Re: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois

[Susan Kawaguchi <susank@xxxxxx>]

No, you are understanding it.  There was criticism of the process because
it did not allow the proactive complying with local laws.  But on the
other hand ICANN is not dealing with a "what if" situation.
Susan Kawaguchi
Domain Name Manager
Facebook Legal Dept.

Phone - 650 485-6064





On 1/29/13 2:17 PM, "Don Blumenthal" <dblumenthal@xxxxxxx> wrote:

>Thanks. While the intro to the provisions has very general language about
>"legally prevented," the sections with specifics refer only to situations
>in which a contracted party is the subject of government action. Am I
>missing something here? Are there other measures that provide protection
>on the basis of an Ry or Rr assertion, and not only after information may
>have been published in violation of privacy laws?
>
>-----Original Message-----
>From: owner-gnso-thickwhoispdp-wg@xxxxxxxxx
>[mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Susan
>Kawaguchi
>Sent: Tuesday, January 29, 2013 4:26 PM
>To: 'Thick Whois'
>Subject: Re: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois
>
>
>ICANN has a policy/process in place to manage a situation in which the
>registrar/registry has a conflict with local law.
>
>ICANN Procedure For Handling WHOIS Conflicts with Privacy Law,
>http://www.icann.org/en/processes/icann-procedure-17jan08.htm
>
>
>The Whois review team reviewed this policy and discussed it with ICANN
>extensively.  There were a couple of registries ( I will have to look
>back on my notes to find which ones) that went through this process with
>ICANN but it has not been used widely by any means.
>
>Susan Kawaguchi
>Domain Name Manager
>Facebook Legal Dept.
>
>Phone - 650 485-6064
>
>
>
>
>
>On 1/29/13 12:28 PM, "Ray Fassett" <ray@xxxxxxxxx> wrote:
>
>>
>>I am pretty sure .CAT is an example of a thick registry that does not
>>broadcast to the world all thick data it receives from registrars.
>>Will they need to, such as in the case of a consensus policy requiring
>>them to?
>>I don't know.
>>
>>Ray
>>
>>-----Original Message-----
>>From: owner-gnso-thickwhoispdp-wg@xxxxxxxxx
>>[mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Avri Doria
>>Sent: Tuesday, January 29, 2013 2:29 PM
>>To: Thick Whois
>>Subject: Re: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois
>>
>>
>>Hi,
>>
>>Does this mean that registrars won't need to give true and full
>>personal details to the registries under a thick whois regime?  Or that
>>the registry won't need to broadcast this information to the world?
>>
>>avri
>>
>>
>>
>>On 29 Jan 2013, at 11:18, Ray Fassett wrote:
>>
>>> The registry can only republish the registrant information provided
>>> to it by the sponsoring registrar of the registration, which I think
>>> is to Alan's point of the registry "holding a copy".  This is true in
>>> the thick registry model in all cases.
>>> 
>>> Ray
>>> 
>>> -----Original Message-----
>>> From: owner-gnso-thickwhoispdp-wg@xxxxxxxxx
>>> [mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Alan
>>> Greenberg
>>> Sent: Tuesday, January 29, 2013 1:40 PM
>>> To: Avri Doria; Thick Whois
>>> Subject: Re: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois
>>> 
>>> 
>>> I agree on all of these principles, but do not understand the
>>> relevance to thick/thin Whois model. Why does the registry holding a
>>> copy of the data WHICH IS ALREADY PUBLICLY AVAILABLE alter anything?
>>> Privacy is still protected by the original registrar or proxy
>>> provider based on the laws in their jurisdiction.
>>> 
>>> An organization that works on gay issues can register in a country
>>> and with a registrar that will hide their identity under multiple
>>> levels and will even defend a UDRP if necessary, without unmasking
>>> the original
>>registrant".
>>> All that will show up in the registry database is the top proxy
>>> provider - exactly what the registrar would show in its Whois output
>>> in
>>the thin model.
>>> 
>>> I do note that as alluded to above, that most proxy providers will
>>> unmask the original registrant as soon as a UDRP is filed, even if
>>> that UDRP might have little merit. And even if the UDRP is lost, the
>>> original registrant's name will be published in the public report on
>>> the UDRP. I have never heard of anyone fighting to change that rule!
>>> 
>>> Alan
>>> 
>>> At 29/01/2013 01:01 PM, Avri Doria wrote:
>>> 
>>> 
>>>> I disagree.  There are institutions, such a battered spouse
>>>> organizations or organizations of gay activists in most of the world
>>>> that can't afford to have their information made public.
>>>> 
>>>> One example: I am a member and activist volunteer of APC,
>>>> Association for Progressive Communications - an Internet Human
>>>> Rights group.  Its chair, who used to be the person listed in the
>>>> WHOIS, has gotten phone calls and email death threats based on her
>>>> WHOIS info, and has submitted statement on that at some point - I
>>>>will try to dig it up.
>>>> 
>>>> Another example: Just recently Russia passed rule that makes any
>>>> publication related to gay community or people is considered criminal.
>>>> should those organization that work on gay issues be barred from
>>>> protection because the country that holds the thick registry does
>>>> not guarantee protection for organization of endangered peoples?
>>>> Better they should have the option of registering with a registrar
>>>> in a country that values and protects privacy not only for
>>>> individuals, but for the organizations of endangered users.
>>>> 
>>>> avri
>>> 
>>> 
>>> 
>>
>>
>>
>
>