Re: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois

[Alan Greenberg <alan.greenberg@xxxxxxxxx>]

If there are registrars who have dispensation from publishing parts 
of Whois information due to local law (and presumably an exemption 
from ICANN), then we need to build a similar provision into the 
Thick-whois model. I have not heard of any such case, but that 
doesn't mean it doesn't exist.
Perhaps ICANN Compliance can tell us if there are any registrars who 
with permission do not publish aspects of their whois data.
Can we please have a concrete example of such a case?

Alan

At 29/01/2013 03:01 PM, Avri Doria wrote:

> Hi,
>
> What is private, or should is say PRIVATE, information under one 
> jurisdiction is not necessarily private under another.
> We cannot assume an US-centric definition of what is private as determinative.
>
> Part of the value of the separation of Registrar and Registry is 
> that it allows for different jurisdictions.  Even the GNSO 
> recognized this when it decided that no registrar could be forced to 
> reveal data against its national laws.  Moving all the data to the 
> Registry eliminates these jurisdictional protections and eliminates 
> one of the important differentiators between registrars.
> avri
>
>
> On 29 Jan 2013, at 11:48, Alan Greenberg wrote:
>
> >
> > The data passed to the registry is the same data that the 
> registrar would make fully public in Whois.
> >
> > Yes, the information may be transferred to another jurisdiction. 
> and that jurisdiction may treat PRIVATE information differently. If 
> a thick whois required a registrar to transfer PRIVATE information, 
> it could be an issue. But there is *NO* private data involved in 
> this transfer. So how that target jurisdiction treats private 
> information does not impact this discussion.
> >
> > Alan
> >
> > At 29/01/2013 01:51 PM, Avri Doria wrote:
> >
> >> Hi,
> >>
> >> As I understand it, in a thick whois, the Registrar would be 
> forced to pass all that information to the Registry.  At this point 
> they don't need to.
> >>
> >> So the information will then be transferred from one national 
> jurisdiction to another.  And those jurisdictions could have a very 
> different treatment of that private information.  That 
> jurisdictional shift is the crux of the problem.
> >>
> >> To the group: Apologies for making Rick so very angry at me.
> >>
> >> avri
> >>
> >>
> >>
> >> On 29 Jan 2013, at 10:39, Alan Greenberg wrote:
> >>
> >> >
> >> > I agree on all of these principles, but do not understand the 
> relevance to thick/thin Whois model. Why does the registry holding 
> a copy of the data WHICH IS ALREADY PUBLICLY AVAILABLE alter 
> anything? Privacy is still protected by the original registrar or 
> proxy provider based on the laws in their jurisdiction.
> >> >
> >> > An organization that works on gay issues can register in a 
> country and with a registrar that will hide their identity under 
> multiple levels and will even defend a UDRP if necessary, without 
> unmasking the original registrant". All that will show up in the 
> registry database is the top proxy provider - exactly what the 
> registrar would show in its Whois output in the thin model.
> >> >
> >> > I do note that as alluded to above, that most proxy providers 
> will unmask the original registrant as soon as a UDRP is filed, 
> even if that UDRP might have little merit. And even if the UDRP is 
> lost, the original registrant's name will be published in the 
> public report on the UDRP. I have never heard of anyone fighting to 
> change that rule!
> >> >
> >> > Alan
> >
> >