RE: [gnso-whois-wg] clarification of GAC relevance to GNSO WGs

[Dan Krimm <dan@xxxxxxxxxxxxxxxx>]

I don't know if GAC addresses this as such, but it seems to me that
"legitimate uses" of privatized Whois data depends substantially on the
*(legal) standing* of whoever may seek to use the data.

Not all potential users of privatized Whois data necessarily should be
recognized as having standing to use the data in ways that may be
legitimate for other users.  For example, private vigilantes generally
should not have standing to usurp public law enforcement jurisdictions (and
in cases where law enforcement is somehow "contracted out" to private
entities, that contractual relationship needs to be meaningfully
controlled).

Legitimate use does not automatically translate into legitimate user, and
thus legitimate use does not automatically translate into legitimate
access, without justifying the user's standing to have access (and ensuring
that use is constrained and tracked where appropriate, according to type of
standing).

Dan

PS -- None of this relates to any definition or categorization of what
counts as "public interest" and so I believe that my original comment that
those words should be removed from the report seems to stand, as far as I
can tell.

Also, while USG has a certain perspective regarding the interpretation of
"legitimate activities" as referring specifically to use of privatized
Whois data, it seems that other nations on the GAC clearly have differing
perspectives.  While USG may agree with the wording of the GAC Principles
at issue, as far as it goes, the USG position seems to go further than
other countries, if we can take Bertrand's word for it.  It may be that the
USG perspective goes further than the GAC Principles as such, in
interpreting the phrase "in support of other" -- and perhaps this
perspective follows the current state of US national law insofar as it
differs from other nations' laws -- but of course, US laws governing
personal privacy are in transition and it is difficult to predict what the
law will say as we move further into the future.

I can certainly say that as a US citizen I differ with the position of the
USG in this instance, and I'm not sure what channels for citizen voice are
available to me to affect this position as a citizen, other than simply
writing to the President, since DoC/NTIA is part of the executive branch.
I could write directly to Suzanne too, but I'm not sure what authority she
has to change the USG position without approval from higher up, or that she
would incorporate my views as a single garden-variety citizen.

>From the perspective of GNSO, I would suggest that if we consider the GAC
Principles on Whois at all, we consider only the GAC report/document
itself, and not the supplementary perspectives of individual nations.  And
especially, in cases where the wording by GAC encompasses some ambiguity
(which seems to be quite clear in this instance, by now -- it was an
intentional, purposeful and studied ambiguity, given Bertrand's statement)
GNSO should address that ambiguity head on and recognize that GAC did not
produce a document that is clear on this matter.  Therefore we should not
accept the USG position as representing that of the GAC as a whole, as we
consider whether or not (and to what degree) we incorporate the GAC
Principles into our own deliberations.

GNSO will also come up with its own recommendations, and if they still
differ from those of GAC when we're done, then GNSO and GAC can figure out
some way to sit down together and discuss how to find consensus from the
two differing positions as a starting point.  If this is to become some
sort of negotiation, then GNSO should start from our strongest negotiating
position before giving away everything that GAC may want, if we feel
differently.  My feeling is that nothing in the GAC Principles binds us in
GNSO at this stage in the process of deliberation, even if the ultimate
goal is to reach consensus between GNSO and GAC.

Just because "GAC got there first" doesn't mean we need to be bound by that
in our WG.  We are the Generic Names Supporting Organization, and it is our
responsibility and charter to make recommendations of gTLD-associated
policy to the Board on our own recognizance with our own PDP.  If we end up
having differences with GAC, than we can sit down with them and talk, after
we've put out our own recommendations.

If there is something in the ICANN bylaws that contradicts this, then I'd
like to know about it.  But in the absence of contradicting formalities, I
would think that we ought to proceed on our own steam for now.  We don't
report to GAC in any formal sense, as I understand it.



At 9:34 AM -0400 7/27/07, Suzanne Sene wrote:
>hello all, i'd like to add an alternative perspective on this issue, to
>clarify for the record that the usg considers the list of activities in
>the gac principles to represent legitimate uses of whois data.  i would
>also note that section 3.1 of the gac principles states that the
>definition, purpose and operation of whois services should reflect section
>2.  cheers, suz.
>
>Suzanne R. Sene
>Senior Policy Advisor
>NTIA/OIA
>202-482-3167 (ph)
>202-482-1865 (fax)
>>>> "Milton L Mueller" <mueller@xxxxxxx> 07/26/07 11:03 AM >>>
>Thanks for the correction, Bertrand. I should have known better: it is, as
>you say, "activities" (e.g., self-policing of trademarks) that are
>legitimate and not necessarily the use of Whois data for them. This
>important but subtle distinction often gets overlooked.
>
>________________________________
>
>From: Bertrand de La Chapelle [mailto:bdelachapelle@xxxxxxxxx]
>Sent: Thursday, July 26, 2007 10:51 AM
>To: Milton L Mueller
>Cc: Dan Krimm; gnso-whois-wg@xxxxxxxxx
>Subject: Re: [gnso-whois-wg] clarification of GAC relevance to GNSO WGs
>
>
>Dear all, dear Milton,
>
>Once again, it is important that people understand the exact meaning of
>the formulation in the GAC whois principles. I already posted it but it's
>worth reiterating for those who did not see it.
>
>What the GAC principles say is :
>"As the Internet has evolved, Whois data is now used in support of other
>legitimate activities, including ... [add list here]" And there is a
>footnote to indicate that the legitimacy is in respect to national law.
>
>The formulation was very, very carefully worded because it was a critical
>point. It is the activities that are qualified as legitimate, not the use
>of whois data for them. It does not say "legitimate uses of whois data",
>precisely because in many cases the accessibility of the data is in
>contradiction with national privacy laws. This is the core of the problem.
>
>At the same time, it is true that the (non-inclusive) list in the GAC
>principles can be used as a guideline to identify what I have often
>labelled in conference calls "purposes" . These are the activities that
>need some information and the Whois services are one of the many tools
>that they can use, provided the Whois services are compliant with national
>laws.
>
>Best
>
>Bertrand
>
>
>
>
>
>On 7/26/07, Milton L Mueller <mueller@xxxxxxx> wrote:
>
>
>
>       -----Original Message-----
>       From: owner-gnso-whois-wg@xxxxxxxxx
>       [mailto:owner-gnso-whois-wg@xxxxxxxxx] On Behalf Of Dan Krimm
>       Sent: Wednesday, July 25, 2007 11:02 AM
>
>       >In today's call we had a comment from the GAC
>       >referring to a listing or enumeration of public
>       >interests, or something to that effect, when
>       >discussing Section 1 of our report (Objective).
>
>       Actually the GAC WHOIS principles provide a list of what the GAC
>members
>       thought to be "legitimate uses" of Whois data. It did not say that all
>       of them were "public interest" uses. Furthermore, the same section
>which
>       lists these uses recognizes "the misuse of Whois data" and potential
>       conflicts with national law.
>
>       The simple fact is that the GAC principles tell us nothing about how to
>       reconcile those two things. That's our job.
>
>       Furthermore, if you take a careful look at those "legitimate uses" you
>       can see that about half of them could occur with OPoC-shielding; e.g.,
>       checking for the availability of a name.
>
>
>
>
>
>
>
>--
>____________________
>Bertrand de La Chapelle
>Délégué Spécial pour la Société de l'Information / Special Envoy for the
>Information Society
>Ministère des Affaires Etrangères / French Ministry of Foreign Affairs
>Tel : +33 (0)6 11 88 33 32
>
>"Le plus beau métier des hommes, c'est d'unir les hommes" Antoine de Saint
>Exupéry
>("there is no better mission for humans than uniting humans")