[APAC-Discuss] [At-Large] [ALAC] Thick Whois PDP
Avri Doria
avri at acm.org
Thu Sep 20 12:59:24 UTC 2012
(I am sure that my email won't make it to all the cc'ed lists)
Hi,
Isn't this the April motion?
At this point I am on a Drafting Team that is working on the charter for the Whois PDP.
I think Alan is a co-chair of this group.
I am confused.
avri
On 20 Sep 2012, at 02:50, Salanieta T. Tamanikaiwaimaro wrote:
> Dear Holly,
>
> I hear you and recognise the hard slog and toil that has been done by At
> Large. Whilst the Analysis on the recommendations from the Whois Review
> Final Report ("Report") has been done, there is still a huge delay in the
> implementation of its recommendations.
>
> Alan has advised me that the PDP for the Thick Whois will be after Toronto.
> There may be things that the Working Group can start doing now prior to the
> initiation of the PDP whether it means consolidation of material etc.
>
> Of critical importance in my view is to gather feedback from the At Large
> in terms of:-
>
> - Whois Misuse
> - Whois Proxy and Privacy Abuse;
> - Whois Registrant Identification;
> - Whois Proxy and Privacy Relay and Reveal
>
> Noting that there are currently Studies being carried out by the GNSO which
> the Report had mentioned would conclude in 2012 but we are finding out will
> conclude in 2013. No doubt, this will affect the PDP as we can reasonably
> forecast that any PDP will wait for these Reports to come out.
>
> As you can imagine, I would assume that the Studies would be published and
> call for comments may be invited that could only potentially serve to delay
> the process. To help quicken this process, if the GAC and the ALAC got
> their act together and strategically sent "Input" as far as these focal
> areas are concerned, it could only serve to expedite the process.
>
> My view is that we can start building on what we already have (and we have
> alot, including the things that Carlton had pointed to), identify and
> gather what we don't have and prepare for the PDP. I am of the belief that
> whilst alot has been done, there is still alot to be done.
>
> Kind Regards,
> Sala
>
> P.S I am enclosing my review of the recommendations of the Report as I
> received requests offlist to clarify some of the things I had raised.
>
>
> These are my personal views on the Recommendations within the *Whois Review
> Final Report 2010*. I had shared this with the ALAC when we were asked for
> feedback and thought it would be appropriate to share this here as well. I
> have modified this slightly.
>
> *Recommendation1: To Make Whois a Strategic Priority*
>
> The commissioning of the Review by ICANN is an indication of the strategic
> importance and manner in which the Review Team was constituted. However,
> ICANN needs to monitor and evaluate the implementation process. As far as
> the GNSO is concerned they have following advice from the GAC undertaken to
> do four studies[1]<https://mail.google.com/mail/u/0/?ui=2&view=bsp&ver=ohhl4rw8mbn4#139a4561c7e803d8__ftn1>
> namely
> the Whois Misuse Study; Whois Proxy and Privacy Abuse; Whois Registrant
> Identification and Whois Proxy & Privacy Relay and Reveal Study which the
> Report says is due for completion in 2012 and cost $530,000.
>
>
> I would recommend that issues that At Large has aerated relating to any of
> these areas that are currently being studied be consolidated and sent to
> those carrying out these Studies. We do not have to wait for the Studies to
> be finalized before we realize that they may be missing certain things. I
> know that Garth Bruen has for years alongside others such as Beau Brendtler
> been consistently through NARALO and At Large been raising these issues
> with Compliance.
>
>
>
> I note that the website says that some of these Studies will conclude in
> 2013. On the same token, if the Affirmation of Commitment is followed to
> the letter, the next Whois Review is in 2013.
>
>
>
> I can only hypothesize that to the extent that this would affect existing
> consensus Policies, then parts of the PDP may apply. However, if the
> existing consensus policies namely:-
>
>
> - · Whois Data Reminder Policy (2003);
> - · The Restored Name Accuracy Policy (2004); and
> - · Whois Marketing Restriction Policy (2004)
>
>
>
> address in principle areas that may require a PDP process then we should be
> open to that. I understand that this may be a negligible caveat.
>
>
>
> *Recommendation 2 Single Whois Policy*
>
> The Report mentions that there is a current gTLD Policy as set out in the
> gTLD Registry and Registrar contracts and GNSP Consensus Policies and
> Procedures. So there may be no need for the PDP to be initiated.
>
>
>
> *Recommendation 3 Outreach*
>
>
>
> There is no need for a gNSO Policy development. Whilst* *there may not be
> need for a gNSO Policy for Outreach the Report does identify the need to
> move beyond the confines of the ICANN community to involve them. Although I
> read the report, I did not read the Appendix and note that in terms of
> studies done on consumers from 8-10 countries, it was unclear from the
> report which countries were selected and it would have been good to have it
> footnoted like the rest of the other stuff. Whilst I note that OECD is an
> observer in the GAC, they did not make submissions to the Whois Review
> Team. The OECD Ottawa principles on taxation make mention of Whois.
>
>
>
> See: OECD Ottawa Principles here:
> http://www.oecd.org/tax/taxadministration/20499630.pdf on
>
> Report on page 27 that makes reference to Whois data, here is a snapshot:
>
>
>
> *" Revenue authorities are encouraged to work with relevant government *
>
> *regulatory agencies, business associations and other organisations to *
>
> *ensure businesses engaged in e-commerce provide and maintain *
>
> *complete and accurate information to the Internet registrar with which *
>
> *they register. *
>
> *Revenue authorities are encouraged to work with relevant government *
>
> *regulatory agencies, business associations and other organisations to *
>
> *ensure that country code Top Level Domain registrars for their *
>
> *geographic jurisdictions abide by internationally recognised registrar *
>
> *requirements in respect to the collection, verification and global *
>
> *availability of WHOIS data for business registrations. *
>
> *Revenue authorities are encouraged to work with relevant government *
>
> *regulatory agencies, business associations and other organisations to *
>
> *ensure that the Internet Corporation for Assigned Names and *
>
> *Numbers (ICANN) considers on a periodic basis whether regular pre *
>
> *or post verification of WHOIS data by registrars is warranted in *
>
> *certain circumstances. "*
>
>
>
>
>
> I assume that the definition of law enforcement covers Revenue Authorities,
> if it does not then that is something which should be considered.
>
>
>
>
>
> *Recommendation 4 Compliance*
>
>
>
> There is no need for a GNSO Policy to be initiated. My view is that there
> only needs to be self regulatory measures put in place by Registrars and I
> commend the CINC for reporting 97% accuracy levels. My view is that there
> needs to be gold stars [image: https://mail.google.com/mail/e/B68][image:
> https://mail.google.com/mail/e/B68] handed out by ICANN to Registrars and
> Resellers who comply. This can be published and verified independently on
> the ICANN website. There can also be incentives such as if you don't meet
> acceptable compliance levels and don't have clear plans that meet ICANN's
> satisfaction, please don't bother applying for a gTLD. I would also hasten
> to endorse the findings within the Report to review and improve all
> relevant compliance tools and create new ones where necessary before the
> gTLDs are assigned and become operational. Who knows maybe this lag time of
> waiting can be put to good use.
>
>
>
> The recommended revisions made in the WHOIS Review Final Report about
> adjustments to the Registrar Accredited Agreements should also be factored
> into our discussions.
>
>
>
> *Recommendation 5 Data Accuracy [Communicate Need]*
>
> The outcomes of the Studies currently being undertaken by the GNSO coupled
> with the NORC Study will definitely form the empirical basis necessary for
> further policy development in this area both by the GNSO and also by ICANN.
> Data Accuracy is critical in order to navigate through the Internet with
> ease. To a large extent, this is self regulatory and with countries all
> around the world creating Strategies to secure their Cyber Environment, it
> is only a matter of time before it is legislated. To avoid external
> regulations forcing data accuracy it is much more easier and productive to
> ensure that there is data accuracy. It is of great concern that the NORC
> Report shows a 23% no failure rate and 20% full failure and I wonder about
> the 57%. I think Data Accuracy is all our responsibility and not just
> Registrars but a collective corporate responsibility issue. I agree with
> the suggestion by the Business Community (see page 85 of the Report) that
> the RAA should be amended to make it mandatory for contracted parties to
> verify WHOIS information when registration occurs and when domain names are
> renewed. I would add though that is and when there are planned transitions
> where there are cut off dates for renewing and updating their information
> that this can also be worded into the RAA to enable Registrars to have
> sufficient room to issue notices of that nature. For this to work, it will
> require a Policy and yes either from the GNSO or ICANN so that this can be
> referred to in the contractual arrangements.
>
>
> *Recommendation 6 Data Accuracy:*
>
> I would say that there is a need for the GNSO to create a PDP to ensure
> that there is Data Accuracy. To a large extent compliance in relation to
> data accuracy has been self regulatory and dependent on the Registrars.
> Were this to be taken away and (best case scenario: ICANN Compliance; worst
> case scenario: legislated) it would mean transition to increasing accuracy,
> voluntary or otherwise would be enforced. It follows that as per the
> recommendation in report (see page 87 para 11], "ICANN should take
> appropriate measures to reduce the number of WHOIS registrations that fall
> into the accuracy groups Substantial Failure and Full Failure (as defined
> by the NORC Data Accuracy Study, 2009/10) by 50% within 12 months and by
> 50% again over the following 12 months", it is far more beneficial and
> useful to manage this process internally.
>
>
>
> *Recommendation 7 Measure and Report Whois Accuracy*
>
> My comments remain the same as for Recommendation 6
>
>
>
> *Recommendation 8 Ensure that Compliance has tools to enforce Whois*
>
>
>
> There was a comment made by the Commercial Stakeholders Group in Singapore
> where they raised and in my view correctly the fact that private
> regulations are based on the ability to self regulate and enforce
> contractual obligations. There has been much debate and discussion in
> relation to strengthening the Compliance Team and giving them tools. My
> personal view is that all you need is a MS Excel spreadsheet, a phone, a
> clear tangible strategy for various regions in the world and they have more
> than enough tools necessary to get the job done. In simple speak, if they
> can't enforce compliance change the team. It is not an extraordinarily
> complex thing to enforce contracts. I am also not sure whether you need a
> policy for this. Do we need a policy to show us how to clean our
> kitchen? Incremental sanctions that are mentioned in page 68 of the Report
> are relevant. [Please excuse the sarcasm, it's the lack of sleep talking]
> Yes whilst I agree that the stick approach which is de-registration and
> de-accreditation, I personally feel that even without these additional
> revisions and provisions expressly woven into the contract by virtue of
> ICANN issuing a Notice to all Registrars to update their records is the
> equivalent of a legal notice as "someone" who is assigning names and
> numbers.
>
>
>
> *Recommendation 9 Data Accuracy: Track Impact of Whois Data Reminder Policy
> and Possible Replacement*
>
>
>
> The Report clearly outlines the fact that the Whois Data Reminder Policy so
> without a doubt there is need to review and revise the Policy. I would say,
> yes GNSO much initiate discussions. To save time there may be things within
> the Reminder Policy that do not need to be debated again although there is
> always the exception. There are many models of doing things and Registrars
> can select what works for them and it would help to at least outline a few
> generic ones. At the moment, I can deduce that the focus has been based on
> the actual "data" and if one methodology does'nt work, there should be
> enough innovation to suggest alternative methods that can be either
> customer centric or otherwise.
>
>
> *Recommendation 10 Data Access, Privacy and Proxy Services*
>
>
>
> Aside from the legitimate privacy and data protection arguments which were
> raised by virtually everyone that participated, there was only one instance
> in my view of reading the Whois Final Review where a common sense
> sustainable approach could form the baseline of discussions.
>
>
>
> To this end, I had suggested to the ALAC that a Draft Policy should be
> created by the GNSO modelled around the findings Council of European
> National TLD Registries as a starting point for policy discussion. As I
> read the updates of the Negotiations on the RAA. Negotiations and all
> negotiations involving the RAA are legitimate but there should not be
> unnecessary delay in adopting what are accepted baselines in domestic and
> national laws. It is not only a waste of time but “stalling the inevitable”
> on one view.
>
>
>
>
>
>
>
> *Recommendation 11 Internic*
>
> I think that this should be factored into the Strategy for Transition. I am
> not sure whose responsibility this is whether this is ICANN's or the GNSO
> or the entire community.
>
>
>
> *Recommendations 12-14 IDNs*
>
>
>
> It would be good to get some feedback on current work being done within the
> IETF on whether the Whois Protocol has been revised or modified. I have
> noted the comments that the Whois Protocol has no support for non-ASCII
> characters (see page 91) and also note the Review Team's comments that the
> failure to maintain registration data is not attributed to the failure of
> IDNs but just management of registration data.
>
>
>
> *Recommendation 15 Detailed and Comprehensive Plan*
>
>
>
> I gather that ICANN has yet to produce this Detailed and Comprehensive
> Plan. I do not think that PDP is needed. However, I could be wrong. I would
> suggest that in the event that ICANN has yet to draft one, why don't we
> initiate drafting this plan and handing it to the community. Should'nt take
> more than a week to produce a first draft. All the materials and resources
> needed are available already.
>
>
>
> *Recommendation 16 Annual Report*
>
> The recommendation within the report is too ambigious and perhaps it was
> meant to be that way so that it is broad and you can include anything you
> like. The downside is that if you don't spell out what you want precisely,
> you can also get nothing. So there's a question of balance.
>
>
>
> ------------------------------
>
> [1]<https://mail.google.com/mail/u/0/?ui=2&view=bsp&ver=ohhl4rw8mbn4#139a4561c7e803d8__ftnref1>
> http://gnso.icann.org/en/issues/whois/studies
>
>
>
> On Thu, Sep 20, 2012 at 5:16 PM, Holly Raiche <h.raiche at internode.on.net>wrote:
>
>> Hi Everyone
>>
>> If we have anything to say, it should deep disappointment and deep
>> frustration at the delay in the GNSO doing anything on this issue. Carlton
>> has referred to the ALAC statement on the think Whois. We also commented
>> on the .com and .net contracts - decrying the fact that they did not
>> require a think Whois, even through all new gTLDs require it. We have also
>> urged (and continue to urge) implementation of the Final Final Whois report
>> (we replied to the Board with a list of recommendations that should be
>> implemented ASAP). Yes, there are outstanding pieces to the Whois issue.
>> But if you read the motion - it is a litany of calls for action, and
>> delays by GNSO. Isn't it time to say enough is enough. No more analysis,
>> no more comment. We have done that. Maybe something planted under every
>> seat of every GNSO member so that something happens.
>>
>> Holly
>>
>>
>> On 20/09/2012, at 9:19 AM, Salanieta T. Tamanikaiwaimaro wrote:
>>
>>> Dear All,
>>>
>>> For consideration of the working group:
>>>
>>> Given the GNSO Council Motion which I have copied below where it was
>>> resolved that the Thick Whois PDP would be delayed following the first
>> GNSO
>>> Council meeting after 30 November 2012, I thought I would suggest the
>>> following:-
>>>
>>>
>>> - Preparing and Receiving Community Input;
>>> - Analysis of Recommendations made by the Whois Review Final Report;
>>> - Channelling issues raised within the At Large on Thick Whois into the
>>> Wiki space;
>>> - Requesting for feedback on current studies carried out by GNSO and
>>> give input into current studies being carried out.
>>>
>>>
>>> *20120412 - 1*
>>>
>>> Motion to delay the 'thick' Whois Policy Development Process
>>>
>>> Whereas the GNSO Council requested an Issue Report on 'thick' Whois at
>> its
>>> meeting on 22 September 2011 (see
>> http://gnso.icann.org/resolutions/#201109
>>> );
>>>
>>> Whereas a Preliminary Issue Report on 'thick' Whois was prepared by staff
>>> and posted on 21 November 2011 for public comment (see
>>> http://www.icann.org/en/announcements/announcement-2-21nov11-en.htm);
>>>
>>> Whereas a Final Issue Report on 'thick' Whois was published on 2 February
>>> 2012 (see
>>>
>> http://gnso.icann.org/issues/whois/final-report-thick-whois-02feb12-en.pdf
>> );
>>>
>>> Whereas the Final Issue Report recommends that the GNSO Council proceed
>>> with a Policy Development Process limited to consideration of the issues
>>> discussed in this report, and the General Counsel of ICANN has indicated
>>> the topic is properly within the scope of the ICANN policy process and
>>> within the scope of the GNSO;
>>>
>>> Whereas the GNSO Council initiated a Policy Development Process at its
>>> meeting of 14 March 2012 (seehttp://
>> gnso.icann.org/resolutions/#20120314-1);
>>>
>>> Whereas at its wrap up session on 15 March, taking into account the
>> current
>>> workload of the GNSO community, the GNSO Council voiced support for a
>> delay
>>> in the start of the PDP until both ICANN staff and GNSO resources are
>>> available to deal with this.
>>>
>>> THEREFORE BE IT:
>>>
>>> Resolved, the next step (creating a drafting team to develop a charter)
>> of
>>> the 'thick' Whois PDP will be delayed until the first GNSO Council
>> meeting
>>> after 30 November 2012.
>>>
>>>
>>>
>>> Thanks and Kind Regards,
>>> Sala
>>>
>>>
>>> --
>>> Salanieta Tamanikaiwaimaro aka Sala
>>> P.O. Box 17862
>>> Suva
>>> Fiji
>>>
>>> Twitter: @SalanietaT
>>> Skype:Salanieta.Tamanikaiwaimaro
>>> Fiji Cell: +679 998 2851
>>> _______________________________________________
>>> ALAC mailing list
>>> ALAC at atlarge-lists.icann.org
>>> https://atlarge-lists.icann.org/mailman/listinfo/alac
>>>
>>> At-Large Online: http://www.atlarge.icann.org
>>> ALAC Working Wiki:
>> https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)
>>
>>
>> _______________________________________________
>> APAC-Discuss mailing list
>> APAC-Discuss at atlarge-lists.icann.org
>> https://atlarge-lists.icann.org/mailman/listinfo/apac-discuss
>>
>> Homepage for the region: http://www.apralo.org
>>
>
>
>
> --
> Salanieta Tamanikaiwaimaro aka Sala
> P.O. Box 17862
> Suva
> Fiji
>
> Twitter: @SalanietaT
> Skype:Salanieta.Tamanikaiwaimaro
> Fiji Cell: +679 998 2851
> _______________________________________________
> At-Large mailing list
> At-Large at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/at-large
>
> At-Large Official Site: http://atlarge.icann.org
>
More information about the APAC-Discuss
mailing list