RE: [gnso-thickwhois-dt] weekly status report

["Neuman, Jeff" <Jeff.Neuman@xxxxxxxxxx>]

Actually, I think we should never use the term "own."  Registrants "own" their 
own data.  Registrars have acquired a license to use that data from the 
registrants and presumably have sublicensed a right to that data to the 
registries for the sole purpose of maintaining the WHOIS database (whether thin 
or thick)."

Lets stay away from terms like "ownership" as I believe is not really relevant 
to the debate and is a highly volatile word evoking emotions.  The fact is that 
registrars are required by both ICANN and registries to collect this data and 
are required to grant certain rights to that data to the registries to display. 
 The granting of rights is there whether thin or thick.  It just so happens 
that there is less data collected by registries in a thin database.

I believe as was said by someone (cant remember who) that registrars agreements 
with registrants are generally the same whether you are registering a .com name 
or a .biz name with respect to the WHOIS information.  I am not able to see a 
difference in the license given by the registrant to the registrar in those two 
cases.  Therefore, I personally believe that a registrant has given the same 
license to the data whether the registry is thin or thick and therefore believe 
that a registrant's expectation for .com vs. .biz is the same.  Thus, I am not 
sure that the argument that we cannot change .com from thin to thick because a 
registrant hasn't given that license to the registrar is fairly weak.

However, that is a substantive argument, not really for the charter...other 
than to state that the issues of transferability of data and its implications 
need to be examined.

Thanks.

Jeffrey J. Neuman
Neustar, Inc. / Vice President, Business Affairs


From: owner-gnso-thickwhois-dt@xxxxxxxxx 
[mailto:owner-gnso-thickwhois-dt@xxxxxxxxx] On Behalf Of tim@xxxxxxxxxxx
Sent: Thursday, September 27, 2012 2:04 PM
To: Mike O'Connor; owner-gnso-thickwhois-dt@xxxxxxxxx; Ray Fassett
Cc: 'Metalitz, Steven'; 'Volker Greimann'; 'Drazek, Keith'; 
Gnso-thickwhois-dt@xxxxxxxxx
Subject: Re: [gnso-thickwhois-dt] weekly status report

Don't confuse whois data with customer data. ICANN owns the whois data. 
Registrars own the customer data. There may be a lot of data in common, but 
they are not the same thing.

Tim
________________________________
From: "Mike O'Connor" <mike@xxxxxxxxxx<mailto:mike@xxxxxxxxxx>>
Sender: 
owner-gnso-thickwhois-dt@xxxxxxxxx<mailto:owner-gnso-thickwhois-dt@xxxxxxxxx>
Date: Thu, 27 Sep 2012 12:20:38 -0500
To: Ray Fassett<ray@xxxxxxxxx<mailto:ray@xxxxxxxxx>>
Cc: 'Metalitz, Steven'<met@xxxxxxx<mailto:met@xxxxxxx>>; 'Volker 
Greimann'<vgreimann@xxxxxxxxxxxxxxx<mailto:vgreimann@xxxxxxxxxxxxxxx>>; 
'Drazek, Keith'<kdrazek@xxxxxxxxxxxx<mailto:kdrazek@xxxxxxxxxxxx>>; 
<Gnso-thickwhois-dt@xxxxxxxxx<mailto:Gnso-thickwhois-dt@xxxxxxxxx>>
Subject: Re: [gnso-thickwhois-dt] weekly status report

hi Ray,

i think i agree -- i was thinking the word in the database/technical way when 
Tim originally raised the point -- whereas there is indeed a broader definition 
relating to who has authority over the data.  i can imagine a scenario where 
the authoritative data store (in a database sense) is with the registry, but 
the registrars are the entities that have authority over that data due to their 
relationship with customers.

i think we need clearer words, and we also need to pick which one we intend.  
i'm stuck on what those clearer words would be, but i think that may be because 
of my unfamiliarity with the nuance here.  are there two good words that 
highlight the difference?

once we've got the right words, we've then got an interesting choice to make as 
to which one.  clearly, a key "scope" discussion that needs to get resolved 
before we wrap up the chartering.

thanks,

mikey


On Sep 27, 2012, at 10:48 AM, "Ray Fassett" 
<ray@xxxxxxxxx<mailto:ray@xxxxxxxxx>> wrote:


It seems to me that Mikey's suggestion of "adding something like this": Other 
implications of migrating the "authoritative" repository for registrant data 
from Registrars to the Registry has had the effect of us identifying a "vast 
majority" vs. those not part of the vast majority.  If so, I think this means 
the scope of the issues may have the result of the WG segregating a minority of 
gTLD's from the majority of gTLD's in going about their work on the issues.  
Personally, I think the word "authoritative", and trying to fit this word into 
the Charter in some common and understood context, has complicated things.

Ray

From: 
owner-gnso-thickwhois-dt@xxxxxxxxx<mailto:owner-gnso-thickwhois-dt@xxxxxxxxx> 
[mailto:owner-gnso-thickwhois-dt@xxxxxxxxx<mailto:gnso-thickwhois-dt@xxxxxxxxx>]
 On Behalf Of Metalitz, Steven
Sent: Thursday, September 27, 2012 10:44 AM
To: 'Volker Greimann'; Drazek, Keith
Cc: Gnso-thickwhois-dt@xxxxxxxxx<mailto:Gnso-thickwhois-dt@xxxxxxxxx> PDP DT
Subject: RE: [gnso-thickwhois-dt] weekly status report

Volker makes the important point that this issue already exists, it is not 
created by a move to thick Whois.  And what Keith says about a registry that 
"has always had thick whois" is equally true about any registry that "has not 
always had thick Whois" - "The registrants in those TLDs gave their consent for 
the data transfer upon registration of their domain name(s)."  This is true of 
every single gTLD domain name in existence, because of the RAA provision that 
requires registrars to obtain this consent.

Similarly, the issue of "authoritativeness"  of Whois data in the thick 
registry setting already exists in the vast majority of gTLD registries.  I 
appreciate Tim's view that perhaps registrars that service thick registries 
should not be required to maintain Whois data any more, but that would require 
a change in the RAA and clearly seems out of scope for this PDP.

In sum I think the draft adequately captures the scope of the issues that the 
Working Group needs to address.

Steve Metalitz



From: 
owner-gnso-thickwhois-dt@xxxxxxxxx<mailto:owner-gnso-thickwhois-dt@xxxxxxxxx> 
[mailto:owner-gnso-thickwhois-dt@xxxxxxxxx]<mailto:[mailto:owner-gnso-thickwhois-dt@xxxxxxxxx]>
 On Behalf Of Volker Greimann
Sent: Tuesday, September 25, 2012 4:23 AM
To: Drazek, Keith
Cc: Gnso-thickwhois-dt@xxxxxxxxx<mailto:Gnso-thickwhois-dt@xxxxxxxxx> PDP DT
Subject: Re: [gnso-thickwhois-dt] weekly status report

Hi Keith,

I agree that cross-border transfers of data would be an issue for registries 
switching to a thick model, however all registrants have allready agreed to the 
publication of the data, and in many cases also to a transfer abroad due to 
many registrar policies having been written with both thick and thin models in 
mind. Registrants also agreed to be bound by policy changes. Still, the issue 
is not negligible. Maybe it could be solved by the registry by setting up data 
centers in such jurisdictions where data transfer would be problematic, and the 
central register only pointing to the geographic location of the domain, just 
as currently they point to the individual registrars?

This is an issue that needs more thought.

Volker
Hi Volker,

Thanks for the insight. It sounds like there could be multiple models of Whois 
Data authority, which seems appropriate.

Another question around the "authoritative" issue concerns privacy laws and 
anticipated cross-border transfers of data.

For a TLD that has always had Thick Whois, the rules were established (and 
presumably accepted by the registrants in their registration agreement with the 
registrar) from their initial launch date. The registrants in those TLDs gave 
their consent for the data transfer upon registration of their domain name(s).

However, transferring personal Whois data for 100+ million registrations from 
scores of international jurisdictions to a single entity could raise additional 
privacy concerns. The question of which entity in which jurisdiction has 
"authority" over the Whois data may need to be considered by the WG and should 
not necessarily be presumed to be the registry in every case, dependent upon 
national laws and the range of service offerings across various registries.

Thanks, Keith


<image001.gif>

Keith Drazek
Director of Policy
kdrazek@xxxxxxxxxxxx<mailto:kdrazek@xxxxxxxxxxxx>

m: +1-571-377-9182
21345 Ridgetop Circle Dulles, VA 20166

VerisignInc.com<http://www.verisigninc.com/>

<image003.gif>



From: Volker Greimann [mailto:vgreimann@xxxxxxxxxxxxxxx]
Sent: Monday, September 24, 2012 1:05 PM
To: Drazek, Keith
Cc: Gnso-thickwhois-dt@xxxxxxxxx<mailto:Gnso-thickwhois-dt@xxxxxxxxx> PDP DT
Subject: Re: [gnso-thickwhois-dt] weekly status report

Hi Keith,

I see your point, but I do not believe it to be as much of an issue as you make 
of it. The registry in any thick whois TLD is the central repository of all 
whois data, regardly of where it was registered. The registrar is responsible 
to provide the data to the registry. Verification can be assumed and performed 
by either. In the new RAA, registrars will most likely assume some of the 
responsibility, but the launch of .XXX has show this can also be performed on a 
registry level. In fact, some ccTLDs such as .US also perform routine 
validations on the registration requirements.

On the other hand, we have now seen cases where a "thick registry" has made 
modifications to the registration based on court orders or other events, which 
were not always notified to the registrar, i.e. left the registrar database out 
of synch with the registrar database, yet these changes were authoritative as 
far as the ownership of the domain is concerned. Whereas registrars must always 
update the registry to effect a change of data in a thick TLD. In other words, 
as the registry database is the last word on the data, it should be the 
authoritative source.

Best,

Volker


Tim raises an important point, including the question of whether registries or 
registrars are authoritative for Whois data.

I have concerns about a registry being authoritative for Whois data when it has 
no direct connection to the registrant. As discussed on our last call, the 
registry receives Whois data from the Registrar, not from the registrant. As 
such, the registry has no way of independently confirming/verifying/validating 
that the data is accurate. I think this distinction becomes more of an issue if 
there's a future requirement for validation or verification of registrant Whois 
data, as requested by the GAC.

Ultimately, having a Thick Whois database at the registry level only 
centralizes the data...it doesn't make it any more accurate, validated, 
verified, etc. since registries simply accept what is submitted by the 
registrars.

I understand that some of the existing thick registries may already be 
authoritative for their TLD's Whois data, so perhaps we can benefit from their 
experience.

This issue may or may not fit into the draft charter, but it's probably worth 
discussing further on our next call.

Thanks, Keith

<image001.gif>

Keith Drazek
Director of Policy
kdrazek@xxxxxxxxxxxx<mailto:kdrazek@xxxxxxxxxxxx>

m: +1-571-377-9182
21345 Ridgetop Circle Dulles, VA 20166

VerisignInc.com<http://www.verisigninc.com/>

<image003.gif>



From: 
owner-gnso-thickwhois-dt@xxxxxxxxx<mailto:owner-gnso-thickwhois-dt@xxxxxxxxx> 
[mailto:owner-gnso-thickwhois-dt@xxxxxxxxx] On Behalf Of Tim Ruiz
Sent: Monday, September 24, 2012 12:27 PM
To: Mike O'Connor; 
Gnso-thickwhois-dt@xxxxxxxxx<mailto:Gnso-thickwhois-dt@xxxxxxxxx> PDP DT
Subject: RE: [gnso-thickwhois-dt] weekly status report

Thanks Mikey,

Sorry I haven't been able to make the calls, one thing or another has come up. 
I think the current draft and changes look good but I do have one 
comment/concern.

It seems to assumes if all regitries are thick that registrars will still be 
required to maintain a set of WHOIS data themselves. However, if the registries 
are all thick and authoritative for WHOIS data then I see no reason why a 
registrar should continue to be required to maintain a duplicate set of the 
data, especially since it will also be escrowed by the registry. I would think 
a number of registrars would find it useful and cost effective to simply use a 
registry's authoritative data instead of trying to maintain it themselves. And 
I can easily see an effort by registrars to change the RAA and/or policies to 
reflect that.
So I don't think the PDP group should assume that both registrars and 
registries will continue to maintain the data. It may be good to note that 
possibility. Or alternatively, that may be a question they want to consider. I 
don't think it would necessarily be out of scope since it is tightly associated 
with whether all registries are thick or not, but others may have a different 
opinion.
Best,
Tim

-------- Original Message --------
Subject: [gnso-thickwhois-dt] weekly status report
From: "Mike O'Connor" <mike@xxxxxxxxxx<mailto:mike@xxxxxxxxxx>>
Date: Sat, September 22, 2012 10:03 am
To: "Gnso-thickwhois-dt@xxxxxxxxx<mailto:Gnso-thickwhois-dt@xxxxxxxxx> PDP DT"
<Gnso-thickwhois-dt@xxxxxxxxx<mailto:Gnso-thickwhois-dt@xxxxxxxxx>>

hi all,

here's the status report for this week. i *think* we're wringing out the last 
issues in the draft. so this would be a good time to take a look at the latest 
version. what seems to be working well is to run your ideas through the list so 
then we can work through them on the call. here's a link to the draft i pushed 
out after the last call.

http://forum.icann.org/lists/gnso-thickwhois-dt/doc3QzSkLIUIQ.doc

and here's the status report. i'm hoping we can get to a draft we can push out 
for a consensus call by the end of the meeting on Thursday.

thanks,

mikey



________________________________


- - - - - - - - -
phone 651-647-6109
fax 866-280-2356
web http://www.haven2.com
handle OConnorStP (ID for public places like Twitter, Facebook, Google, etc.)





--

Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.



Mit freundlichen Grüßen,



Volker A. Greimann

- Rechtsabteilung -



Key-Systems GmbH

Im Oberen Werk 1

66386 St. Ingbert

Tel.: +49 (0) 6894 - 9396 901

Fax.: +49 (0) 6894 - 9396 851

Email: vgreimann@xxxxxxxxxxxxxxx<mailto:vgreimann@xxxxxxxxxxxxxxx>



Web: www.key-systems.net<http://www.key-systems.net> / 
www.RRPproxy.net<http://www.RRPproxy.net>

www.domaindiscount24.com<http://www.domaindiscount24.com> / 
www.BrandShelter.com<http://www.BrandShelter.com>



Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:

www.key-systems.net/facebook<http://www.key-systems.net/facebook>

www.twitter.com/key_systems<http://www.twitter.com/key_systems>



Geschäftsführer: Alexander Siffrin

Handelsregister Nr.: HR B 18835 - Saarbruecken

Umsatzsteuer ID.: DE211006534



Member of the KEYDRIVE GROUP

www.keydrive.lu<http://www.keydrive.lu>



Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.



--------------------------------------------



Should you have any further questions, please do not hesitate to contact us.



Best regards,



Volker A. Greimann

- legal department -



Key-Systems GmbH

Im Oberen Werk 1

66386 St. Ingbert

Tel.: +49 (0) 6894 - 9396 901

Fax.: +49 (0) 6894 - 9396 851

Email: vgreimann@xxxxxxxxxxxxxxx<mailto:vgreimann@xxxxxxxxxxxxxxx>



Web: www.key-systems.net<http://www.key-systems.net> / 
www.RRPproxy.net<http://www.RRPproxy.net>

www.domaindiscount24.com<http://www.domaindiscount24.com> / 
www.BrandShelter.com<http://www.BrandShelter.com>



Follow us on Twitter or join our fan community on Facebook and stay updated:

www.key-systems.net/facebook<http://www.key-systems.net/facebook>

www.twitter.com/key_systems<http://www.twitter.com/key_systems>



CEO: Alexander Siffrin

Registration No.: HR B 18835 - Saarbruecken

V.A.T. ID.: DE211006534



Member of the KEYDRIVE GROUP

www.keydrive.lu<http://www.keydrive.lu>



This e-mail and its attachments is intended only for the person to whom it is 
addressed. Furthermore it is not permitted to publish any content of this 
email. You must not use, disclose, copy, print or rely on this e-mail. If an 
addressing or transmission error has misdirected this e-mail, kindly notify the 
author by replying to this e-mail or contacting us by telephone.










--

Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.



Mit freundlichen Grüßen,



Volker A. Greimann

- Rechtsabteilung -



Key-Systems GmbH

Im Oberen Werk 1

66386 St. Ingbert

Tel.: +49 (0) 6894 - 9396 901

Fax.: +49 (0) 6894 - 9396 851

Email: vgreimann@xxxxxxxxxxxxxxx<mailto:vgreimann@xxxxxxxxxxxxxxx>



Web: www.key-systems.net<http://www.key-systems.net> / 
www.RRPproxy.net<http://www.RRPproxy.net>

www.domaindiscount24.com<http://www.domaindiscount24.com> / 
www.BrandShelter.com<http://www.BrandShelter.com>



Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:

www.key-systems.net/facebook<http://www.key-systems.net/facebook>

www.twitter.com/key_systems<http://www.twitter.com/key_systems>



Geschäftsführer: Alexander Siffrin

Handelsregister Nr.: HR B 18835 - Saarbruecken

Umsatzsteuer ID.: DE211006534



Member of the KEYDRIVE GROUP

www.keydrive.lu<http://www.keydrive.lu>



Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.



--------------------------------------------



Should you have any further questions, please do not hesitate to contact us.



Best regards,



Volker A. Greimann

- legal department -



Key-Systems GmbH

Im Oberen Werk 1

66386 St. Ingbert

Tel.: +49 (0) 6894 - 9396 901

Fax.: +49 (0) 6894 - 9396 851

Email: vgreimann@xxxxxxxxxxxxxxx<mailto:vgreimann@xxxxxxxxxxxxxxx>



Web: www.key-systems.net<http://www.key-systems.net> / 
www.RRPproxy.net<http://www.RRPproxy.net>

www.domaindiscount24.com<http://www.domaindiscount24.com> / 
www.BrandShelter.com<http://www.BrandShelter.com>



Follow us on Twitter or join our fan community on Facebook and stay updated:

www.key-systems.net/facebook<http://www.key-systems.net/facebook>

www.twitter.com/key_systems<http://www.twitter.com/key_systems>



CEO: Alexander Siffrin

Registration No.: HR B 18835 - Saarbruecken

V.A.T. ID.: DE211006534



Member of the KEYDRIVE GROUP

www.keydrive.lu<http://www.keydrive.lu>



This e-mail and its attachments is intended only for the person to whom it is 
addressed. Furthermore it is not permitted to publish any content of this 
email. You must not use, disclose, copy, print or rely on this e-mail. If an 
addressing or transmission error has misdirected this e-mail, kindly notify the 
author by replying to this e-mail or contacting us by telephone.







- - - - - - - - -
phone    651-647-6109
fax                          866-280-2356
web        http://www.haven2.com
handle   OConnorStP (ID for public places like Twitter, Facebook, Google, etc.)