0pt;font-family:"Times New Roman"'>teleconferences, or other means of deliberating an issue, and a list of all members who participated or otherwise submitted their views;</span></pre> <p class=MsoNormal style=''> </p> <p class=MsoNormal style=''>The IPC membership was notified of the request for a constituency statement on June 22.<span style=''> </span>A draft constituency statement was circulated on July 8.<span style=''> </span>The statement and the issue were discussed at the IPC meeting in Luxembourg on July 11.<span style=''> </span>A revised version of the statement was circulated on July 20 and discussed on an IPC membership call on July 22.<span style=''> </span>At that meeting, on a motion, which was seconded, it was agreed without objection to approve the constituency statement, subject to minor drafting changes.<span style=''> </span></p> <p class=MsoNormal style=''><span style=''> </span></p> <pre><span style='font-size:12.0pt;font-family:"Times New Roman"'>(iv) An analysis of how the issue would affect the constituency, including any financial impact on the constituency; </span></pre> <p class=MsoNormal style=''> </p> <p class=MsoNormal style=''>As noted above, a sound policy in this area would benefit the constituency, whose members rely upon public access to Whois data to manage their domain name portfolios, enforce their rights against copyright and trademark infringers, and combat cybersquatting, among other purposes.<span style=''> </span>The lack of a policy in this area could ultimately reduce this access to Whois data, make access less uniform and predictable, reduce transparency and accountability, and encourage infringers and other violators to utilize particular registrars or registries in order to evade detection or enforcement efforts.<span style=''> </span>This would have an adverse financial impact on constituency members.<span style=''> </span></p> <p class=MsoNormal style=''> </p> <pre><span style='font-size:12.0pt;font-family:"Times New Roman"'>(v) An analysis of the period of time that would likely be necessary to implement the policy.</span></pre> <p class=MsoNormal style=''> </p> <p class=MsoNormal style=''>While this question should be directed to ICANN staff, IPC believes that the recommended procedure is a sufficiently good starting point that a formal procedure could be promulgated within a short time after approval of this recommendation.<span style=''> </span></p> <p style=''><strong> </strong></p> <h3 style=''><a name="_Toc101951784">2.4 Registrar Constituency</a></h3> <p class=MsoNormal style=' '><a name="_Toc101951785">A marked copy of the edits to the proposal recommended by the Registrar Constituency position is included below. These recommendations have been reviewed by the Registrar Constituency and ratified by a super-majority vote conducted in accordance with the Registrar Constituency Bylaws.</a></p> <p class=MsoNormal style=' '><span style=''> </span></p> <p class=MsoNormal style=' '><span style=''>A summary of the recommended changes is as follows:</span></p> <p class=MsoNormal style=' '><span style=''> </span></p> <p class=MsoNormal style=' '><span style=''>1. Section II should be positioned as guidance for the staff in establishing recommended procedures for handling WHOIS conflicts with national law. Section II therefore would be a non-exhaustive, non-binding suggestion rather than a consensus policy recommendation that must be implemented as written.</span></p> <p class=MsoNormal style=' '><span style=''> </span></p> <p class=MsoNormal style=' '><span style=''>2. Section II, Step 2 should include additional language that ensures that the registrar in question has worked with staff to identify whether or not a solution exists that satisfies the requirements of local law and the ICANN policy in question.</span></p> <p class=MsoNormal style=' '><span style=''> </span></p> <p class=MsoNormal style=' '><span style=''>3. There are other minor stylistic edits redlined throughout the document.</span></p> <p class=MsoNormal style=' '><span style=''> </span></p> <p class=MsoNormal style=''><span style=''>N.B. Additional text is marked in italics and bold.<span style=''> </span>Text that is suggested for deletion is marked in strikethrough mode. </span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''><b><span style='font-variant:small-caps'> </span></b></span></p> <p class=MsoNormal style=''><span style=''><b><span style='font-variant:small-caps'>“Consensus Policy Recommendation</span></b></span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''>In order to facilitate reconciliation of any conflicts between local/national mandatory privacy laws or regulations and applicable provisions of the ICANN contract regarding the collection, display and distribution of personal data via Whois, ICANN should: </span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''>1.<span style=''> </span>Develop and publicly document a procedure for dealing with the situation in which a registrar or registry can credibly demonstrate that it is legally prevented by local/national privacy laws or regulations from fully complying with applicable provisions of its ICANN contract regarding the collection, display and distribution of personal data via WHOIS.<span style=''> </span></span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''>2.<span style=''> </span>Create goals for the procedure which include:<span style=''> </span></span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''><span style=''> </span>a.<span style=''> </span>Ensuring that ICANN staff is informed of a conflict at the earliest appropriate juncture;</span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''><span style=''> </span>b.<span style=''> </span>Resolving the conflict, if possible, in a manner conducive to stability and uniformity of the Whois system;</span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''><span style=''> </span>c.<span style=''> </span>Providing a mechanism for the recognition, in appropriate circumstances where the conflict cannot be otherwise resolved, of an exception to contractual obligations <b style=''><i style=''>for all registrars</i></b> with regard to collection, display and distribution of personally identifiable data via Whois; and </span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''><span style=''> </span>d.<span style=''> </span>Preserving sufficient flexibility for ICANN staff to respond to particular factual situations as they arise.</span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''><b>II.<span style=''> </span><s>Text of Recommended </s><i style=''>Guidance</i> on<span style=''> </span>Procedure</b></span></p> <p class=MsoNormal style=''><span style=''><b> </b></span></p> <p class=MsoNormal style=''><span style=''><b><span style='font-variant:small-caps'>Well-Developed Advice on a Procedure for Handling WHOIS Conflicts</span></b></span></p> <p class=MsoNormal style=''><span style=''><b><span style='font-variant:small-caps'><span style=''> </span>with Privacy Law<span style=''> </span></span></b></span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''>Based on extensive research and negotiation among Task Force 2 together with the merged Task Force and ICANN staff, the following procedure for handling the policy recommendation set out in Section I above is set out as a Recommended </span></p> <p class=MsoNormal style=''><span style=''>Step-by-Step Procedure for Resolution of WHOIS Conflicts with Privacy Law.<span style=''> </span>We encourage ICANN staff to use this Recommended Procedure as a starting point for developing the procedure called for in the Consensus Policy Recommendation above. </span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''><i style=''>Step One: Notification of Initiation of Action</i></span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''>Once receiving notification of an investigation, litigation, regulatory proceeding or other government or civil action that might affect its compliance with the provisions of the RAA or other contractual agreement with ICANN dealing with the collection, display or distribution of personally identifiable data via Whois (“Whois Proceeding”), a Registrar/ Registry must within thirty (30) days provide ICANN’s General Counsel (or other staff member as designated by ICANN)</span><a style='' href="#_ftn5" name="_ftnref5" title=""><span style=''><span class=MsoFootnoteReference><span style=''><span class=MsoFootnoteReference><span style='font-size:12.0pt;font-family:"Times New Roman"; '>[5]</span></span></span></span></span></a><span style=''> with the following information: </span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style='margin-left:39.35pt;text-indent:-.25in; '><span style=''><span style='font-family:Symbol;'><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>Summary description of the nature and status of the action (e.g., inquiry, investigation, litigation, threat of sanctions, etc.)</span></p> <p class=MsoNormal style='margin-left:39.35pt;text-indent:-.25in; '><span style=''><span style='font-family:Symbol;'><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>Contact information for the responsible official of the registrar/registry for resolving the problem.</span></p> <p class=MsoNormal style='margin-left:39.35pt;text-indent:-.25in; '><span style=''><span style='font-family:Symbol;'><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>Contact information for the responsible territorial government agency or other claimant and a statement from the registrar/registry authorizing ICANN to communicate with those officials or claimants on the matter. If the registrar/registry is prevented by applicable law from granting such authorization, the notification should document this.</span></p> <p class=MsoNormal style='margin-left:39.35pt;text-indent:-.25in; '><span style=''><span style='font-family:Symbol;'><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span>The text of the applicable law or regulations upon which the local government or other claimant is basing its action or investigation, if such information has been indicated by the government or other claimant.</span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''>Meeting the notification requirement permits Registrars/Registries to participate in investigations and respond to court orders, regulations, or enforcement authorities in a manner and course deemed best by their counsel.</span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''>Depending on the specific circumstances of the Whois Proceeding, the Registrar/Registry may request that ICANN keep all correspondence between the parties confidential pending the outcome of the Whois Proceeding.<span style=''> </span>It is recommended that ICANN respond favorably to such requests to the extent that they can be accommodated with other legal responsibilities and basic principles of transparency applicable to ICANN operations.<span style=''> </span></span></p> <p class=MsoNormal style='text-indent:.5in;'><span style=''> </span></p> <p class=MsoNormal style=' page-break-after:avoid;'><span style=''><i style=''>Step Two: Consultation</i></span></p> <p class=MsoNormal style=' page-break-after:avoid;'><span style=''><i style=''> </i></span></p> <p class=MsoNormal style=' page-break-after:avoid;'><span style=''>Unless impractical under the circumstances, we recommend that the ICANN General Counsel, upon receipt and review of the notification and, where appropriate, dialogue with the registrar/registry, consider beginning a process of consultation with the local/national enforcement authorities or other claimant together with the registrar/registry.<span style=''> </span>The goal of the consultation process should be to seek to resolve the problem in a manner that preserves the ability of the registrar/registry to comply with its contractual obligations to the greatest extent possible.<span style=''> </span></span></p> <p class=MsoNormal style=' page-break-after:avoid;'><span style=''> </span></p> <p class=MsoNormal style=' page-break-after:avoid;'><span style=''><b style=''><i style=''>The Registrar should attempt to identify a solution that allows the registrar to meet the requirements of both the local law and ICANN obligations.<span style=''> </span>The General Counsel can assist in advising the registrar on whether the proposed solution meets the ICANN obligations.</i></b></span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''>If the Whois proceeding<span style=''> </span>ends without requiring any changes and/or the required changes in registrar/registry practice do not, in the opinion of the General Counsel, constitute a deviation from the R.A.A. or other contractual obligation , then the General Counsel and the registrar/registry need to take no further action.<span style=''> </span></span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''>If the registrar/registry is required by local law enforcement authorities or a court to make changes in its practices affecting compliance with Whois-related<span style=''> </span>contractual obligations before any consultation process can occur, the registrar/registry shall promptly notify the General Counsel of the changes made and the law/regulation upon which the action was based.<span style=''> </span>The Registrar/Registry may request that ICANN keep all correspondence between the parties confidential pending the outcome of the Whois Proceeding.<span style=''> </span>It is recommended that ICANN respond favorably to such requests to the extent that they can be accommodated with other legal responsibilities and basic principles of transparency applicable to ICANN operations.<span style=''> </span></span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''><i style=''>Step Three:<span style=''> </span>General Counsel analysis and recommendation</i></span></p> <p class=MsoNormal style=''><span style=''><i style=''> </i></span></p> <p class=MsoNormal style=''><span style=''>If the local/national government requires changes (whether before, during or after the consultation process described above)<span style=''> </span>that, in the opinion of the General Counsel, prevent full compliance with contractual WHOIS obligations, ICANN should consider the following alternative to the normal enforcement procedure.<span style=''> </span>Under this alternative, ICANN would refrain, on a provisional basis, from taking enforcement action against the registrar/registry for non-compliance, while the General Counsel prepares a report and recommendation and submits it to the ICANN Board for a decision. Such a report may contain:<span style=''> </span></span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style='margin-left:.5in;'><span style=''>i<span style=''> </span>A summary of the law or regulation involved in the conflict;</span></p> <p class=MsoNormal style='margin-left:.5in;'><span style=''> </span></p> <p class=MsoNormal style='margin-left:1.0in;text-indent:-.5in;'><span style=''>ii<span style=''> </span>Specification of the part of the registry or registrar’s contractual WHOIS obligations with which full compliance if being prevented; </span></p> <p class=MsoNormal style='margin-left:1.0in;text-indent:-.5in;'><span style=''> </span></p> <p class=MsoNormal style='margin-left:.5in;'><span style=''>iii<span style=''> </span>Summary of the consultation process if any under step two; and<span style=''> </span></span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style='margin-left:1.0in;text-indent:-.5in;'><span style=''>iv<span style=''> </span>Recommendation of how the issue should be resolved, which may include whether ICANN should provide an exception for <s>the</s> <b style=''><i style=''>all</i></b> registrar<b style=''><i style=''>s</i></b>/registr<b style=''><i style=''>ies</i></b> from one or more identified WHOIS contractual provisions. The report should include a detailed justification of its recommendation, including the anticipated impact </span><span style=''><span style='color:black'>on the operational stability, reliability, security, or global interoperability of the </span></span><span style=''><span style=' '>Internet's unique identifier systems if the recommendation were to be approved or denied </span></span><span style=''><span style=' color:black'>. </span></span></p> <p class=MsoNormal style='text-indent:.5in;'><span style=''> </span></p> <p class=MsoNormal style=''><span style=''>The registrar/registry should be provided a copy of the report and provided a reasonable opportunity to comment on it to the Board.<span style=''> </span>The Registrar/Registry may request that ICANN keep such report confidential prior to any resolution of the Board.<span style=''> </span>It is recommended that ICANN respond favorably to such requests to the extent that they can be accommodated with other legal responsibilities and basic principles of transparency applicable to ICANN operations.”<span style=''> </span></span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''>End of proposed changes to the recommendation and advice.</span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''><span style=''>The Registrar Constituency proposed no changes to the remaining sections of the procedure: <i style=''>Step Four:<span style=''> </span>Resolution </i>and<span style=''> </span><i style=''>Step Five:<span style=''> </span>Public Notice</i></span></p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoHeader style=''><span style=''> </span></p> <h3 style=''><span style=''>2.5 Registry Constituency statement</span></h3> <p class=MsoNormal style=''>This statement responds to the request for constituency input on the WHOIS COMBINED TASK FORCE Policy/Advice Recommendation 2 on conflicts between national privacy laws and registries' or registrars' contractual obligations to ICANN.</p> <p class=MsoNormal style=''>.</p> <p class=MsoNormal style=''>Pursuant to requirements of the GSNO policy development process, the Registry Constituency (RyC) has concluded:</p> <p class=MsoNormal style=''> </p> <p class=MsoNormal style=''>I. Constituency Position</p> <p class=MsoNormal style=''> </p> <p class=MsoNormal style=''>The RyC supports the general principles of the Policy/Advice Recommendation 2 on conflicts between national privacy laws and registries' or registrars' contractual obligations to ICANN. The RyC further believes that the recommended procedures should deal with the possibility of the following: </p> <p class=MsoNormal style='margin-left:.5in;'>(1) If exceptions to contractual requirements are made to accommodate local law(s) for one registrar or registry in a local jurisdiction, should the same exceptions be extended to other registrars and registries in that jurisdiction and, if so, how should that take place; and</p> <p class=MsoNormal style='margin-left:.5in;'><span style=''> </span>(2) If exceptions to contractual requirements are made to accommodate local law(s), it is possible that the variation in requirements for different registrars or registries will begin to create a fragmented experience for users and therefore create a need to revisit the contractual requirement in a broader way<span style='font-size:10.0pt; font-family:Arial;color:blue'>.</span><span style='color:black'></span></p> <p class=MsoNormal style=''>The RyC also believes that the Combined Task Force should include, in its final Recommendation, a further recommendation that affording tiered access to WHOIS data be available to registrars and registries as a means of complying with local legal requirements when applicable.</p> <p class=MsoNormal style=''><span style=''> </span></p> <p class=MsoNormal style=''>II. Method for Reaching Agreement on RyC Position </p> <p class=MsoNormal style=''> </p> <p class=MsoNormal style=''>The RyC drafted and circulated via email a constituency statement, soliciting input from its members. RyC members suggested edits and additions to the draft which were subsequently incorporated into the final constituency statement. The statement was adopted by a unanimous vote. One constituency member, RegistryPro did not take part in the vote. </p> <p class=MsoNormal style=''> </p> <p class=MsoNormal style=''>III. Impact on Constituency</p> <p class=MsoNormal style=''> </p> <p class=MsoNormal style=''>The Policy/Advice Recommendation 2 in its present form would assist the members of the RyC in fulfilling their legal obligations in their respective jurisdictions. It should be noted, however, that the Policy/Advice Recommendation 2 does not purport to provide complete assurance that potential conflicts can be avoided or resolved.</p> <span style='font-size:12.0pt;font-family:"Times New Roman"; '><br clear=all style=' page-break-before:always'> </span> <p class=MsoNormal style=''> </p> <p class=MsoNormal style=''>IV. Time Period Necessary to Complete Implementation</p> <p class=MsoNormal style=''> </p> <p class=MsoNormal style=''>We anticipate that the Policy/Advice Recommendation 2 supported by this statement would not require an extensive time period to implement. </p> <p class=MsoNormal style=''> </p> <p style=''><span style=''> </span></p> <h3 style=''><a name="_Toc101951786">2.6 Internet Service Providers & Connectivity Providers Constituency</a></h3> <p class=MsoBodyText style=''><b style=''><u>Introduction</u></b></p> <p class=MsoBodyText style=''><u><span style='text-decoration:none'> </span></u></p> <p class=MsoBodyText style=''>The Internet Service Providers & Connectivity Providers Constituency (ISPCP Constituency) herein provides input to the combined Whois Task Force on its recommendations on policies related to the Whois database as required by the ICANN GNSO policy development process.<span style=''> </span>Specifically, the task force has put forth a recommendation on procedures to be followed in the event of a conflict between national privacy laws and registry/registrar contractual obligations to ICANN<span style=''></span></p> <p class=MsoBodyText style='margin-left:.25in;'><span style=''> </span></p> <p class=MsoBodyText style=''><u><span style=''>The ISPCP constituency views on conflict of law resolution process.</span></u></p> <p class=MsoBodyText style=''><u><span style=''><span style='text-decoration:none'> </span></span></u></p> <p class=MsoBodyText style=''><span style=''>The ISPCP is generally supportive of the task force recommendations on how conflicts shall be addressed in the event of a conflict between the national laws of a registrar or registry’s home base and its ICANN contract.<span style=''> </span></span></p> <p class=MsoBodyText style=''><span style=''> </span></p> <p class=MsoBodyText style=''><span style=''>The ISPCP does not deem such conflicts to be a common occurrence in the gTLD or ccTLD space and further, we do not see any indicators that this trend is likely to change in the foreseeable future. We are guided in our belief by the examination of the record over the course of the past several years where, in the gTLD and ccTLD space, registries and registrars have rarely had reason to challenge their contractual obligations related to Whois disclosures as a result of conflicting national or local privacy laws. </span></p> <p class=MsoNormal style='text-align:justify;'> </p> <p class=MsoNormal style='text-align:justify;'>This was further evidenced by the previous Whois Task Force 2 findings during a survey completed in 2004. Within the EU member states’ ccTLD operators, those who submitted survey responses indicated that they work closely with their respective country’s data protection authorities and are in full compliance with their respective privacy laws.<span style=''> </span></p> <p class=MsoBodyText style=''><span style=''> </span></p> <p class=MsoBodyText style=''><b style=''><u><span style=''>ISPCP Position</span></u></b></p> <p class=MsoBodyText style=''><span style=''> </span></p> <p class=MsoBodyText style=''><span style=''>The majority of established privacy regimes throughout many regions of the world require that actual information use and disclosure practices be limited to the list of intended use and disclosure practices that are provided to the data subject at the time of data collection.<span style=''> </span>Accordingly, once more conspicuous disclosure is provided and consent obtained, the subsequent use of the registrant data for Whois purposes, pursuant to the ICANN contract, is not likely to be in conflict with local or national laws.<span style=''> </span></span></p> <p class=MsoBodyText style=''><span style=''> </span></p> <p class=MsoBodyText style=''><span style=''>The ISPCP believes that once registrants receive notice of the intended uses of their registration data as it relates to the Whois database, there is little reason for future use in accordance with the contract terms to somehow come in conflict with applicable privacy laws.<span style=''> </span>The likelihood of a conflict is further reduced once the more conspicuous notice requirements go into affect, and registrants are better alerted to the possible uses of the personally identifiable registration data they provide.<span style=''> </span></span></p> <p class=MsoBodyText style=''><span style=''> </span></p> <p class=MsoBodyText style=''><span style=''>Nevertheless, if a scenario arises whereby such conflict does arise, the ISPCP strongly favors the implementation of a process, clearly defined and transparent, that sets forth the steps in resolving any possible conflict.<span style=''> </span>In reviewing the proposal set forth by the Whois task force, the ISPCP finds it to be well thought out, neutral and respectful of the needs and interests of the ICANN community and the registry/registrar organizations.<span style=''> </span>Our constituency believes that no organization should be placed in a situation where it must choose between breaking its contractual obligations or violate applicable law, and we do not believe that any of the ICANN RAA terms are likely to do that.<span style=''> </span></span></p> <p class=MsoBodyText style=''><span style=''> </span></p> <p class=MsoBodyText style=''><span style=''>Based upon the forgoing values, we strongly urge the Whois task force to consider the following concepts prior to finalizing its policy recommendations related to conflict of law issues.<span style=''> </span></span></p> <p class=MsoBodyText style=''><span style=''> </span></p> <p class=MsoBodyText style='margin-left:43.5pt;text-indent:-.25in;'><span style='font-family:Symbol;'><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><span style=''>Transparency is paramount.<span style=''> </span>It is not only a major tenet of the ICANN policy development process, it is also an implicit aspect of most privacy laws.<span style=''> </span>Without full disclosure and transparency in the manner that information is collected and used, there can hardly be a viable notion of privacy protection.<span style=''> </span>While confidentiality of actions, negotiations and discussions may be necessary in some instances, it is not always a requirement or the most useful manner in which to resolve conflict.<span style=''> </span>Thus, the ISPCP believes that to the extent possible, the ICANN community be notified when the resolution process is begun and as much as possible throughout the process as well. <u></u></span></p> <p class=MsoBodyText style='margin-left:25.5pt;'><span style=''><span style=''> </span><u></u></span></p> <p class=MsoBodyText style='margin-left:43.5pt;text-indent:-.25in;'><span style='font-family:Symbol;'><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><span style=''>Outcomes should be uniform.<span style=''> </span>Some have indicated that legal obstacles will be used by registries or registrars to obtain competitive advantages, resulting in forum shopping.<span style=''> </span>The ISPCP has not seen any evidence that this is in fact reality.<span style=''> </span>Nevertheless, in order to remove the perception that this may be happening, the recommendation should emphasize the importance of uniformity and consistency of handling conflicts should they arise.<span style=''> </span><u></u></span></p> <p class=MsoBodyText style=''><u><span style=''><span style='text-decoration:none'> </span></span></u></p> <p class=MsoBodyText style='margin-left:79.5pt;text-indent:-.25in;'><span style='font-family:"Courier New";'><span style=''>o<span style='font:7.0pt "Times New Roman"'> </span></span></span><span style=''>It is worthy to note that transparency of the process will inevitably lead to more uniformity and better consistency among conflicts that do arise.<u></u></span></p> <p class=MsoBodyText style='margin-left:97.5pt;'><span style=''> </span></p> <p class=MsoBodyText style='margin-left:43.5pt;text-indent:-.25in;'><span style='font-family:Symbol;'><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><span style=''>Review should be ongoing.<span style=''> </span>The ISPCP believes that there will be some lessons learned from the first instance where this process is implemented.<span style=''> </span>With substantial input from the relevant registry or registrar, together with all constituencies, there should be a review of the pros and cons of how the process worked, and the development of revisions designed to make the process better and more efficient, should the need arise again at some point in the future.<u></u></span></p> <p class=MsoBodyText style='margin-left:25.5pt;'><u><span style=''><span style='text-decoration:none'> </span></span></u></p> <p class=MsoBodyText style='margin-left:79.5pt;text-indent:-.25in;'><span style='font-family:"Courier New";'><span style=''>o<span style='font:7.0pt "Times New Roman"'> </span></span></span><span style=''>Again, we’d like to highlight the fact that this goal will be easier met when there is transparency and uniformity throughout the process.<span style=''> </span><u></u></span></p> <p class=MsoBodyText style=''><span style=''> </span></p> <p class=MsoBodyText style='margin-left:43.5pt;text-indent:-.25in;'><span style='font-family:Symbol;'><span style=''>·<span style='font:7.0pt "Times New Roman"'> </span></span></span><span style=''>Accuracy is the goal. If this and other recommendations do not work towards improved accuracy, the system will remain substantially flawed. The ISPCP task force members have participated in good faith to achieve the improved privacy protections that are important to community. The constituency expects that all members of the task force, and the chair and ICANN staff especially, show commitment to improved accuracy and quickly move on to developing changes aimed at the same.</span></p> <p class=MsoBodyText style=''><span style=''> </span></p> <p class=MsoBodyText style=''><b style=''><u><span style=''>Conclusion</span></u></b></p> <p class=MsoBodyText style=''><b style=''><u><span style=''><span style='text-decoration:none'> </span></span></u></b></p> <p class=MsoBodyText style=''><span style=''>The ISPCP hereby thanks the task force for its work in this matter and looks forward to seeing a better Whois experience for all stakeholders who develop, populate, oversee and use the Whois databases.<span style=''> </span></span></p> <p class=MsoBodyText style=''><span style=''> </span></p> <p class=MsoNormal style=''> </p> <h1 style=''><a name="_Toc101951795"></a><a name=3.7.7.4></a><span style=''>Annex 1 Relevant provisions of the Registrar Accreditation Agreement</span></h1> <p class=MsoNormal style=' '>3.7.2 Registrar shall abide by applicable laws and governmental regulations.</p> <p class=MsoNormal style=''><span style=''> </span></p> <p style=''><a name="_ftn7"></a><a href="#_ftnref7"></a><span style=''></span></p> <p style=''><a name="_ftn8"></a><a href="#_ftnref8"></a><span style=''></span></p> <p style=''><a name="_ftn9"></a><a href="#_ftnref9"></a><span style=''></span> </p> <p class=MsoNormal style=''><span style=''> </span></p> </div> <div style=''><br clear=all> <hr align=left size=1 width="33%"> <div style='' id=ftn1> <p class=MsoFootnoteText style=''><a style='' href="#_ftnref1" name="_ftn1" title=""><span class=MsoFootnoteReference><span style=''><span class=MsoFootnoteReference><span style='font-size:10.0pt;font-family:Georgia; '>[1]</span></span></span></span></a> For simplicity, this designated official is referred to hereafter as the General Counsel, with the understanding that the functions described may be allocated differently among the ICANN staff. </p> </div> <div style='' id=ftn2> <p class=MsoFootnoteText style=''><a style='' href="#_ftnref2" name="_ftn2" title=""><span class=MsoFootnoteReference><span style=''><span class=MsoFootnoteReference><span style='font-size:10.0pt;font-family:Georgia; '>[2]</span></span></span></span></a> See RAA Subsections 3.7.7.4 and 3.7.7.5.<span style=''> </span></p> </div> <div style='' id=ftn3> <p class=MsoNormal style=''><a style='' href="#_ftnref3" name="_ftn3" title=""><span class=MsoFootnoteReference><span style=''><span class=MsoFootnoteReference><span style='font-size:12.0pt;font-family:"Times New Roman"; '>[3]</span></span></span></span></a> <span style='font-size:10.0pt'>Most notably, Registered Name Holders agree to be subject to the Uniform Dispute Resolution Policy, as imposed by RAA Subsection 3.7.7.11. It is impossible for a member of the public claiming trademark rights to bring a proceeding under the UDRP <u>without</u> using Whois data to specify the Respondent. <i style=''>See, e.g.</i>, <i style=''>Wells Fargo & Co. v. Doe</i>, No. FA0411000362108 (Nat. Arb. Forum Dec. 30, 2004) (ruling on complainant’s request to name “John Doe” as the respondent because the actual registrant had inserted the personal information of an innocent identity theft victim in the Whois database, the panel held that under the UDRP the complainant <u>must</u> name the party appearing in the Whois record as the Respondent in the complaint, but could request that the panel replace that name with “John Doe” in its published opinion</span>).</p> <p class=MsoFootnoteText style=''> </p> </div> <div style='' id=ftn4> <p class=MsoFootnoteText style=''><a style='' href="#_ftnref4" name="_ftn4" title=""><span class=MsoFootnoteReference><span style=''><span class=MsoFootnoteReference><span style='font-size:10.0pt;font-family:Georgia; '>[4]</span></span></span></span></a> Similarly, if a local law is applied to prevent registrars from obtaining valid consent from registrants in a particular jurisdiction, it may ultimately no longer be possible for such registrars to accept such registrations</p> </div> <div style='' id=ftn5> <p class=MsoFootnoteText style=''><a style='' href="#_ftnref5" name="_ftn5" title=""><span class=MsoFootnoteReference><span style=''><span class=MsoFootnoteReference><span style='font-size:10.0pt;font-family:Georgia; '>[5]</span></span></span></span></a> For simplicity, this designated official is referred to hereafter as the General Counsel, with the understanding that the functions described may be allocated differently among the ICANN staff. </p> </div> </div> </body> </html> |