RE: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois

[Alan Greenberg <alan.greenberg@xxxxxxxxx>]

I agree with Jeff. If indeed there are some 
registrars that do not include the type of clause 
that Jeff mentioned, let's hear the specifics. 
Regarding the terms when the domain was first 
registered, I have never seen a registrant 
agreement that did not give the registrar 
unilateral right to change the agreement at any 
time (perhaps with due notice). On a PDP that I 
chaired, registrars were VERY protective of this right.
So if there are registrars who would not, today, 
have the right to support a thick Whois using 
their current T&C, let's hear about them. 
Otherwise we are talking about a requirement 
which they all currently satisfy, therefore 
having no effective impact on their T&Cs.
Alan

At 30/01/2013 09:47 AM, Neuman, Jeff wrote:
> No issue with you sending out a notice, I think 
> that is fair.  On the Ts and Cs front, however, 
> I have yet to see any agreement where this consent was not in the agreements.
> The point is that I have seen many in the 
> Non-commercial community over-blow this issue.  Lets work with evidence.
> Jeffrey J. Neuman
> Neustar, Inc. / Vice President, Business Affairs
>
>
>
> -----Original Message-----
> From: owner-gnso-thickwhoispdp-wg@xxxxxxxxx 
> [mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Volker Greimann
> Sent: Wednesday, January 30, 2013 9:43 AM
> To: Neuman, Jeff
> Cc: Alan Greenberg; Avri Doria; Thick Whois
> Subject: Re: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois
>
>
> Hi Jeff,
>
> I am aware of our T&Cs, but not all T&Cs are 
> created equal. Also the agreements need to be 
> looked at in their context, i.e. the situation 
> at the time the registrant accepted them. At 
> this point in time, in thin registries, we are 
> the data controller and control the data under 
> an agreement with the registrant, whereas for 
> thin registries we are a mere data processor.
> To look at it from another angle:
> If the switch from thin to thick happened, we 
> would at the minimum need to inform our 
> customers about this fact to allow them to 
> delete their domain names before that switch as 
> the material nature of the data handling and our 
> role concerning that handling would change.
> Volker
> > Volker,
> >
> > This is taken from one of your registrars Ts 
> and Cs (Domain Discount 24).  It already has a 
> provision in there stating that the registrant 
> consents to transmitting all of this data 
> (REGARDLESS OF THE TLD) to the registry. See 
> http://www.domaindiscount24.com/en/legal-notice/terms-and-conditions#dom_reg. 
> It doesn't say you wont do it for com, net and 
> jobs.  It says you do it for all TLDs.  So you 
> already have the permissions you need in your 
> existing legal agreement to sent it to the 
> registry (no matter where in the world it is.
> >
> > This is my point.  In THEORY, it could be an 
> issue if a registrant signed a legal agreement 
> that stated its data would not be sent out of 
> the jurisdiction and then it was because the 
> registry was thin and is now requiring thick.
> >
> > But THE EVIDENCE is not there for any of the 
> legal agreements I have looked at from the 
> registrars to show that this is an actual issue.
> >
> >
> >
> > 
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> >
> >
> >
> > 3. Domain owner data
> >
> > 1. The customer is commited to supply 
> Registrar with the following information and 
> data for the purpose of forwarding to the 
> registry and possibly for the purpose of 
> publishing in the public WHOIS of registered 
> domain names. By entering and changing the data 
> in the online-interface Customer assures that 
> his information is correct, complete and truthful. This concerns in particular:
> >   .Current and complete information about the 
> full name or name of a legal person, mailing 
> address, e-mail address, voice telephone number and - if available - fax;
> >   .The IP address of the domain name server 
> (primary and secondary server) and the name of these servers;
> >   .the full name, postal address, e-mail 
> address, voice telephone and fax number of the 
> administrative contact, the technical contact and the billing contact.
> >
> > 2. The necessary information and data may 
> vary depending on the TLD. As far as more data 
> is required, this data must be provided during 
> the registration process or alternatively 
> delivered upon request from Registrar.
> >
> > 3. The information and data has to be updated 
> when necessary, incomplete data must be 
> completed. Customer acknowledges that the 
> provision of false data can directly lead to 
> loss of rights from the service without refund. 
> This also applies in the event that Customer 
> does not comply with any request of Registrar 
> to correct the data or provide proof of its accuracy within the time allowed.
> >
> > 4. By providing data of a third party 
> Customer confirms that he has informed the 
> third party about the provision and use of the 
> data and that the third party has expressly agreed with this provision and use.
> >
> > Jeffrey J. Neuman
> > Neustar, Inc. / Vice President, Business Affairs
> >
> >
> > -----Original Message-----
> > From: owner-gnso-thickwhoispdp-wg@xxxxxxxxx
> > [mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Volker
> > Greimann
> > Sent: Wednesday, January 30, 2013 9:09 AM
> > To: Alan Greenberg
> > Cc: Avri Doria; Thick Whois
> > Subject: Re: [gnso-thickwhoispdp-wg] Dangers and risks of thick Whois
> >
> >
> > Ah, that is a misconception, Alan. Just 
> because the data is publicly available does not 
> make it less private. The individual to whom 
> the data belonds may have agreed to certain 
> uses of his private data, such as transmission 
> to a registry or publication in the whois, but 
> in the end it remains his own private data, in 
> his sole ownership and he may request deletion 
> of that data at any time (which may cost him 
> the domain name, or the fees of a privacy provider, of course).
> >
> > Owenership of your own private data is very well regulated over here.
> > ;-)
> >
> > Best,
> >
> > Volker
> >> The data passed to the registry is the same data that the registrar
> >> would make fully public in Whois.
> >>
> >> Yes, the information may be transferred to another jurisdiction. and
> >> that jurisdiction may treat PRIVATE information differently. If a
> >> thick whois required a registrar to transfer PRIVATE information, it
> >> could be an issue. But there is *NO* private data involved in this
> >> transfer. So how that target jurisdiction treats private information
> >> does not impact this discussion.
> >>
> >> Alan
> >>
> >> At 29/01/2013 01:51 PM, Avri Doria wrote:
> >>
> >>> Hi,
> >>>
> >>> As I understand it, in a thick whois, the Registrar would be forced
> >>> to pass all that information to the Registry.  At this point they
> >>> don't need to.
> >>>
> >>> So the information will then be transferred from one national
> >>> jurisdiction to another.  And those jurisdictions could have a very
> >>> different treatment of that private information.  That
> >>> jurisdictional shift is the crux of the problem.
> >>>
> >>> To the group: Apologies for making Rick so very angry at me.
> >>>
> >>> avri
> >>>
> >>>
> >>>
> >>> On 29 Jan 2013, at 10:39, Alan Greenberg wrote:
> >>>
> >>>> I agree on all of these principles, but do not understand the
> >>> relevance to thick/thin Whois model. Why does the registry holding a
> >>> copy of the data WHICH IS ALREADY PUBLICLY AVAILABLE alter anything?
> >>> Privacy is still protected by the original registrar or proxy
> >>> provider based on the laws in their jurisdiction.
> >>>> An organization that works on gay issues can register in a country
> >>> and with a registrar that will hide their identity under multiple
> >>> levels and will even defend a UDRP if necessary, without unmasking
> >>> the original registrant". All that will show up in the registry
> >>> database is the top proxy provider - exactly what the registrar
> >>> would show in its Whois output in the thin model.
> >>>> I do note that as alluded to above, that most proxy providers will
> >>> unmask the original registrant as soon as a UDRP is filed, even if
> >>> that UDRP might have little merit. And even if the UDRP is lost, the
> >>> original registrant's name will be published in the public report on
> >>> the UDRP. I have never heard of anyone fighting to change that rule!
> >>>> Alan
> >
> > --
> > Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
> >
> > Mit freundlichen Grüßen,
> >
> > Volker A. Greimann
> > - Rechtsabteilung -
> >
> > Key-Systems GmbH
> > Im Oberen Werk 1
> > 66386 St. Ingbert
> > Tel.: +49 (0) 6894 - 9396 901
> > Fax.: +49 (0) 6894 - 9396 851
> > Email: vgreimann@xxxxxxxxxxxxxxx
> >
> > Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com /
> > www.BrandShelter.com
> >
> > Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
> > www.facebook.com/KeySystems
> > www.twitter.com/key_systems
> >
> > Geschäftsführer: Alexander Siffrin
> > Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.:
> > DE211006534
> >
> > Member of the KEYDRIVE GROUP
> > www.keydrive.lu
> >
> > Der Inhalt dieser Nachricht ist vertraulich 
> und nur für den angegebenen Empfänger bestimmt. 
> Jede Form der Kenntnisgabe, Veröffentlichung 
> oder Weitergabe an Dritte durch den Empfänger 
> ist unzulässig. Sollte diese Nachricht nicht 
> für Sie bestimmt sein, so bitten wir Sie, sich 
> mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
> >
> > --------------------------------------------
> >
> > Should you have any further questions, please 
> do not hesitate to contact us.
> >
> > Best regards,
> >
> > Volker A. Greimann
> > - legal department -
> >
> > Key-Systems GmbH
> > Im Oberen Werk 1
> > 66386 St. Ingbert
> > Tel.: +49 (0) 6894 - 9396 901
> > Fax.: +49 (0) 6894 - 9396 851
> > Email: vgreimann@xxxxxxxxxxxxxxx
> >
> > Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com /
> > www.BrandShelter.com
> >
> > Follow us on Twitter or join our fan 
> community on Facebook and stay updated:
> > www.facebook.com/KeySystems
> > www.twitter.com/key_systems
> >
> > CEO: Alexander Siffrin
> > Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534
> >
> > Member of the KEYDRIVE GROUP
> > www.keydrive.lu
> >
> > This e-mail and its attachments is intended 
> only for the person to whom it is addressed. 
> Furthermore it is not permitted to publish any 
> content of this email. You must not use, 
> disclose, copy, print or rely on this e-mail. 
> If an addressing or transmission error has 
> misdirected this e-mail, kindly notify the 
> author by replying to this e-mail or contacting us by telephone.
> >
> >
> >
>
>
> --
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>
> Mit freundlichen Grüßen,
>
> Volker A. Greimann
> - Rechtsabteilung -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann@xxxxxxxxxxxxxxx
>
> Web: www.key-systems.net / www.RRPproxy.net 
> www.domaindiscount24.com / www.BrandShelter.com
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
> www.facebook.com/KeySystems
> www.twitter.com/key_systems
>
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu
>
> Der Inhalt dieser Nachricht ist vertraulich und 
> nur für den angegebenen Empfänger bestimmt. Jede 
> Form der Kenntnisgabe, Veröffentlichung oder 
> Weitergabe an Dritte durch den Empfänger ist 
> unzulässig. Sollte diese Nachricht nicht für Sie 
> bestimmt sein, so bitten wir Sie, sich mit uns 
> per E-Mail oder telefonisch in Verbindung zu setzen.
> --------------------------------------------
>
> Should you have any further questions, please do not hesitate to contact us.
>
> Best regards,
>
> Volker A. Greimann
> - legal department -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann@xxxxxxxxxxxxxxx
>
> Web: www.key-systems.net / www.RRPproxy.net 
> www.domaindiscount24.com / www.BrandShelter.com
> Follow us on Twitter or join our fan community on Facebook and stay updated:
> www.facebook.com/KeySystems
> www.twitter.com/key_systems
>
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu
>
> This e-mail and its attachments is intended only 
> for the person to whom it is addressed. 
> Furthermore it is not permitted to publish any 
> content of this email. You must not use, 
> disclose, copy, print or rely on this e-mail. If 
> an addressing or transmission error has 
> misdirected this e-mail, kindly notify the 
> author by replying to this e-mail or contacting us by telephone.