[gnso-whois-study] [Fwd: FW: Whois study categories]

["GNSO.SECRETARIAT@xxxxxxxxxxxxxx" <gnso.secretariat@xxxxxxxxxxxxxx>]

FYI
From: Metalitz, Steven
Sent: Monday, April 14, 2008 3:45 PM
To: Liz Gasster
Subject: Whois study categories

Liz,

I apologize that I could not get you this by the Friday deadline you set 
in the e-mail below, but I gather from our conversation in LA last week 
that it was a soft deadline and not widely adhered to!
Anyway, here are my personal views on the various categories that you 
have helpfully devised to organize the study proposals.
The categories of studies most likely to lead to results that are 
actionable for policy development are 3, 4 and 6. The studies in 
categories 1 and 5 are mixed, with some promising studies and others 
that should not be pursued.  Categories 2 and 7 should be the lowest 
priority.
All these observations are subject to the caveat that the study 
proposals received could be modified, adjusted and/or combined in order 
to enhance their usefulness and control costs.
Categories 3, 4 and 6
One of the most significant developments in Whois, which previous policy 
development efforts have largely ignored, is the proliferation of proxy 
or privacy services.  The studies proposed in these categories (in 
particular proposals 2, 19 and those in category 6) could shed light on 
the prevalence, use and operation of these services, and thus could 
inform consideration of whether ICANN Whois policies need to be changed 
in light of these alternatives that have been generated by the market.
Category 1
Some of these proposals duplicate work already performed (e.g., by the 
Security and Stability Advisory Committee, cf. proposal 14), or that are 
unlikely to yield actionable results at a reasonable cost.  Proposal 15 
may be worth pursuing, however, to shed more light on the role of port 
43 access in abuses of Whois data.
Category 5
Although I would strongly support a study along the lines of proposal 
13, I think  proposal 6 is very unlikely to be useful.  The 
attractiveness of particular TLDs as a base for criminal activities is 
likely linked to a host of factors, and I don't know of any way to 
distill Whois policies from this plethora of other causative factors. 
Furthermore, the concept of  calculating "crime/abuse levels on a 
percentage basis across two or more ccTLDs" would be a daunting undertaking.
Category 2
Legal studies, as contrasted with quantitative and qualitative research 
involving behavior of registrants, registrars and registries, are 
unlikely to be fruitful.  Any legal analysis is sure to be countered by 
competing analyses from those seeking a different policy result. 
Furthermore, several of the studies proposed in this category are 
duplicative of work that is being (or should be) undertaken by ICANN 
contract compliance staff, or of work that has already been done 
elsewhere (see, e.g., the various CENTR reports cited by Danny Younger).
Category 7
While Whois data accuracy is an extremely important topic, it is being 
addressed by a survey being launched by ICANN's contract compliance 
staff, and should not be undertaken by GNSO unless we can be confident 
that it will be non-duplicative.
I hope this is helpful.  Talk to you tomorrow!

Steve

Steven J. Metalitz | Mitchell Silberberg & Knupp LLP | 1818 N Street, 
N.W., 8th Floor, Washington, D.C. 20036 | tel: 202 355-7902| fax: 202 
355-7899| met@xxxxxxx
MS&K | Since 1908 | Lawyers for the 21st CenturyTM


-----Original Message-----
From: owner-gnso-whois-study@xxxxxxxxx 
[mailto:owner-gnso-whois-study@xxxxxxxxx] On Behalf Of Liz Gasster
Sent: Tuesday, April 08, 2008 2:56 PM
To: GNSO.SECRETARIAT@xxxxxxxxxxxxxx; gnso-whois-study@xxxxxxxxx
Subject: RE: [gnso-whois-study] WHOIS study group call Tuesday 8 April 
2008 at 15:00 UTC]

Thanks to all who could make our short-notice kick-off call on WHOIS 
studies.  We will be meeting on Tuesdays at the same time and we have a 
short window by which to recommend to the GNSO Council areas for further 
study (if any) on WHOIS (currently due to the Council by 24 April). 
Following is a short overview of our call, key deliverables for next 
week and next steps.
1. Overview

The group discussed how to proceed.  We first discussed whether studies 
should be commissioned at all, and confirmed that one option could be 
deciding to recommend to the GNSO Council that no studies of WHOIS be 
done.  This view was supported by some participants who are skeptical 
that the outcome of any study would change the views of entrenched 
parties on WHOIS issues.  We also discussed certain areas that might be 
studied further, such as the potential impact on registrars operating in 
countries with strict privacy laws if those countries were to begin 
enforcing those laws (in the gTLD space).  There was the concern that 
new WHOIS-related issues will arise that will require consideration 
notwithstanding the current WHOIS "stalemate", such as issues related to 
IDNs, greater privacy enforcement by countries, etc..., that may warrant 
further study.
I described the format and content of the summary "Report on Public 
Suggestions on Further Studies of WHOIS" of Feb. 25, 2008.  Note in 
particular that the study suggestions are grouped into seven topic areas.
1. WHOIS misuse
2. Compliance with data protection laws and registrar accreditation 
agreements
3. Availability of privacy services
4. Demand and motivation for use of privacy services
5. Impact of WHOIS data protection on crime and abuse
6. Proxy registrar compliance with law enforcement and dispute 
resolution requests
7. WHOIS data accuracy

These seven areas can be thought of as topical questions for further 
study.  If the consensus of the group is to proceed to identify specific 
areas for further study (meaning rather than recommending that studies 
not be conducted), the group might find it useful to decide first which 
of these groupings address questions you think having data about would 
inform the debate (see Key Deliverables below).
There was one question about whether a budget exists to conduct studies. 
 I responded that there is no pre-set budget but there is a place 
holder in the budget that the policy development group has submitted, 
and there is the understanding and expectation that the Council may 
request studies that ICANN would engage in.  Also, I noted that there is 
a gating process -- the Council has specifically noted in its 
resolutions that it would first identify certain studies that it thought 
should then be priced out, and then, after those estimates are provided, 
make any specific requests with those estimates in mind.  We also note 
that costs for various studies could vary significantly based on size, 
scope, complexity, etc.
2. Key deliverables

- Everyone will read the summary "Report on Public Suggestions on 
Further Studies of WHOIS" - link provided by Glen and below
- Everyone will consider the threshold question of whether WHOIS should 
be studied further -- whether any studies of WHOIS would make a 
meaningful impact.  We will discuss this further on the next call.
- Everyone will review the suggestions with an eye to whether/or which 
proposed studies would rise to your short favorites list -- or those you 
think should not be done.  We did not discuss this on the call, but if 
the group would like to email these to me ahead of time, say by Friday, 
I could total up the results of this initial view for the call.
Again, as I suggested on the call, to approach the question of which of 
25 suggestions you might support, you may find it useful to first 
consider which of the groupings address questions you think that having 
data about would inform the debate. Once you have identified which 
questions you want to answer, then you could focus on only those 
particular groupings and consider which study approach (or combination 
of approaches) will best answer your questions. In some cases we have 
indicated that the different study proposals answer slightly different 
questions. In some cases we indicate that some of the approaches are 
likely to give better data, or that some of the approaches are likely to 
be less expensive.  When you think about the fundamental questions asked 
by each grouping, you may find it more useful to consider the questions 
asked by each grouping as follows:

1.       How big is the WHOIS misuse problem that may need to be solved?

2.       Is there a non-compliance with data protection laws problem 
that needs to be solved?
3.       Are there already market-driven solutions available?

4.       Is there demand for market-driven solutions, and are they being 
used for legitimate or illegitimate purposes?
5.       Do WHOIS data protections lead to abuse and misuse?

6.       Are provisions for providing protected WHOIS data to law 
enforcement for investigation of crime and abuse effective?
7.       Is WHOIS data accurate?

- Staff will check on the status of an earlier study on the economics of 
the DNS that we understand to have been approved by the ICANN Board but 
not completed to-date.
- Recruit ISP representative -- in process

3. Next steps

- Next call Tuesday April 15 (a yucky day in the US, I note)
- See tasks listed in "key deliverables" above.
- Email with any questions.

Also, please feel free to correct or add to my summary.

Thanks, Liz



-----Original Message-----
From: owner-gnso-whois-study@xxxxxxxxx 
[mailto:owner-gnso-whois-study@xxxxxxxxx] On Behalf Of 
GNSO.SECRETARIAT@xxxxxxxxxxxxxx
Sent: Tuesday, April 08, 2008 8:15 AM
To: gnso-whois-study@xxxxxxxxx
Subject: [gnso-whois-study] WHOIS study group call Tuesday 8 April 2008 
at 15:00 UTC]

Dear All,

Please find the reference documents:

1.  the 'Report on Public Suggestions on Further
Studies of WHOIS'
http://gnso.icann.org/issues/whois-privacy/whois-study-suggestion-report-25feb08.pdf

2.Addendum
http://gnso.icann.org/issues/whois-privacy/addendum-whois-study-suggestion-report-27mar08.pdf


Glen de Saint Géry
GNSO Secretariat - ICANN
gnso.secretariat[at]gnso.icann.org
http://gnso.icann.org