<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: Access to data not displayed in Whois (was Re: [gnso-dow123] Alternative proposal re Whois)
- To: jordyn@xxxxxxxxxxxxx
- Subject: Re: Access to data not displayed in Whois (was Re: [gnso-dow123] Alternative proposal re Whois)
- From: Ross Rader <ross@xxxxxxxxxx>
- Date: Wed, 01 Nov 2006 21:43:20 -0500
Jordyn -
With respect, it is a complete non-starter to even consider requiring
registrars provide access to any non-public business data at the request
of any unrelated third party outside of the court system. This is a
colossally bad idea from so many angles that I can't even figure out
which I should describe first - there are massive issues related to
intellectual property, third party and direct legal liabilities,
shareholder/fiduciary responsibility concerns, privacy implications and
so on.
There are only two reasonable methods that we should be considering -
using due process, or working directly with the registrar directly. Both
methods are in widespread use today, both ensure balanced protection for
registrant, registrar, legal and public interests and of some
importance, would not force ICANN to push the bounds of its mandate to
include the sort of overly burdensome regulation of the nature that you
and the IPC are proposing.
Jordyn Buchanan wrote:
One topic that we have scheduled for discussion next week is how to access
contact information not displayed in the Whois system.
Here is a concept that I have sketched out very roughly--further input (or
completely different approaches) are welcome:
- Unpublished information will be made available under the following
circumstances:
1) The reason the data was withheld is no longer valid, OR
2a) The domain name, or the resources referenced by the domain, is being
used in an illegal manner, or in a manner that negatively effects the
security and stability of other internet resources, AND
2b) There is no other more appropriate source for the data, or the data is
not available from such a source.*
- If a requester needs access to non-published data, they could apply for
access to the data. The requester would make a prima facie case that
one of
the circumstances above had been met, and would make a request of the data.
- As in Steve's special circumstances proposal, some reasonable third party
would evaluate the request and determine whether the circumstnaces for the
release of data had been met. This request would be evaluated by the third
party with a fairly short expectation for turnaround (e.g., within 3
business days). If the third party agrees that the data should be
released,
the registrar would provide the non-published data to the requester.
- When the request for the data is made, the registrant will be notified of
the request** (I'd like to hear perspectives on whether or not the identity
of the requester should be included). At any time prior to the disclosure
of the data, the registrant may request that the registration be cancelled
instead of the data being disclosed.
* For example, if the complaint was that a DOS attack was originating
from a
particular IP address (that was also associated with a domain name) and the
information was available from the IP address registry, the data would not
be disclosed through this mechanism.
** I recognize that in some circumstances, investigations may be underway
where criminal wrongdoing is taking place and we don't want the bad guy to
realize this and destroy evidence of their crime. However, in these cases
it should be possible to use a subpoena or some other aspect of legal due
process in order to obtain the information confidentially.
Jordyn
On 10/30/06, Metalitz, Steven <met@xxxxxxx> wrote:
I had hoped to be able to improve the proposal with comments from other
task force members, but since these do not seem to have materialized, I
will aim to put this in final form this week.
Steve
-----Original Message-----
From: Ross Rader [mailto:ross@xxxxxxxxxx]
Sent: Sunday, October 29, 2006 8:56 PM
To: ross@xxxxxxxxxx
Cc: Metalitz, Steven; gnso-dow123@xxxxxxxxxxxxxx
Subject: Re: [gnso-dow123] Alternative proposal re Whois
Resent - not sure if it was sent/received last time around.
Ross Rader wrote:
> When do you expect this proposal to move to a more finished state?
>
> Metalitz, Steven wrote:
>> Attached please find an alternative proposal on Whois which I hope
>> the TF can consider. It is the result of discussions among members
>> of the IPC and other constituencies and is a working draft, based
>> largely on the model used for several years in the Dutch ccTLD, .NL.
>> I would be glad to take a few minutes on today's call to present it
>> and will ask that it be discussed in more detail on our next call. I
>> look forward to your comments and suggestions and would note again
>> that this is intended as a working draft, not a final product.
>> Steve Metalitz
>>
>>
>
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|