RE: [gnso-dow123] For your review: Revised version of preliminary task force report on Whois services
- To: "'Maria Farrell'" <maria.farrell@xxxxxxxxx>
- Subject: RE: [gnso-dow123] For your review: Revised version of preliminary task force report on Whois services
- From: "Marilyn Cade" <marilynscade@xxxxxxxxxxx>
- Date: Mon, 6 Nov 2006 10:16:36 -0500
A couple of thoughts for fellow TF'ers.
I have concerns about the registrars being put into a very challenging
situation of creating 'on the fly' procedures for how to work with law
enforcement and other legitimate users of WHOIS data. I see that Ross
thinks that the present situation will 'scale' and I respect his personal
views, and those of the registrars.
However, I don't believe that this is supportable over 800 registrars. Some
form of standardized procedures will undoubtedly be needed to bring
certainty and predictability to registrants, irregardless of the interests
of registrars to develop kinds of services in this area.
The registrars will also find, over time, I suggest, that law enforcement
requests from the myriad number of law enforcement agencies, around the
world, are hard to deal with, and they will have to retain special lawyers,
etc. to ensure that they are getting the right legal documents, etc.
Instead, it appears that a standardized administrative procedure, with a
common format, and that always contains the relevant identifying information
of the requestor, would be advantageous.
In the development of the request related to the 'safe harbor' related to
data transfer, etc. there was a good deal of discussion about this kind of
situation and the demands that the multiple and diverse kinds of requests
meant to the intermediary.
I am concerned that it appears that registrars are emerging in some topics
as a new form of intermediary to negotiate on behalf of a registrant with
anyone who would need WHOIS data that is not publicly displayed. Registrants
today, in general, are not aware of that proposed new role. Some may say
that if you sign up for a proxy service that you read the agreement and
understand that you have agreed to that, and I am not disputing that,
however, OPOC puts this on a whole new scale and in my view, the public
comment process should take further comments on this, and also this question
should be asked of governments via the GAC, as one of the considerations of
both proposals for change.
I have previously posted that from the BC perspective, we wish to see the
special circumstances proposal developed along with the OPOC, but have
concerns that there are areas that neither address from the fuller ToR to
the TF. For instance, we have not discussed the possibilities that moving to
web based Whois could be a possible deterrent to using emails; or that
moving to standardized contractual terms for access to bulk access data, or
to port 43 data might help to cut down on any possible misuse of the data by
Also, I have sent Steve a few thoughts on possible edits to the special
circumstances proposal, that I need to leave in his hands as author of the
proposal or perhaps David Fares, another BC rep to the TF can read them. I
am unfortunately at the ITU and tied up due to circumstances of
intergovernmental organizational politics.
Finally, I keep hearing words of concern about ICANN becoming 'regulator',
etc. and that is why there can't be any guidelines, standards, etc. I think
that we need to get down to a realization that 'we' created ICANN to be in
lieu of intense and heavy regulation and a patchwork of laws and regulations
that gTLD registries and registrars have to study, analyze, and perform
against, as do the ISPs and communications service providers.
Certainly the threat of regulation is indeed out there. Better a form of
light contract based self governance then having to turn to the oversight
that is provided by the intergovernmental organizations. Or having to turn
to 140 different countries and complying with laws one by one, with
different services or some small variation by country. That's the present
situation in other sectors, such as in the data retention directive
implementation going on now.
Apologies for missing the call.
From: owner-gnso-dow123@xxxxxxxxx [mailto:owner-gnso-dow123@xxxxxxxxx] On
Behalf Of Ross Rader
Sent: Friday, November 03, 2006 9:35 PM
To: Maria Farrell
Subject: Re: [gnso-dow123] For your review: Revised version of preliminary
task force report on Whois services
Maria Farrell wrote:
> Dear all,
> Please find attached a revised version of preliminary task force report
> on Whois services for your review and discussion on next Monday's call.
> Please also be aware that constituency statements will be solicited
> during the public comments period that will be launched regarding this
> All the best, Maria
I've attached a marked up draft with my preliminary comments, here are
the accompanying notes:
pg. 4 - Points on which we have consensus - I don't believe we have
consensus that "most Registrants" do not understand the meaning or
purpose of the different contacts, but I believe that we have consensus
that "many Registrants and Whois users" do not understand the meaning.
Without doing some sort of exhaustive survey, we would be hard pressed
to state with any certainty whether or not the majority (most) of
registrants and whois users are confused by the purpose and use of contacts.
pg. 4 - Points on which we have consensus - we have consensus that less
data should be published in Whois. Both the OPOC proposal and the
Steve's special interest draft indicate that less data should be made
available. The OPOC proposal takes this a step further and says "less
data and different data" but no one has disagreed that less data should
be published (otherwise, why would there be a need for exceptions that
limit the data that gets published)
pg. 4 - Points on which we don't have consensus - we don't have
consensus on the OPOC proposition that "different" data should be
published. Steve's draft doesn't talk about publishing different data,
it talks about publishing less data, as does the OPOC proposal. The OPOC
proposal also talks about publishing different data, a point on which
there is no consensus (see above as well).
pg. 12 - I added some language to reflect the specific fact that the
proposal includes input and revisions from all constituencies.
pg 13 - I don't know if anyone has specifically proposed that processes
from the telecoms space would be used for access to unpublished data,
but that registrars would continue with current means of working with
law enforcement and rightsholders and document them in a statement of
pg 20 - I'm not sure that the general agreement is that providing
consumer education is within ICANN's mandate or not, so I have rephrased
this as a "should"
pg 25 - Steve's implication that the availability of a privacy option
increasing overall data accuracy is simply his conjecture - i.e. it is
not fact based. To the contrary, we have heard time and time again in
this TF from various industry experts, groups and stakeholders that the
when faced with a mandatory publication requirement, registrants are
induced to provide false data. Furthermore, a large body of research
exists suggesting that specific registrants will provide false data no
matter what the privacy option is. This stands in stark contrast to
Steve's guess that the availability of such an option might prove to
increase overall data accuracy. Therefore, I have removed the word
"indicated" and changed it to "surmised" based on the lack of factual
support for this statement.
pg 55 - Steve has clearly indicated that the version circulated to the
mailing list was a working draft and that a final submission would be
provided to the task force. The text of the submission also indicates
that the document is a draft copy, and not a final submission.
Therefore, the Annex title should be clearly marked as a draft for
review purposes and not as a final submission so as not to confuse the
reader as to the status of this proposal.
Please let me know if you have any questions.