Public Comments on Whois Task Force November 2006 Report
The volunteered efforts of those who worked to produce the recent Whois report for ICANN's GNSO are certainly laudable, notwithstanding that I am disappointed in the outcome.
For me, most conspicuously absent from the report is an analysis showing explicit evidence of a substantive deliberation on the world- wide privacy interests of domain name registrants. It is far from clear to me, given the apparent assumptions made by (forced on) the task force, why the task force did not recommend that the Whois database, by default, only include public access to the full name of a domain name registrant - along with, perhaps, operational points of contact. This is not my preference, but it is a reasonable compromise given the wide-ranging and complex issues regarding the future use of Whois.
To obtain additional personally identifying information on domain name registrants, the task force should recommend that interested parties contact registrars and ISPs and/or meet the standards of disclosure of private information typically applied to most businesses under a government's applicable law.
In this respect, the proposal would have provided a reasonable balance among the competing interests of law enforcement officials, intellectual property owners, and individual domain name registrants. Instead, the proposal implicitly rejects this type of balancing by tilting its recommendation far in the direction toward favoring intellectual property owners.
The imbalance of the report is apparent in its content. for example, it is unclear why the proposal does not explicitly address the assumptions its drafters made about the appropriateness of a fully public Whois database in light of the fundamental privacy interests at stake. To wit, none of the specific proposals in the report (the Operational Point of Contact (OPoC) proposal – pages 38 to 42, the Special Circumstances proposal – pages 43 to 49, the five proposals in the discussion on access to data – pages 24 to 27) explicitly identify why only a public Whois database is sufficient to ensure that ICANN and its global stakeholders protect the Internet's ongoing security and stability among the Internet's system of unique identifiers.
Notwithstanding that there are more balanced compromises among the competing interests than those reflected in the Whois report, I suspect the oversight in the report reflects a more fundamental problem with some of the discussions about Whois, generally; namely, the lack of evidence of deliberative discussions on whether ICANN should consider abandonment of the public Whois database entirely.
There is no denying that the dominant preference among businesses in maintaining consumer databases in a wide-range of industries is to store data in private databases, not public ones. And, for businesses recognizing the value of a consumer database, those databases are at least as accurate as semi-public government databases. ICANN should buck the well-coordinated attempts to convince it to stand the traditional framework of privacy on its head.
More likely, however, the Whois report issued by the GNSO is an indication of what is to follow; ICANN seems inclined to force all domain name registrants to continue participating in the public exposure of personal data stored in the Whois database. If this is what must be done, then the task force should reconsider its recommendations and recommend that the Whois database, by default, only include public access to the name of a domain name registrant - along with, perhaps, data on the operational points of contact.
Rod Dixon, J.D., LL.M.