Re: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois

[Susan Kawaguchi <susank@xxxxxx>]

ICANN has a policy/process in place to manage a situation in which the
registrar/registry has a conflict with local law.

ICANN Procedure For Handling WHOIS Conflicts with Privacy Law,
http://www.icann.org/en/processes/icann-procedure-17jan08.htm


The Whois review team reviewed this policy and discussed it with ICANN
extensively.  There were a couple of registries ( I will have to look back
on my notes to find which ones) that went through this process with ICANN
but it has not been used widely by any means.

Susan Kawaguchi
Domain Name Manager
Facebook Legal Dept.

Phone - 650 485-6064





On 1/29/13 12:28 PM, "Ray Fassett" <ray@xxxxxxxxx> wrote:

>
>I am pretty sure .CAT is an example of a thick registry that does not
>broadcast to the world all thick data it receives from registrars.  Will
>they need to, such as in the case of a consensus policy requiring them to?
>I don't know.
>
>Ray
>
>-----Original Message-----
>From: owner-gnso-thickwhoispdp-wg@xxxxxxxxx
>[mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Avri Doria
>Sent: Tuesday, January 29, 2013 2:29 PM
>To: Thick Whois
>Subject: Re: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois
>
>
>Hi,
>
>Does this mean that registrars won't need to give true and full personal
>details to the registries under a thick whois regime?  Or that the
>registry
>won't need to broadcast this information to the world?
>
>avri
>
>
>
>On 29 Jan 2013, at 11:18, Ray Fassett wrote:
>
>> The registry can only republish the registrant information provided to
>> it by the sponsoring registrar of the registration, which I think is
>> to Alan's point of the registry "holding a copy".  This is true in the
>> thick registry model in all cases.
>> 
>> Ray
>> 
>> -----Original Message-----
>> From: owner-gnso-thickwhoispdp-wg@xxxxxxxxx
>> [mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Alan
>> Greenberg
>> Sent: Tuesday, January 29, 2013 1:40 PM
>> To: Avri Doria; Thick Whois
>> Subject: Re: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois
>> 
>> 
>> I agree on all of these principles, but do not understand the
>> relevance to thick/thin Whois model. Why does the registry holding a
>> copy of the data WHICH IS ALREADY PUBLICLY AVAILABLE alter anything?
>> Privacy is still protected by the original registrar or proxy provider
>> based on the laws in their jurisdiction.
>> 
>> An organization that works on gay issues can register in a country and
>> with a registrar that will hide their identity under multiple levels
>> and will even defend a UDRP if necessary, without unmasking the original
>registrant".
>> All that will show up in the registry database is the top proxy
>> provider - exactly what the registrar would show in its Whois output in
>the thin model.
>> 
>> I do note that as alluded to above, that most proxy providers will
>> unmask the original registrant as soon as a UDRP is filed, even if
>> that UDRP might have little merit. And even if the UDRP is lost, the
>> original registrant's name will be published in the public report on
>> the UDRP. I have never heard of anyone fighting to change that rule!
>> 
>> Alan
>> 
>> At 29/01/2013 01:01 PM, Avri Doria wrote:
>> 
>> 
>>> I disagree.  There are institutions, such a battered spouse
>>> organizations or organizations of gay activists in most of the world
>>> that can't afford to have their information made public.
>>> 
>>> One example: I am a member and activist volunteer of APC, Association
>>> for Progressive Communications - an Internet Human Rights group.  Its
>>> chair, who used to be the person listed in the WHOIS, has gotten
>>> phone calls and email death threats based on her WHOIS info, and has
>>> submitted statement on that at some point - I will try to dig it up.
>>> 
>>> Another example: Just recently Russia passed rule that makes any
>>> publication related to gay community or people is considered criminal.
>>> should those organization that work on gay issues be barred from
>>> protection because the country that holds the thick registry does not
>>> guarantee protection for organization of endangered peoples?  Better
>>> they should have the option of registering with a registrar in a
>>> country that values and protects privacy not only for individuals,
>>> but for the organizations of endangered users.
>>> 
>>> avri
>> 
>> 
>> 
>
>
>