Re: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois

[Rick Wesson <rick@xxxxxxxxxxxxxxxxxxxxxxxx>]

Ray,

I am not a member of the Registry Stakeholder Group.

-rick

On Wed, Jan 30, 2013 at 7:30 AM, Ray Fassett <ray@xxxxxxxxx> wrote:
> The Registry Stakeholder Group raised the upfront concern this PDP would
> have to be careful not to single out specific TLD's towards the goal of
> achieving consensus policy.  Using criteria to distinguish, for example,
> .CAT/.TEL from  .COM/.NET for purposes of arriving at a policy decision
> could potentially be interpreted to have this effect.
>
> Ray
>
> -----Original Message-----
> From: owner-gnso-thickwhoispdp-wg@xxxxxxxxx
> [mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Volker Greimann
> Sent: Wednesday, January 30, 2013 10:05 AM
> To: Rick Wesson
> Cc: Don Blumenthal; Alan Greenberg; Avril Doria; Thick Whois
> Subject: Re: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois
>
>
> I do not think matters of policy do or should depend on volume of
> registrations. Regardless, .TEL has a deviating whois policy as well and
> that was permitted even before it was known how large they would get.
>
> Best,
>
> Volker
>
>> I believe that the main difference between .CAT/.TEL and COM/NET are
>> numbers. .CAT has too few registrations to matter or effect many
>> registrars.
>>
>> I have attached the ICANN registry transactions report for .CAT. There
>> are 27 registrars and total domains under management for the entire
>> TLD was 57,000
>>
>> There are 57,000 com/net domain registered every few hours.
>>
>> Really the policies that can be requested by/for a VI Registry (vi is
>> a unix text editor) are much different than policy that would be
>> reasonable for the world. com/net represent the bulk of registrations.
>> My terminology might not be familiar.... A (vi) registry is one that
>> could be run with a text editor to manage zone file which is used to
>> publish the DNS.
>>
>> My point is that .CAT is too small to matter. See their transactions
>> report. Who is impacted, turns out almost no one. So, .CAT turns out
>> to be a bad example to use for policy because they almost dont exist.
>>
>> -rick
>>
>>
>> On Wed, Jan 30, 2013 at 6:15 AM, Volker Greimann
>> <vgreimann@xxxxxxxxxxxxxxx> wrote:
>>> To obtain that information, we may want to contact the operators of
>>> .CAT and .TEL who used such evidence to get their exceptions
>>> confirmed by ICANN or look at  their RSEP applications for change. I
>>> believe that .CAT obtained various confirmations that the proposed
>>> (new) policy was more in line with the European data protection
> guidelines than the ICANN vanilla policy.
>>>
>>> Here is the RSEP application with some added documentation:
>>> http://www.icann.org/en/registries/rsep/puntcat-cat-request-05oct11-e
>>> n.pdf
>>>
>>> Note especially the letter from spanish data protection authorties,
>>> and this
>>> statement:
>>> "The solution offered by the inquirer in this regard appears to be
>>> more appropriate than that which currently exists in protecting this
>>> fundamental right, as it ensures the confidentiality of the personal
>>> data of domain name owners and establishes a system enabling
>>> interested parties to contact them, thus providing a more complete
>>> fulfilment of the proportionality principle.
>>> Logically, this solution would imply that the inquirer perform a new
>>> processing of the personal data of those wishing to contact the
>>> domain name owner, which must likewise abide by the provisions of
>>> Organic Law 15/1999, whereby the interested party must be informed of
>>> the processing of his/her personal data and the other principles,
>>> rights and obligations provided for by this Law must be observed. In
>>> addition, the inquirer must report the file created for registration
>>> in the Data Protection General Registry and keep the data the least
>>> possible amount of time necessary to fulfil the purpose justifying
>>> their processing."
>>>
>>> Volker
>>>
>>> I've seen claims that it may not be legal to publish Whois
>>> information in some countries. As has been noted, we need more than
>>> unsupported statements in our work, but that situation could create
>>> problems if a thick Ry were in a different country from the Rr.
>>>
>>> The claims weren't from this group but can anybody provide documentation?
>>>
>>> Don
>>>
>>> -----Original Message-----
>>> From: owner-gnso-thickwhoispdp-wg@xxxxxxxxx
>>> [mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Alan
>>> Greenberg
>>> Sent: Tuesday, January 29, 2013 2:48 PM
>>> To: Avril Doria; Thick Whois
>>> Subject: Re: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois
>>>
>>>
>>> The data passed to the registry is the same data that the registrar
>>> would make fully public in Whois.
>>>
>>> Yes, the information may be transferred to another jurisdiction. and
>>> that jurisdiction may treat PRIVATE information differently. If a
>>> thick whois required a registrar to transfer PRIVATE information, it
> could be an issue.
>>> But there is *NO* private data involved in this transfer. So how that
>>> target jurisdiction treats private information does not impact this
> discussion.
>>>
>>> Alan
>>>
>>> At 29/01/2013 01:51 PM, Avri Doria wrote:
>>>
>>> Hi,
>>>
>>> As I understand it, in a thick whois, the Registrar would be forced
>>> to pass all that information to the Registry.  At this point they
>>> don't need to.
>>>
>>> So the information will then be transferred from one national
>>> jurisdiction to another.  And those jurisdictions could have a very
>>> different treatment of that private information.  That jurisdictional
>>> shift is the crux of the problem.
>>>
>>> To the group: Apologies for making Rick so very angry at me.
>>>
>>> avri
>>>
>>>
>>>
>>> On 29 Jan 2013, at 10:39, Alan Greenberg wrote:
>>>
>>> I agree on all of these principles, but do not understand the
>>>
>>> relevance to thick/thin Whois model. Why does the registry holding a
>>> copy of the data WHICH IS ALREADY PUBLICLY AVAILABLE alter anything?
>>> Privacy is still protected by the original registrar or proxy
>>> provider based on the laws in their jurisdiction.
>>>
>>> An organization that works on gay issues can register in a
>>>
>>> country and with a registrar that will hide their identity under
>>> multiple levels and will even defend a UDRP if necessary, without
>>> unmasking the original registrant". All that will show up in the
>>> registry database is the top proxy provider - exactly what the
>>> registrar would show in its Whois output in the thin model.
>>>
>>> I do note that as alluded to above, that most proxy providers
>>>
>>> will unmask the original registrant as soon as a UDRP is filed, even
>>> if that UDRP might have little merit. And even if the UDRP is lost,
>>> the original registrant's name will be published in the public report
>>> on the UDRP. I have never heard of anyone fighting to change that
>>> rule!
>>>
>>> Alan
>>>
>>>
>>>
>>> --
>>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>>>
>>> Mit freundlichen Grüßen,
>>>
>>> Volker A. Greimann
>>> - Rechtsabteilung -
>>>
>>> Key-Systems GmbH
>>> Im Oberen Werk 1
>>> 66386 St. Ingbert
>>> Tel.: +49 (0) 6894 - 9396 901
>>> Fax.: +49 (0) 6894 - 9396 851
>>> Email: vgreimann@xxxxxxxxxxxxxxx
>>>
>>> Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com
>>> / www.BrandShelter.com
>>>
>>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
>>> www.facebook.com/KeySystems
>>> www.twitter.com/key_systems
>>>
>>> Geschäftsführer: Alexander Siffrin
>>> Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.:
>>> DE211006534
>>>
>>> Member of the KEYDRIVE GROUP
>>> www.keydrive.lu
>>>
>>> Der Inhalt dieser Nachricht ist vertraulich und nur für den
>>> angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe,
>>> Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist
>>> unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so
>>> bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu
> setzen.
>>>
>>> --------------------------------------------
>>>
>>> Should you have any further questions, please do not hesitate to contact
> us.
>>>
>>> Best regards,
>>>
>>> Volker A. Greimann
>>> - legal department -
>>>
>>> Key-Systems GmbH
>>> Im Oberen Werk 1
>>> 66386 St. Ingbert
>>> Tel.: +49 (0) 6894 - 9396 901
>>> Fax.: +49 (0) 6894 - 9396 851
>>> Email: vgreimann@xxxxxxxxxxxxxxx
>>>
>>> Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com
>>> / www.BrandShelter.com
>>>
>>> Follow us on Twitter or join our fan community on Facebook and stay
> updated:
>>> www.facebook.com/KeySystems
>>> www.twitter.com/key_systems
>>>
>>> CEO: Alexander Siffrin
>>> Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534
>>>
>>> Member of the KEYDRIVE GROUP
>>> www.keydrive.lu
>>>
>>> This e-mail and its attachments is intended only for the person to
>>> whom it is addressed. Furthermore it is not permitted to publish any
>>> content of this email. You must not use, disclose, copy, print or
>>> rely on this e-mail. If an addressing or transmission error has
>>> misdirected this e-mail, kindly notify the author by replying to this
> e-mail or contacting us by telephone.
>>>
>>>
>>>
>
>
> --
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>
> Mit freundlichen Grüßen,
>
> Volker A. Greimann
> - Rechtsabteilung -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann@xxxxxxxxxxxxxxx
>
> Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com /
> www.BrandShelter.com
>
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
> www.facebook.com/KeySystems
> www.twitter.com/key_systems
>
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu
>
> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen
> Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder
> Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese
> Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per
> E-Mail oder telefonisch in Verbindung zu setzen.
>
> --------------------------------------------
>
> Should you have any further questions, please do not hesitate to contact us.
>
> Best regards,
>
> Volker A. Greimann
> - legal department -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann@xxxxxxxxxxxxxxx
>
> Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com /
> www.BrandShelter.com
>
> Follow us on Twitter or join our fan community on Facebook and stay updated:
> www.facebook.com/KeySystems
> www.twitter.com/key_systems
>
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu
>
> This e-mail and its attachments is intended only for the person to whom it
> is addressed. Furthermore it is not permitted to publish any content of this
> email. You must not use, disclose, copy, print or rely on this e-mail. If an
> addressing or transmission error has misdirected this e-mail, kindly notify
> the author by replying to this e-mail or contacting us by telephone.
>
>
>
>