<<<
Chronological Index
>>> <<<
Thread Index
>>>
RE: [gnso-thickwhoispdp-wg] missing recommendation in 7.1
- To: "'Mike O'Connor'" <mike@xxxxxxxxxx>, Avri Doria <avri@xxxxxxx>
- Subject: RE: [gnso-thickwhoispdp-wg] missing recommendation in 7.1
- From: "Metalitz, Steven" <met@xxxxxxx>
- Date: Fri, 20 Sep 2013 16:38:26 +0000
Mikey,
I do not share your assumption that the transition to thick Whois must be
delayed pending a legal review. This is entirely unsupported by the findings
of our report.
1. "The WG finds that requiring thick Whois for all gTLD registries does not
raise data protection issues that are specific to thin v. thick Whois. "
2. "There are currently issues with respect to privacy related to Whois and
these will only grow in the future..... None of these issues seem to be related
to whether a thick or thin Whois model is being used. "
3. "So although privacy issues may become a substantive issue in the future,
and should certainly be part of the investigation of a replacement for Whois,
it is not a reason not to proceed with the PDP WG recommending thick Whois for
all."
All these quotes are from the conclusion to section 5.5 of our report. I
believe this text represents a consensus of the participants in the privacy
subgroup of our WG. Don can confirm or correct this.
I encourage everyone to re-read section 5.5. It makes very clear that, based
on over a decade of experience with thick gTLD registries, including the
successful transition of one of the largest gTLD registries from thin to thick;
the complete absence of any legal challenges during that time period to the
operation of such registries on privacy grounds;, and the support of registrars
and registries --- the entities with the greatest incentive to take seriously
the potential legal exposure involved -- for the thick model, that there is
no privacy- or data protection-based reason to delay adoption and
implementation of the thick Whois requirement.
This conclusion reflects the thoroughly discussed and fully negotiated view of
those who participated actively in this WG over the past year. It should not
be set aside or undermined at the last minute.
I continue to disagree as well with your point 3 for the reasons already
thoroughly discussed on this list.
Could you explain what is the difference, in your view, between a "little-r
recommendation" in section 7.3 and a "big-R recommendation" in section 7.1,
especially since you propose that both take the form of a statement that "We
recommend....".
Steve
-----Original Message-----
From: owner-gnso-thickwhoispdp-wg@xxxxxxxxx
[mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Mike O'Connor
Sent: Friday, September 20, 2013 11:58 AM
To: Avri Doria
Cc: Thick Whois
Subject: Re: [gnso-thickwhoispdp-wg] missing recommendation in 7.1
i think maybe i need to put all the stuff in one post.
1) we put a big-R recommendation to do the legal review in 7.1. here's the
language that Volker proposed with some rough draft "sequence" language in
brackets.
> We recommend that the ICANN Board request an independent legal review to be
> undertaken [before transition to thick whois] on the privacy implications of
> a transfer of registrant data between jurisdictions.
2) we beef up the body of the report to support that recommendation -- the
language is already there, i just think it ought to be moved down into a more
recommendation-focused paragraph. again rough-draft "sequence" language in
brackets.
> page 30: "Again, these questions must be explored in more depth by ICANN
> Staff [before transition to thick whois], starting with the General Counsel's
> Office, and by the community. As an added benefit, analyses concerning change
> of applicable laws with respect to transition from a thin to a thick
> environment also may prove valuable in the event of changes in a registry's
> management, presumably an increasing likelihood given the volume of new gTLDs
> on the horizon."
3) we put a version of your little-r recommendation in section 7.3
> The WG discussed many of the issues involved in moving from having a
> registration currently governed under the privacy rules by one jurisdiction
> in a thick whois to another jurisdiction, the jurisdiction of the Registry in
> a thick whois. The WG did not feel it was competent to fully discuss these
> privacy issues and was not able to fully separate the privacy issues involved
> in such a move from the general privacy issues that need to be resolved in
> Whois. there was also concern with intersection with other related Privacy
> issues that ICANN currently needs to work on. The Working group therefore
> makes the following recommendation:
>
> . We recommend that the ICANN Board request a GNSO issues report to cover the
> issue of Privacy as related to WHOIS and other related GNSO policies.
On Sep 20, 2013, at 9:24 AM, Avri Doria <avri@xxxxxxx> wrote:
>
> Hi,
>
> All lovely ideas, but they don't meet the need to put the privacy issues on
> the front burner.
>
> avri
>
> On 20 Sep 2013, at 09:24, Mike O'Connor wrote:
>
>> [hijacking this thread back to its original topic]
>>
>> hi Avri,
>>
>> i, for one, think turnabout on the way to consensus is one of the very best
>> things about ICANN. thanks Avri
>>
>> here's language describing that legal review as it stands (this is the last
>> paragraph of Discussion section of 5.5 Data Protection
>>
>> page 30: "Again, these questions must be explored in more depth by ICANN
>> Staff, starting with the General Counsel's Office, and by the community. As
>> an added benefit, analyses concerning change of applicable laws with respect
>> to transition from a thin to a thick environment also may prove valuable in
>> the event of changes in a registry's management, presumably an increasing
>> likelihood given the volume of new gTLDs on the horizon."
>>
>> i *think* that's the only place it shows up in the current draft, which
>> means that while we worked hard on the language, it's not really a
>> recommendation right now and kindof buried down in the details. it's also
>> vague on the sequencing -- but i have been presuming that the legal review
>> would have to happen before the conversion and would be comfortable
>> clarifying that.
>>
>> from a report-drafting standpoint if we pursue this direction, i think we'd
>> want to do a few minor revisions to provide support for that big-R
>> recommendation that's being proposed.
>>
>> - clarify that sequence
>>
>> - move that paragraph from the "Discussion" section of 5.5 down to the
>> "Conclusions" section to provide stronger underpinnings for the
>> recommendation
>>
>> all pretty easy to do from a mechanical report-drafting point of view, if
>> the group agrees on that approach.
>>
>> good work. carry on,
>>
>> mikey
>>
>>
>>
>>
>> On Sep 19, 2013, at 10:47 AM, Avri Doria <avri@xxxxxxx> wrote:
>>
>>>
>>> Hi,
>>>
>>> Forgive me for doing this bit of turnabout: is this legal review something
>>> that would occur before the thick whois for incumbent registries was put
>>> into effect?
>>>
>>> At first blush, if this was combined with a 7.3. recommendation for a full
>>> Issues report, I might be able to accept it and convince the NCSG that this
>>> was a good compromise.
>>>
>>> thanks
>>>
>>> avri
>>>
>>>
>>> On 19 Sep 2013, at 11:14, Volker Greimann wrote:
>>>
>>>> Hi all,
>>>>
>>>> I still find Avri's proposed language too broad, so I tried my hand at a
>>>> quick rewrite. Probably still needs a little fiddling, but more in the
>>>> direction what I could support, although putting this into 7.1 is a bit
>>>> iffy to me.
>>>> The WG discussed many of the issues involved in moving from having a
>>>> registration currently governed under the privacy rules by one
>>>> jurisdiction in a thin whois to another jurisdiction, the jurisdiction of
>>>> the Registry in a thick whois. The WG did not feel it was competent to
>>>> reach a final conclusion on these issues involving international privacy
>>>> laws.
>>>> The Working group therefore makes the following recommendation:
>>>>
>>>> . We recommend that the ICANN Board
>>>> request an independent legal review to be undertaken on the privacy
>>>> implications of a transfer of registrant data between jurisdictions.
>>>> Reasons: If we could not find ourselves competent to decide a small matter
>>>> like the transfer of private data, how can we expect another PDP to tackle
>>>> an even broader issue of privacy issues surrounding WHOIS in general? For
>>>> the purposes of this WG, the determination that we were unable to reach a
>>>> final conclusion on could and should be resolved by independent counsel.
>>>>
>>>> While a new PDP on WHOIS and privacy issues is certainly something worth
>>>> considering and something I would welcome, I do not feel that this WG
>>>> needs to make that recommendation as it would be much broader than the
>>>> smaller issue we were tasked to tackle.
>>>>
>>>> Volker
>>>>
>>>>> Hi,
>>>>>
>>>>> For me this needs to be a Recommendation (7.1, big R), not an extra
>>>>> consideration. This issue was within the purview of the group and the
>>>>> group bailed on it for lack of capability. Fine, then lets step and
>>>>> recommend that those that have the capability do so. In this age of
>>>>> world attention on privacy issues, I can't beleive we are still dancing
>>>>> around the point.
>>>>>
>>>>> I am currently working on getting the NCSG to endorse this. As the
>>>>> alternate chair of the NCSG Policy committee I beleive this is something
>>>>> that will be supported by the NCSG. I will personally submit a minority
>>>>> position and work to get the NCSG to endorse it, if this recommendation
>>>>> is not included in 7.1. For myself at this point, I will reject the
>>>>> entire report without this, as the report is incomplete without this as a
>>>>> primary Recommendation. To my mind NCSG would be shirking it
>>>>> responsibilities if we let this report go out without such a
>>>>> recommendation.
>>>>>
>>>>> Incidentally, my impression from the list discussion was that there was
>>>>> support, but that wording needed changing. It was changed.
>>>>>
>>>>> I understand that there are those who may be playing divide and conquer
>>>>> games behind the scenes, claiming that my position will hurt NCSG's
>>>>> reputation. I have bcc'e d the NCSG on this note so that they themselves
>>>>> can determine if it is reputation damaging. There are others who are are
>>>>> cynically claiming that I am going against the bottom-up model by
>>>>> insisting on privacy considerations. I reject those claims.
>>>>>
>>>>> avri
>>>>>
>>>>>
>>>>>
>>>>> On 19 Sep 2013, at 10:25, Mike O'Connor wrote:
>>>>>
>>>>>
>>>>>> hi all,
>>>>>>
>>>>>> i may have been the culprit here. Avri, my interpretation of the
>>>>>> desultory conversation on the list was that there *wasn't* much support
>>>>>> for the idea. and then when you didn't show up on last week's call to
>>>>>> pitch/push it, i forgot to bring it up. my bad -- sorry about that.
>>>>>>
>>>>>> let's try to have a vigorous conversation about this on the list, and
>>>>>> drive to a conclusion on the call next week.
>>>>>>
>>>>>> Avri, you and i had a one-to-one email exchange about this and i
>>>>>> suggested that this recommendation might fit better, and be more widely
>>>>>> accepted, if it was in the privacy and data protection part of our
>>>>>> report (Section 7.3). could you give us an indication of whether
>>>>>> acceptance of this version of the recommendation is required? in more
>>>>>> casual terms, is there any wiggle room here? i think it would be
>>>>>> helpful for the rest of the group to know the framework for the
>>>>>> conversation.
>>>>>>
>>>>>> carry on folks,
>>>>>>
>>>>>> mikey
>>>>>>
>>>>>>
>>>>>> On Sep 18, 2013, at 6:39 PM, Avri Doria
>>>>>> <avri@xxxxxxx>
>>>>>> wrote:
>>>>>>
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> I was disappointed to not see the recommendation for the Issues report
>>>>>>> included in 7.1. I thought we had discussed it on this list and thee
>>>>>>> had been little opposition, though there was some. I cannot support
>>>>>>> this report with a strong recommendation for follow on work on the
>>>>>>> Privacy issues. And, contrary to what others may beleive, I do not see
>>>>>>> any such work currently ongoing in ICANN. I think it i s unfortunate
>>>>>>> that we keep pushing off this work and are not willing to face it
>>>>>>> directly. I beleive I have the support of others in the NCSG, though
>>>>>>> the content of a minority statement has yet to be decided on.
>>>>>>>
>>>>>>> While still somewhat inadequate, I am ready to argue for going along
>>>>>>> with consensus on this document if the following is included in 7.1:
>>>>>>>
>>>>>>>
>>>>>>> The WG discussed many of the issues involved in moving from having a
>>>>>>> registration currently governed under the privacy rules by one
>>>>>>> jurisdiction in a thick whois to another jurisdiction, the jurisdiction
>>>>>>> of the Registry in a thick whois. The WG did not feel it was competent
>>>>>>> to fully discuss these privacy issues and was not able to fully
>>>>>>> separate the privacy issues involved in such a move from the general
>>>>>>> privacy issues that need to be resolved in Whois. there was also
>>>>>>> concern with intersection with other related Privacy issues that ICANN
>>>>>>> currently needs to work on. The Working group therefore makes the
>>>>>>> following recommendation:
>>>>>>>
>>>>>>> . We recommend that the ICANN Board request a GNSO issues report to
>>>>>>> cover the issue of Privacy as related to WHOIS and other related GNSO
>>>>>>> policies.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Thanks
>>>>>>>
>>>>>>> avri
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> PHONE: 651-647-6109, FAX: 866-280-2356, WEB:
>>>>>> www.haven2.com
>>>>>> , HANDLE: OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.)
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>>>>
>>>> Mit freundlichen Grüßen,
>>>>
>>>> Volker A. Greimann
>>>> - Rechtsabteilung -
>>>>
>>>> Key-Systems GmbH
>>>> Im Oberen Werk 1
>>>> 66386 St. Ingbert
>>>> Tel.: +49 (0) 6894 - 9396 901
>>>> Fax.: +49 (0) 6894 - 9396 851
>>>> Email:
>>>> vgreimann@xxxxxxxxxxxxxxx
>>>>
>>>>
>>>> Web:
>>>> www.key-systems.net / www.RRPproxy.net
>>>> www.domaindiscount24.com / www.BrandShelter.com
>>>>
>>>>
>>>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
>>>>
>>>> www.facebook.com/KeySystems
>>>> www.twitter.com/key_systems
>>>>
>>>>
>>>> Geschäftsführer: Alexander Siffrin
>>>> Handelsregister Nr.: HR B 18835 - Saarbruecken
>>>> Umsatzsteuer ID.: DE211006534
>>>>
>>>> Member of the KEYDRIVE GROUP
>>>>
>>>> www.keydrive.lu
>>>>
>>>>
>>>> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen
>>>> Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder
>>>> Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese
>>>> Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per
>>>> E-Mail oder telefonisch in Verbindung zu setzen.
>>>>
>>>> --------------------------------------------
>>>>
>>>> Should you have any further questions, please do not hesitate to contact
>>>> us.
>>>>
>>>> Best regards,
>>>>
>>>> Volker A. Greimann
>>>> - legal department -
>>>>
>>>> Key-Systems GmbH
>>>> Im Oberen Werk 1
>>>> 66386 St. Ingbert
>>>> Tel.: +49 (0) 6894 - 9396 901
>>>> Fax.: +49 (0) 6894 - 9396 851
>>>> Email:
>>>> vgreimann@xxxxxxxxxxxxxxx
>>>>
>>>>
>>>> Web:
>>>> www.key-systems.net / www.RRPproxy.net
>>>> www.domaindiscount24.com / www.BrandShelter.com
>>>>
>>>>
>>>> Follow us on Twitter or join our fan community on Facebook and stay
>>>> updated:
>>>>
>>>> www.facebook.com/KeySystems
>>>> www.twitter.com/key_systems
>>>>
>>>>
>>>> CEO: Alexander Siffrin
>>>> Registration No.: HR B 18835 - Saarbruecken
>>>> V.A.T. ID.: DE211006534
>>>>
>>>> Member of the KEYDRIVE GROUP
>>>>
>>>> www.keydrive.lu
>>>>
>>>>
>>>> This e-mail and its attachments is intended only for the person to whom it
>>>> is addressed. Furthermore it is not permitted to publish any content of
>>>> this email. You must not use, disclose, copy, print or rely on this
>>>> e-mail. If an addressing or transmission error has misdirected this
>>>> e-mail, kindly notify the author by replying to this e-mail or contacting
>>>> us by telephone.
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>> PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com, HANDLE:
>> OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.)
>>
>
>
PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com, HANDLE: OConnorStP
(ID for Twitter, Facebook, LinkedIn, etc.)
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|