[ALAC] [At-Large] [WHOIS-WG] Thick Whois
Holly Raiche
h.raiche at internode.on.net
Tue Jan 15 21:32:29 UTC 2013
Hi Carlton (and Patrick)
I probably agree with both of you.
The basic requirement must remain on the registrar to collect complete, accurate information from the registrant and on the registrant, for the accuracy of that data. The registrar must also check the accuracy. Privacy laws generally do not restrict the collection of data from individuals and organisations. The rules just ask that, when the information is collected, the information that is collected is only what is necessary for the purpose(s) stated and that the individual is told at the time of collection how the information will be used.
Generally, Privacy laws also allow law enforcement agencies access to data where it is reasonably necessary for the prevention, detection or solving of criminal/fraudulent activities.
So Carlton is right - accurate Whois data must continue to be collected by registrars from registrants - and both parties bear responsibility for that. The issue is one of access to that data. And, again, law enforcement agencies generally have access in defined circumstances to that data.
What WEIRDS will do is provide the differentiated access allowing both of the above requirements to be met:
- individuals can continue to be required to supply accurate data
- registrars can provide that data to law enforcement agencies in defined circumstances - generally spelled out in privacy laws
- registrars can, in other circumstances, not allow access
And yes, Patrick - there are issues for ALAC . They include issues such as how to define those who can have access to data (just law enforcement agencies - however defined? - and just in circumstances where there is a reasonable suspicion or unlawful activity? They also include what information is 'necessary' to be collected (across the board) And should there be different rules for 'private' gTLDs - when WEIRDS will provide a mechanism for privacy protection of data except in defined circumstances.
Carlton's right - the next round of discussions will be fun!!
Holly
On 16/01/2013, at 6:35 AM, Carlton Samuels wrote:
> With respect to gTLDS - purposely draw for distinction against ccTLDs - the
> larger problem is philosophical; the Internet as commons, a resource
> accessible to all peoples. This is about whether we concede rules for the
> commons that all must obey, regardless of provenance, location or how
> exceptional - or worthy of exception - we think we are.
>
> WHOIS is a perfect setting for the evolving tragedy of the commons.
>
> In some ways the .cat business is a red herring, since it has all the
> trappings of a private club and with restricted access. [I can't wait for
> the contest surrounding the so-called 'private' gTLDs in this round.]
>
> Current WHOIS policy commits registrars to collect and store certain pieces
> of data, inclusive of personal data, from all lessees of domain names. We
> call lessees 'registrants' and that data collected the WHOIS 'data set'.
>
> Current policy also compels registrars to make this data available on
> request by one or other means. The policy does not address use thereafter.
> And it expressly redlines access for ordinary Internet users; registrars
> may not place any hindrance whatsoever to their access.
>
> The WHOIS debate surrounds four (4) top-of-mind issues: Compliance, Accuracy,
> Access and Enforcement.
>
> For the arguments to take hold, these are now viewed thru the lens of
> certain 'rights' and 'freedoms', be those justiciable or notional. Never
> the collective responsibilities.
>
> There is the right to privacy, to be left alone, to be anonymous and to be
> forgotten. Like the moving finger of Khayyam's verse, to write and move on.
> Except in this case, to be blotted from consciousness and from memory.
>
> Or, concession granted, to be ignored.
>
> Then there is the right to be informed. And by extending some arguments, to
> be misinformed.
>
> There is the freedom of thought, of conscience and of speech. The freedom
> to freely access information, to impinge or impose one's presence on others
> on the commons without let or hindrance.
>
> All rights and freedoms are equal and indivisible. Some channel Orwell in
> disputation here. They contend some rights are definitely more equal than
> others. The little fellas, sometimes labeled 'usual suspects' are of a
> mind here. They make a self-serving extension to this argument. They say
> tell me what right or freedom it is. And I will tell you how much of it you
> have! Of course, authoritatively speaking.
>
> Some say registrants equal users, the universal set, indivisible. They are
> happy to equate/conflate the needs/objectives of all users with the
> needs/objectives of registrants. And they implicitly accept all
> needs/objectives as benign.
>
> Free peoples everywhere have an unfettered right to redress of grievance;
> the 'knowing' is the beginning for this process.
>
> When these views - or their mashups! - are examined within the WHOIS
> context, they together produce a frothy blend, all the way from the
> philosophical thru the political, even to the far plainly contrarian edge.
>
> Some tend to the philosophical belief that if one chooses to be on the
> commons then there are no rules to which one could be compelled. So
> therefore collection of any data whatsoever, regardless of intended use, is
> a rank violation of rights and privileges to which one is entitled. By
> extension, one readily accepts inaccurate WHOIS data as indignant pushback
> against an oppressive regime and scabrous imposition. As Sir Humphrey might
> have said, a case for 'moral *manoeuvreability*'.
>
> Others believe sure, collect. But until we can guarantee
> use/interpretation of the data, then demand for that data is overreaching.
> They equally fervently hold that to impose pre-screening of anything they
> themselves would place on the commons for whatever purpose is a squalid
> attempt to suppress the several freedoms to which they are born.
>
> And no, we do not need a referee for this conundrum.
>
> Here's the thing. These arguments/beliefs/justifications will not go away
> with another WHOIS data model or an implementation that allows
> 'differentiated access'. For long before we get to the access question,
> there are the questions what to collect and why collect? Someone or thing
> must decide what and why. Even more acutely political, that agency must
> account the context in which these questions must be asked. That exists
> today and the fight is joined.
>
> For sure, the new dispensation that is wished comes with access questions.
> Yes, questions. I can see the battle lines now.
>
> -Carlton
>
> ==============================
> Carlton A Samuels
> Mobile: 876-818-1799
> *Strategy, Planning, Governance, Assessment & Turnaround*
> =============================
>
>
> On Sat, Jan 12, 2013 at 12:05 PM, Patrick Vande Walle <
> patrick at vande-walle.eu> wrote:
>
>> While on the subject, it is worth noting, as Michele Neylon pointed out
>> on his blog, that the .Cat Registry Whois Now Respects EU Privacy Laws
>>
>> http://www.internetnews.me/2013/01/10/cat-registry-whois-now-respects-eu-privacy-laws/
>>
>> Of course, the ICANN process to allow a contracted party to simply obey
>> the law is than optimal. It could be made less burdensome by simply
>> including a one-liner in agreements stating that the the provisions
>> regarding the WHOIS which are contrary to the local law are void.
>>
>> Anyway, this once again demonstrates that the current WHOIS system is
>> broken, and that we need a replacement ASAP. The work on WEIRDS/RDAP is
>> well advanced, as are several open source implementations.
>> It will allow differentiated access. However, it is not up to IETF to
>> draft the policies regarding this. One suggestion the ALAC could make is to
>> start right away with designing the policy side. It will take time. So, the
>> sooner the ICANN community begins, the sooner we will have a working
>> replacement for the WHOIS that will, at the same time, both address the
>> LEAs concerns and repect the fundamental rights to privacy and free speech.
>>
>> --
>> Patrick Vande Walle
>>
>> Twitter: twitter.vande-walle.eu
>> Facebook: facebook.vande-walle.eu
>> LinkedIn: linkedin.vande-walle.eu
>>
>>
>>
>> On 10/01/13 16:52, Carlton Samuels wrote:
>>
>> This questionnaire with its answers reiterates the ALAC's WHOIS positions
>> expressed at multiple times and in many places in this one place.
>>
>> It gets my support.
>>
>> Add the URLs to previous ALAC WHOIS Statements and its good to go.
>>
>> -Carlton
>> Chair, At-Large WHOIS WG
>>
>> ==============================
>> Carlton A Samuels
>> Mobile: 876-818-1799
>> *Strategy, Planning, Governance, Assessment & Turnaround*
>> =============================
>>
>>
>> On Wed, Jan 9, 2013 at 6:14 PM, Alan Greenberg <alan.greenberg at mcgill.ca>wrote:
>>
>>> ALAC input was requested by the ongoing GNSO PDP on mandating a Thick
>>> Whois for all registries. Although previous ALAC statements made it clear
>>> that we were strongly in support of Thick Whois, we had not specifically
>>> addressed all of the issues being discussed in the WG.
>>>
>>> A draft reply can be found at https://community.icann.org/x/kIVZAg.
>>>
>>> Comments welcome, but note that the target reply date was today. I have
>>> said that ALAC would be responding but that we would be late, but quick
>>> action would be appreciated.
>>>
>>> A copy is also attached here for your convenience.
>>> <http://linkedin.vande-walle.eu>
>>
>>
>>
>> _______________________________________________
>> WHOIS-WG mailing list
>> WHOIS-WG at atlarge-lists.icann.org
>> https://atlarge-lists.icann.org/mailman/listinfo/whois-wg
>>
>> WHOIS WG Wiki:
>> https://community.icann.org/display/atlarge/At-Large+Whois+Policy
>>
> _______________________________________________
> At-Large mailing list
> At-Large at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/at-large
>
> At-Large Official Site: http://atlarge.icann.org
More information about the ALAC
mailing list