[alac] Issues at the GNSO public forum: WHOIS
The GNSO public forum will be addressing and providing opportunities for comment and questions on the draft reports on new gTLDs and WHOIS. New gTLDs <http://gnso.icann.org/drafts/GNSO-PDP-Dec05-FR-14Nov06.pdf> (previous email) WHOIS <http://gnso.icann.org/issues/whois-privacy/prelim-tf-rpt-22nov06.htm> Notes on WHOIS: The WHOIS draft report reports the majority view for an "Operational Point of Contact" (OPOC), which would have registrants replace the administrative and technical contacts with one or more OPOC, who could be the registrant or a third party delegated by the registrant. This would enable better contactability and allow the registrant to remove personally identifying information from public display. "The purpose of the operational point of contact is to resolve, or to reliably pass on data to resolve, operational issues relating to a domain name." Registrants would be required to list their own name and country, but would be able to keep other information out of the publicly available WHOIS. (Under both proposals, the information would still be collected.) A minority supported the IP constituency's "Special Circumstances" proposal, under which individual non-commercial registrants could protect privacy only if they "can demonstrate that they have a reasonable basis for concern that public access to specific data about themselves (e.g., name, address, e-mail address, telephone number) that would otherwise be publicly displayed in Whois would jeopardize a concrete and real interest in their personal safety or security that cannot be protected other than by suppressing that public access. An individual would be able to hold special circumstance designation for only a limited number (e.g., 5) gTLD domain names at a time." Proxy services would be disallowed under this proposal. The TF will also discuss recommendations made earlier on compliance with national law, which may require registrars to provide privacy options. Questions: Why (in the special circumstances proposal) are we asking individuals to pay extra for basic privacy rights? How does WHOIS policy accommodate the needs of individual Internet users as domain name registrants? as users of Internet services? Is public display of personal data compatible with national data protection law and public policy? I think we should resist the distinction between commercial and non-commercial registrants because it is unworkable in practice: Is the activist who sells t-shirts to carry his message, or adwords to pay for site hosting a "commercial" user? I have recommended an additional option, that a domain name could be suspended if the registrant did not want to reveal personally identifying information. Enforcement interests (stopping a domain-hosted scam, for example) could be realized even before the registrant was identified, while law enforcement would have all the ordinary tools available to it once it demonstrated there was reason to believe the activity was unlawful. Thanks, --Wendy (sent between reboots, apologies for typos) -- Wendy Seltzer -- wendy@xxxxxxxxxxx Visiting Assistant Professor of Law, Brooklyn Law School Fellow, Berkman Center for Internet & Society http://cyber.law.harvard.edu/seltzer.html Chilling Effects: http://www.chillingeffects.org |