Re: [alac] updated draft on WHOIS.

[Thomas Roessler <roessler@xxxxxxxxxxxxxxxxxx>]

On 2003-02-19 11:48:05 -0500, Erick Iriarte Ahon wrote:

> And agree with at least the local policies about personal data
> protection, it's necessary a specific policy of the
> registrar-register about this issue, publicated in the web site,
> and the registrants will have to know this policies before "buy"
> a domain name.

I think that something like this is in the RAA anyway...

>>An annual opportunity to review and easily correct WHOIS data
>>(without sanctions in the case of registrant's non-response) is
>>one such step.

> Agree with which legislation? we need to declarate something
> about legislation and jurisdiccion applicable for this issues. If
> not, it's "dead-letter" ;)
> 
>>The At-Large Advisory Committee observes that the Task Force's
>>policy 1.A provides such an opportuntiy, and does not mandate
>>any sanctions in the event that registrant does not respond to a
>>notice on reviewing his WHOIS data. Thus, this proposed policy
>>seems like a way to make the interaction between registrars and
>>registrants work more smoothly, which the Committee welcomes.
> 
> Maybe we can create a "sanctions" by the icann, for negligence.

This section is about registrants who get a letter which asks them
to review their WHOIS information.  If the information is ok, they
do nothing.  If the information is wrong, they hopefully fix it. The
fact that there are no sanctions on registrants who don't reply is a
*good* *thing*.

> Maybe it's necesarry a explicited agreement from the user for
> publicated his information.

That may be one of the outcomes of a future process (an unlikely
one, though), but I wouldn't make that kind of statement now.  Let's
restrict ourselves to stating relatively high-level requirements for
future policy, instead of going to the level of detail you seem to

>>trustworthy data users. The review process will also need to
>>take into account legal concerns, such as the ones recently
>>articulated in the European Commission's contribution on WHOIS.
>>The At-Large Advisory Committee considers a review process of
>>the RAA's bulk access provisions a priority, and will contribute
>>to it.

> It's necessary to understand that we have a lot of different
> legislation about privacy or data protection, and different
> degrees in this legislation, 

Yes.  That's precisely why I talked about "legal concerns, *such*
*as* the ones articulated by the EC."

> maybe we can recomended use a complete protection of the data,
> and need a explicited policy by the registrar for take "data"
> from registrants and need a specific "agree" for publicated.

I think that this would be beyond the scope of a comment at this
point of time -- but it would be one option to be looked at in an
issues report.

Regards,
-- 
Thomas Roessler                        <roessler@xxxxxxxxxxxxxxxxxx>