[gnso-whois-study] Informal input from NARALO chair and NARALO itself
- To: "GNSO.SECRETARIAT@xxxxxxxxxxxxxx" <gnso.secretariat@xxxxxxxxxxxxxx>, <gnso-whois-study@xxxxxxxxx>
- Subject: [gnso-whois-study] Informal input from NARALO chair and NARALO itself
- From: "Brendler, Beau" <Brenbe@xxxxxxxxxxxx>
- Date: Thu, 17 Apr 2008 11:01:57 -0400
The NA RALO based on an informal survey is divided on the issue of
whether more WHOIS studies are needed. About half or slightly more think
no further study is needed and others seem more open to it. Pasted below
(with permission) is the contents of a conversation with Evan
Leibovitch, NA RALO chair.
Brendler, Beau wrote:
> Ross, I'm not so anxious to pick up torches, but there are new people
> coming on board in the NA RALO community who don't have the benefit of
> your years of experience as a senior executive at a registrar dealing
with this issue, so that's why I posted this here -- in hopes of hearing
something from new faces in the room, groups representing users,
Evan Leibovitch wrote:
I guess I fit into this category. A little over a year ago I had nothing
to do with ICANN. Thanks to Jacob's initiative, a better (but far from
complete) understanding of the issues, and a knowledgeable and generally
welcoming bunch of colleagues, I'm in a little deeper now. :-) And while
my ALS's membership is reasonably technically inclined, I'd say that the
proportion of them that own domains is definitely a minority (though
higher than the general public).
We have not done an extensive survey of our ALS's members but the issue
has come up at the executive/board level and some informal user group
discussions. Generally I have heard agreement with what Beau stated as
the Webwatch position:
> Oversimply stated, we are interested in seeing a compromise that would
allow a consumer to use accurate WHOIS data to help determine the
credibility of a Web site with which the consumer is about to do
business, while not compromising, say, the right of Burmese citizens to
create Web sites to describe the conditions within their country without
fear of being tracked down and harmed by their government via WHOIS
To be more specific, WHOIS accuracy is a non-issue -- it must exist --
what is at issue is the level of public access to that accurate
informaion. I would suggest that any domain owned by a government agency
or for-profit corporation must be public (just as corporate registration
information is already public). Non-profits and individuals should be
able to enable some kind of privacy while allowing appropriate
legitimate access (ie, I would not want the above scenario to give said
Burmese citizens the ability to engage in personal libel, or publishing
secrets of others, with impunity).
To extend this to the "intended" purpose of TLDs, I could live with all
of .com, .int and .gov being required to be public, while .org could
allow surrogates under proper circumstances. CCTLDs that use .com. or
.org. subdomains an easily make similar distinctions.
I agree that study at a policy level is pointless -- the facts and
opinions on all sides are well known and it's time for a political
decision that takes a stand with the given information. The only
required further study would IMO be regarding the business and
mechanical implementation of the kinds of proxy / escrow / whatever
models are required to allow a balance of privacy and accountability.
Even unlisted telephone numbers are on record at the telco and are
accessible under certain well-defined legal circumstances. There are
other non-Internet examples -- such as access to auto license-plate
registration information -- that indicate reasonable societal
compromises between privacy and accountability. We're not the first ones
with this dilemma.
From: Brendler, Beau
Sent: Tuesday, April 15, 2008 1:57 PM
To: 'GNSO.SECRETARIAT@xxxxxxxxxxxxxx'; gnso-whois-study@xxxxxxxxx
Subject: Whois study group -- category rankings
>From Beau Brendler and Consumer Reports WebWatch
We believe all seven categories are worth further study. Here's how we
think they should be ranked in order of priority:
1. (5) Impact of WHOIS data protection on crime and abuse.
2. (7) WHOIS data accuracy.
3. (1) WHOIS misuse.
4. (4) Demand and motivation for use of privacy services.
5. (2) Compliance with data protection laws/registrar accreditation
6. Proxy registrar compliance with law enforcement/dispute resolution
7. (3) Availability of privacy services.
WebWatch's perspective on WHOIS could be almost characterized as similar
to that of law enforcement or the FTC. Oversimply stated, we are
interested in seeing a compromise that would allow a consumer to use
accurate WHOIS data to help determine the credibility of a Web site with
which the consumer is about to do business, while not compromising, say,
the right of Burmese citizens to create Web sites to describe the
conditions within their country without fear of being tracked down and
harmed by their government via WHOIS data.
I will also ask the ALAC to weigh in and report back offline with any
additional information. The north American region seems to have the
strongest feelings on this issue.