Re: [gnso-thickwhoispdp-wg] 24 September call

[Tim Ruiz <tim@xxxxxxxxxxx>]

Individual registrants themselves initiating a process (a registration, a 
transfer, etc.) is very different from what we are ultimately recommending 
here, IMHO.

At any rate, not being an expert, just as no one else is in this group, I would 
still personally prefer at least a legal review and support the wording we 
ended up with at the end of today's call.

Tim


> On Sep 24, 2013, at 4:35 PM, "Alan Greenberg" <alan.greenberg@xxxxxxxxx> 
> wrote:
> 
> 
> I have listened to the recording of today's call, a very painful process 
> given that I could not see the ever-changing document that everyone was 
> talking about, and that I could not raise my hand to put my own thoughts into 
> the conversation.
> 
> A few thoughts came out of this which I present in no particular order.
> 
> - ICANN is regularly criticized for being a risk-adverse organiazation. Do we 
> really think that it would institute a change like this without assessing 
> risk (and a risk to individual privacy WOULD translate into a risk for ICANN)?
> 
> - There were again comments about the movement of private data across 
> jurisdictions (for instance when one transitions from a privacy service in 
> one jurisdiction to one in another). That is not what we are talking about 
> here. It is ONLY the movement of public data.
> 
> - Although we are talking about moving the data of many registrants en masse, 
> the actual transition is EXACTLY what happens MANY times per day. On every 
> new registration for all TLDs except those we are talking about, if you 
> register a name with a registrar in a jurisdiction different from that of the 
> registry, your data takes a trip across national boundaries. According to 
> monthly reports, .org aloe sees about 200,000 net adds per month, or about 
> 6,000 per day. I don't know what percentage of those originate outside of the 
> US, but it cannot be trivial. Each of those have publuc data moving across 
> the same jurisdictional boundaries that we are discussing.
> 
> - The wording about the legal review is too prescriptive. At best, it should 
> suggest that national and international policy experts and regulators be 
> consulted "as applicable" or "as necessary". Without any limitation, the 
> results will always be subject to criticism that they did not consult the 
> "right" experts or did not consult a specific one, voiding the results.
> 
> - I still have difficulty understanding just want the new PDP will do. the PD 
> of PDP means "Policy Development". What policy are we considering. At best 
> this sounds like a "White Paper" investigating the issues surrounding privacy 
> and registration data.
> 
> - The current last paragraph does not read well and is confusing: "We 
> recommend that the ICANN Board request that the GNSO charter an issues report 
> to cover the issue of Privacy as related to WHOIS if it concludes that this 
> issue is not adequately addressed within the scope of the Board-initiated PDP 
> on gTLD registration data services, or otherwise." Perhaps "We recommend that 
> if the Board concludes that privacy issues will not be adequately addressed 
> within the scope of the Board-initiated PDP on gTLD registration data 
> services, or otherwise be addressed, that the Board initiate such action as 
> to ensure that privacy issues are fully and adequately addressed."
> 
> Alan
>