Re: [alac] Proposed ALAC restatement on WHOIS (draft2)
I've revised this to account for comments from Ken and Thomas (the only comments I've heard since posting last Thursday). If committee members agree, can we post this tomorrow, when the WHOIS discussions will be taking place in Carthage? Thanks. --Wendy
Accuracy was only half the equation, with privacy protections the necessary complement. Although we did not then seek to delay enforcement of accuracy requirements, we recommended that work be commenced swiftly to give registrants more and better privacy options. We concluded that: The Task Force's recommendations to systematically enforce the accuracy of WHOIS data shift the existing balance between the interests of data users and data subjects in favor of data users. In an environment where registrants have perceived "inaccurate" data to be one of the most practical methods for protecting their privacy, this shift of balance is reason for concern. It will inevitably increase the need for privacy protection mechanisms to be built into the contractual framework. Unfortunately, there has been no progress since February. Indeed, on the privacy front, there has been regress. Domain name registrants are forbidden from using pseudonyms or fuzzy, "inaccurate" data in order to protect their privacy, yet there are no new safeguards or mechanisms by which they can shield their identifying details from disclosure. As many feared at the time the GNSO mandated stricter enforcement of "accuracy" on registrants and registrars, domain name registrants (including members of the at-large public) lose out. The small businessperson working from a home office must list that home address and telephone number, as must the weblogger who wishes to publish at her own domain name. The political dissident who wants to criticize his country's political regime is told to disclose his identity or find a trustworthy friend who is willing to do so instead. Domain names are indisputably a tool of online expression, on an Internet in which individuals can speak alongside corporations and governments, yet many individuals are chilled by the prospect of signing a "speakers' registry" before they can participate fully. Proxy or escrow services, proposed by many as a privacy solution, have not developed to fill the gap. They do not work in practice, giving up the names of their clients on a mere request; and even in theory they are a poor second-best for registrants seeking full control of their identities. The public deserves better. It is time for ICANN to move forward on privacy. One simple solution, requiring no new infrastructure, would be to make all data fields in WHOIS optional, allowing domain name registrants themselves to make the choice between contactability and privacy. A more complete solution would also permit registrants to give accurate information to their registrars without putting that into the generally-accessible WHOIS (the online equivalent of an unlisted telephone number).
|