Re: [gnso-reg-sgc] Commercial vs. Non-commercial

["Bertrand de La Chapelle" <bdelachapelle@xxxxxxxxx>]

Dear all,

(Been in Geneva for almost two weeks in various WSIS meetings and trying to
catch up.)

On the commercial-non-commercial distinction, given the difficulty to define
precise boundaries, the challenge is to avoid falling once again in the "all
or nothing" debate. So I'll venture a tentative approach below.

As Milton mentions, internet presence is multi-functional and people status
can vary from completely non-commercial to completely commercial. I
understand there is more or less agreement that :

  - legal entities pose no problem (privacy protection is not
  applicable, and companies in any case can have contacts such as
  administrator@xxxxxxxxxxxx))
  - privacy of individuals with absolutely non-commercial activities
  must be protected
  - individuals conducting mainly commercial activities should probably
  not enjoy the same benefits.

Now, the interesting part is the middle zone and the questions of
enforceability and simplicity are key. So, may I suggest the following
approach :

  - the key distinction would indeed be legal entity vs individual
  - in order to benefit from a protection of their personal information,
  individual registrants would self-declare as individuals and indicate they
  do not intend to "primarily" conduct a commercial activity under this domain
  name (the word primarily or an equivalent is key here)
  - "manifest conduct of a primarily commercial activity" on the domain
  name would be recognized as a valid justification for any third party to
  request access to the full data;
  - recognition of such a "manifest conduct of a primarily commercial
  activity" would be done by accredited entities (to be determined) and would
  trigger full requalification of the record and therefore full exposure of
  the contact data.

Criteria for evaluating the commercial nature of the activity could include
elements like the ones listed by Lynn and Christopher. But the key
modification would be  the notion of  "primary  activity".

Agreement on this approach would allow progressing to the next step : the
definition of the relevant accredited entities, their procedures and
potential appeal process. National bodies (including privacy commissioners
where they exist) and courts could probably be integrated to provide a
distributed and still interoperable system.

This proposed procedure adresses basically a subgroup c issue in order to
try to bridge differences regarding the commercial-non-commercial nature of
the registrant. It does not address the issue of requests to access private
data on the basis of any wrongdoing by the domain name holder.

Still, the question of the accredited entities could of course be discussed
in connection with the work of sub-group b (if some entities have full right
of access) and even sub-group a if people believe this should be a
responsibility of the OPoC).

Hope this helps. This is of course just a proposal and comments are welcome.


Best

Bertrand


P.S. : This is not a formal proposal by the french government in a
negotiation, but an attempt to help identify common points that seemed to
emerge from the discussion. So I must warn in advance that this is just
exploratory work to try and define the best global public interest. We are
all exploring the new multi-stakeholder format of such combined working
groups and no one should underestimate the difficulty to articulate this
fast-paced online discussion format with the slower and more structured
decision-making processes within governments. Thanks for your patience and
understanding :-)


On 5/23/07, Milton Mueller <Mueller@xxxxxxx> wrote:
> Lynn:
> Insofar as your approach is valid, I see no need for a
> "commercial/noncommercial" distinction, only a need for a legal
> person/natural person distinction.
>
> I feel that your approach may not recognize the multi-functional nature
> of an internet presence. An online identity such as a domain name,
> particularly for natural persons, may be the basis for both private and
> fundraising-related activities.
>
> Many nonprofit activities are informal and never achieve the status of
> a tax-exempt, formally recognized charity. To treat advocacy groups of
> this sort as "commercial" because they run a garage sale or solicit
> financial support seems self-evidently absurd, and represents the kind
> of overreach we need to avoid.
>
> Likewise, a person may indeed be engaged in commercial activity but
> still be an individual, legal natural person working at home, and thus
> have a legitimate reason not to want to expose the contact information.
>
>
> People on your side of the fence on this issue are fond of pointing out
> that no one "is forced to" register a domain name. I would also point
> out that no one "is forced to" do business with or donate money to
> someone who they can't identify using Whois.
>
> I'd suggest that you discard the commercial/noncommercial distinction
> as a basis for defining the status of whois exposure and rely instead on
> legal vs. natural persons.
>
> >>> "Goodendorf, Lynn (IHG)" <Lynn.Goodendorf@xxxxxxx> 5/22/2007 8:14
> AM >>>
> Based on concepts in the EU Privacy Directive, data protection is
> applied to natural persons engaged in private activities.
>
> Yes, the person advertising a local garage sale would be commercial
> and
> I would expect they would advertise their address.
>
> A person putting their resume online would be independent from domain
> name registration.
>
> And yes, trading on ebay is commercial and is collecting and
> processing
> personal data of others.
>
> Raising funds for a charity is part of a legal entity, not a natural
> person.  As such, the legal entity is not covered under data
> protection.
>
> Someone keeping records for their club or sports team would be private
> and not commercial.
>
> My sorting above is based on the following sections of the EU Privacy
> Directive:
>
> Paragraph (12)of the EU Privacy Directive states:
> "Whereas the protection principles must apply to all processing of
> personal data by any person whose activities are governed by Community
> law; whereas there should be excluded the processing of data carried
> out
> by a natural person in the exercise of activities which are
> exclusively
> personal or domestic, such as correspondence and the holding of
> records
> of addresses."
>
> Paragraph (37)of the EU Privacy Directive states:
> "Whereas the processing of personal data for purposes of journalism or
> for purposes of literary or artistic expression, in particular in the
> audiovisual field, should qualify for exemption from the requirements
> of
> certain provisions of this Directive in so far as this is necessary to
> reconcile the fundamental rights of individuals with freedom of
> information and notably the right to receive and impart information,
> as
> guaranteed in particular in Article 10 of the European Convention for
> the Protection of Human Rights....
>
> -----Original Message-----
> From: owner-gnso-reg-sgc@xxxxxxxxx
> [mailto:owner-gnso-reg-sgc@xxxxxxxxx]
> On Behalf Of Avri Doria
> Sent: Tuesday, May 22, 2007 1:59 AM
> To: gnso-reg-sgc@xxxxxxxxx
> Subject: Re: [gnso-reg-sgc] Commercial vs. Non-commercial
>
> hi,
>
> i am having some trouble understanding the implications of the
> decision
> procedure.
> A couple of test questions that might help me;
>
> - would the person advertising a local garage sale be commercial?
> - would  a person advertising an online 'garage sale' be commercial?
> - would a person putting their resume on line saying they were looking
> for work be commercial?
> - does engaging in ebay make you commercial?
> - does raising funds for a charity on line make one commercial?
> - if someone keeps the records for the local futbol team, their wine
> society, or the local theatre group, are they commercial?
>
> a.
>
>
>
> On 21 maj 2007, at 18.56, Christopher Gibson wrote:
>
> > _____________________________________
> >
> >
> > Commercial vs. Non-Commercial Activity
> >
> >
> >
> > For purposes of considering issues related to access to, and
> > disclosure of, WHOIS data:
> >
> >
> >
> > (1) Step One - the registered name holder is a:
> >
> >
> >
> > (a) legal person (e.g., companies, businesses, partnerships, non-
> > profit entities, etc.,), or
> >
> >
> >
> > (b) natural person.
> >
> >
> >
> > (We assume the distinction between legal vs. natural persons would
> > apply, so that the commercial vs. non-commercial distinction needs to
>
> > be considered only in relation to natural persons).
> >
> >
> >
> > (2) Step Two
> >
> >
> >
> > (a) commercial activity means only those activities carried out by
> > natural persons which involve:
> >
> >
> >
> > (i) the offer or sale of goods or services;
> >
> >
> >
> > (ii) the solicitation or collection of money or payments-in-kind
> > for goods or services;
> >
> >
> >
> > (iii) marketing activities including advertising or sale of
> > advertising (e.g., these categories would include websites
> > containing paid hypertext links);
> >
> >
> >
> > (iv) all activities carried out by natural persons on behalf of
> > legal persons; or
> >
> >
> >
> > (v) the collection, holding or processing of personal data (or
> > instructing another legal or natural person to collect, hold,
> > process, use, transfer or disclose such data), except in the
> > exercise of activities which relate exclusively to personal,
> > family, domestic or household affairs, such as correspondence or
> > the holding of address books containing family, friends and
> > professional contacts.
> >
> >
> >
> > (b) non-commercial activity means activities by natural persons
> > which do not fall within paragraph (2)(a) above.
> >
> >
> >
> > ___________________________________
> >
> >


--
____________________
Bertrand de La Chapelle
Délégué Spécial pour la Société de l'Information / Special Envoy for the
Information Society
Ministère des Affaires Etrangères / French Ministry of Foreign Affairs
Tel : +33 (0)6 11 88 33 32

"Le plus beau métier des hommes, c'est d'unir les hommes" Antoine de Saint
Exupéry
("there is no better mission for humans than uniting humans")