[APAC-Discuss] [At-Large] [ALAC] Thick Whois PDP

Alan Greenberg alan.greenberg at mcgill.ca
Thu Sep 20 13:19:41 UTC 2012


It made it to this list and I am confused as well.  Alan

At 20/09/2012 08:59 AM, Avri Doria wrote:
>(I am sure that my email won't make it to all the cc'ed lists)
>
>Hi,
>
>Isn't this the April motion?
>
>At this point I am on a Drafting Team that is 
>working on the charter for the Whois PDP.
>
>I think Alan is a co-chair of this group.
>
>I am confused.
>
>avri
>
>
>On 20 Sep 2012, at 02:50, Salanieta T. Tamanikaiwaimaro wrote:
>
> > Dear Holly,
> >
> > I hear you and recognise the hard slog and toil that has been done by At
> > Large. Whilst the Analysis on the recommendations from the Whois Review
> > Final Report ("Report") has been done, there is still a huge delay in the
> > implementation of its recommendations.
> >
> > Alan has advised me that the PDP for the Thick Whois will be after Toronto.
> > There may be things that the Working Group can start doing now prior to the
> > initiation of the PDP whether it means consolidation of material etc.
> >
> > Of critical importance in my view is to gather feedback from the At Large
> > in terms of:-
> >
> >   - Whois Misuse
> >   - Whois Proxy and Privacy Abuse;
> >   - Whois Registrant Identification;
> >   - Whois Proxy and Privacy Relay and Reveal
> >
> > Noting that there are currently Studies being carried out by the GNSO which
> > the Report had mentioned would conclude in 2012 but we are finding out will
> > conclude in 2013. No  doubt, this will affect the PDP as we can reasonably
> > forecast that any PDP will wait for these Reports to come out.
> >
> > As you can imagine, I would assume that the Studies would be published and
> > call for comments may be invited that could only potentially serve to delay
> > the process. To help quicken this process, if the GAC and the ALAC got
> > their act together and strategically sent "Input" as far as these focal
> > areas are concerned, it could only serve to expedite the process.
> >
> > My view is that  we can start building on what we already have (and we have
> > alot, including the things that Carlton had pointed to), identify and
> > gather what we don't have and prepare for the PDP. I am of the belief that
> > whilst alot has been done, there is still alot to be done.
> >
> > Kind Regards,
> > Sala
> >
> > P.S I am enclosing my review of the recommendations of the Report as I
> > received requests offlist to clarify some of the things I had raised.
> >
> >
> > These are my personal views on the Recommendations within the *Whois Review
> > Final Report 2010*. I had shared this with the ALAC when we were asked for
> > feedback and thought it would be appropriate to share this here as well. I
> > have modified this slightly.
> >
> > *Recommendation1: To Make Whois a Strategic Priority*
> >
> > The commissioning of the Review by ICANN is an indication of the strategic
> > importance and manner in which the Review Team was constituted. However,
> > ICANN needs to monitor and evaluate the implementation process. As far as
> > the GNSO is concerned they have following advice from the GAC undertaken to
> > do four 
> studies[1]<https://mail.google.com/mail/u/0/?ui=2&view=bsp&ver=ohhl4rw8mbn4#139a4561c7e803d8__ftn1>
> > namely
> > the Whois Misuse Study; Whois Proxy and Privacy Abuse; Whois Registrant
> > Identification and Whois Proxy & Privacy Relay and Reveal Study which the
> > Report says is due for completion in 2012 and cost $530,000.
> >
> >
> > I would recommend that issues that At Large has aerated relating to any of
> > these areas that are currently being studied be consolidated and sent to
> > those carrying out these Studies. We do not have to wait for the Studies to
> > be finalized before we realize that they may be missing certain things. I
> > know that Garth Bruen has for years alongside others such as Beau Brendtler
> > been consistently through NARALO and At Large been raising these issues
> > with Compliance.
> >
> >
> >
> > I note that the website says that some of these Studies will conclude in
> > 2013. On the same token, if the Affirmation of Commitment is followed to
> > the letter, the next Whois Review is in 2013.
> >
> >
> >
> > I can only hypothesize that to the extent that this would affect existing
> > consensus Policies, then parts of the PDP may apply. However, if the
> > existing consensus policies namely:-
> >
> >
> >   - ·       Whois Data Reminder Policy (2003);
> >   - ·         The Restored Name Accuracy Policy (2004); and
> >   - ·         Whois Marketing Restriction Policy (2004)
> >
> >
> >
> > address in principle areas that may require a PDP process then we should be
> > open to that. I understand that this may be a negligible caveat.
> >
> >
> >
> > *Recommendation 2 Single Whois Policy*
> >
> > The Report mentions that there is a current gTLD Policy as set out in the
> > gTLD Registry and Registrar contracts and GNSP Consensus Policies and
> > Procedures. So there may be no need for the PDP to be initiated.
> >
> >
> >
> > *Recommendation 3 Outreach*
> >
> >
> >
> > There is no need for a gNSO Policy development. Whilst* *there may not be
> > need for a gNSO Policy for Outreach the Report does identify the need to
> > move beyond the confines of the ICANN community to involve them. Although I
> > read the report, I did not read the Appendix and note that in terms of
> > studies done on consumers from 8-10 countries, it was unclear from the
> > report which countries were selected and it would have been good to have it
> > footnoted like the rest of the other stuff. Whilst I note that OECD is an
> > observer in the GAC, they did not make submissions to the Whois Review
> > Team. The OECD Ottawa principles on taxation make mention of Whois.
> >
> >
> >
> > See: OECD Ottawa Principles here:
> > http://www.oecd.org/tax/taxadministration/20499630.pdf on
> >
> > Report on page 27 that makes reference to Whois data, here is a snapshot:
> >
> >
> >
> > *" Revenue authorities are encouraged to work with relevant government *
> >
> > *regulatory agencies, business associations and other organisations to *
> >
> > *ensure businesses engaged in  e-commerce provide and maintain *
> >
> > *complete and accurate information to the Internet registrar with which *
> >
> > *they register.  *
> >
> > *Revenue authorities are encouraged to work with relevant government *
> >
> > *regulatory agencies, business associations and other organisations to *
> >
> > *ensure that country code Top Level Domain registrars for their *
> >
> > *geographic jurisdictions abide by internationally recognised registrar *
> >
> > *requirements in respect to the collection, verification and global *
> >
> > *availability of WHOIS data for business registrations.  *
> >
> > *Revenue authorities are encouraged to work with relevant government *
> >
> > *regulatory agencies, business associations and other organisations to *
> >
> > *ensure that the Internet Corporation for Assigned Names and *
> >
> > *Numbers (ICANN) considers on a periodic basis whether regular pre *
> >
> > *or post verification of WHOIS data by registrars is warranted in *
> >
> > *certain circumstances.  "*
> >
> >
> >
> >
> >
> > I assume that the definition of law enforcement covers Revenue Authorities,
> > if it does not then that is something which should be considered.
> >
> >
> >
> >
> >
> > *Recommendation 4 Compliance*
> >
> >
> >
> > There is no need for a GNSO Policy to be initiated. My view is that there
> > only needs to be self regulatory measures put in place by Registrars and I
> > commend the CINC for reporting 97% accuracy levels. My view is that there
> > needs to be gold stars [image: https://mail.google.com/mail/e/B68][image:
> > https://mail.google.com/mail/e/B68] handed out by ICANN to Registrars and
> > Resellers who comply. This can be published and verified independently on
> > the ICANN website. There can also be incentives such as if you don't meet
> > acceptable compliance levels and don't have clear plans that meet ICANN's
> > satisfaction, please don't bother applying for a gTLD. I would also hasten
> > to endorse the findings within the Report to review and improve all
> > relevant compliance tools and create new ones where necessary before the
> > gTLDs are assigned and become operational. Who knows maybe this lag time of
> > waiting can be put to good use.
> >
> >
> >
> > The recommended revisions made in the WHOIS Review Final Report about
> > adjustments to the Registrar Accredited Agreements should also be factored
> > into our discussions.
> >
> >
> >
> > *Recommendation 5 Data Accuracy [Communicate Need]*
> >
> > The outcomes of the Studies currently being undertaken by the GNSO coupled
> > with the NORC Study will definitely form the empirical basis necessary for
> > further policy development in this area both by the GNSO and also by ICANN.
> > Data Accuracy is critical in order to navigate through the Internet with
> > ease. To a large extent, this is self regulatory and with countries all
> > around the world creating Strategies to secure their Cyber Environment, it
> > is only a matter of time before it is legislated. To avoid external
> > regulations forcing data accuracy it is much more easier and productive to
> > ensure that there is data accuracy. It is of great concern that the NORC
> > Report shows a 23% no failure rate and 20% full failure and I wonder about
> > the 57%. I think Data Accuracy is all our responsibility and not just
> > Registrars but a collective corporate responsibility issue. I agree with
> > the suggestion by the Business Community (see page 85 of the Report) that
> > the RAA should be amended to make it mandatory for contracted parties to
> > verify WHOIS information when registration occurs and when domain names are
> > renewed. I would add though that is and when there are planned transitions
> > where there are cut off dates for renewing and updating their information
> > that this can also be worded into the RAA to enable Registrars to have
> > sufficient room to issue notices of that nature. For this to work, it will
> > require a Policy and yes either from the GNSO or ICANN so that this can be
> > referred to in the contractual arrangements.
> >
> >
> > *Recommendation 6 Data Accuracy:*
> >
> > I would say that there is a need for the GNSO to create a PDP to ensure
> > that there is Data Accuracy. To a large extent compliance in relation to
> > data accuracy has been self regulatory and dependent on the Registrars.
> > Were this to be taken away and (best case scenario: ICANN Compliance; worst
> > case scenario: legislated) it would mean transition to increasing accuracy,
> > voluntary or otherwise would be enforced. It follows that as per the
> > recommendation in report (see page 87 para 11], "ICANN should take
> > appropriate measures to reduce the number of WHOIS registrations that fall
> > into the accuracy groups Substantial Failure and Full Failure (as defined
> > by the NORC Data Accuracy Study, 2009/10) by 50% within 12 months and by
> > 50% again over the following 12 months", it is far more beneficial and
> > useful to manage this process internally.
> >
> >
> >
> > *Recommendation 7 Measure and Report Whois Accuracy*
> >
> > My comments remain the same as for Recommendation 6
> >
> >
> >
> > *Recommendation 8 Ensure that Compliance has tools to enforce Whois*
> >
> >
> >
> > There was a comment made by the Commercial Stakeholders Group in Singapore
> > where they raised and in my view correctly the fact that private
> > regulations are based on the ability to self regulate and enforce
> > contractual obligations. There has been much debate and discussion in
> > relation to strengthening the Compliance Team and giving them tools. My
> > personal view is that all you need is a MS Excel spreadsheet, a phone, a
> > clear tangible strategy for various regions in the world and they have more
> > than enough tools necessary to get the job done. In simple speak, if they
> > can't enforce compliance change the team. It is not an extraordinarily
> > complex thing to enforce contracts. I am also not sure whether you need a
> > policy for this. Do we need a policy to show us how to clean our
> > kitchen? Incremental sanctions that are mentioned in page 68 of the Report
> > are relevant. [Please excuse the sarcasm, it's the lack of sleep talking]
> > Yes whilst I agree that the stick approach which is de-registration and
> > de-accreditation, I personally feel that even without these additional
> > revisions and provisions expressly woven into the contract by virtue of
> > ICANN issuing a Notice to all Registrars to update their records is the
> > equivalent of a legal notice as "someone" who is assigning names and
> > numbers.
> >
> >
> >
> > *Recommendation 9 Data Accuracy: Track Impact of Whois Data Reminder Policy
> > and Possible Replacement*
> >
> >
> >
> > The Report clearly outlines the fact that the Whois Data Reminder Policy so
> > without a doubt there is need to review and revise the Policy. I would say,
> > yes GNSO much initiate discussions. To save time there may be things within
> > the Reminder Policy that do not need to be debated again although there is
> > always the exception. There are many models of doing things and Registrars
> > can select what works for them and it would help to at least outline a few
> > generic ones. At the moment, I can deduce that the focus has been based on
> > the actual "data" and if one methodology does'nt work, there should be
> > enough innovation to suggest alternative methods that can be either
> > customer centric or otherwise.
> >
> >
> > *Recommendation 10 Data Access, Privacy and Proxy Services*
> >
> >
> >
> > Aside from the legitimate privacy and data protection arguments which were
> > raised by virtually everyone that participated, there was only one instance
> > in my view of reading the Whois Final Review where a common sense
> > sustainable approach could form the baseline of discussions.
> >
> >
> >
> > To this end, I had suggested to the ALAC that a Draft Policy should be
> > created by the GNSO modelled around the findings Council of European
> > National TLD Registries as a starting point for policy discussion. As I
> > read the updates of the Negotiations on the RAA. Negotiations and all
> > negotiations involving the RAA are legitimate but there should not be
> > unnecessary delay in adopting what are accepted baselines in domestic and
> > national laws. It is not only a waste of time but “stalling the inevitable”
> > on one view.
> >
> >
> >
> >
> >
> >
> >
> > *Recommendation 11 Internic*
> >
> > I think that this should be factored into the Strategy for Transition. I am
> > not sure whose responsibility this is whether this is ICANN's or the GNSO
> > or the entire community.
> >
> >
> >
> > *Recommendations 12-14 IDNs*
> >
> >
> >
> > It would be good to get some feedback on current work being done within the
> > IETF on whether the Whois Protocol has been revised or modified. I have
> > noted the comments that the Whois Protocol has no support for non-ASCII
> > characters (see page 91) and also note the Review Team's comments that the
> > failure to maintain registration data is not attributed to the failure of
> > IDNs but just management of registration data.
> >
> >
> >
> > *Recommendation 15 Detailed and Comprehensive Plan*
> >
> >
> >
> > I gather that ICANN has yet to produce this Detailed and Comprehensive
> > Plan. I do not think that PDP is needed. However, I could be wrong. I would
> > suggest that in the event that ICANN has yet to draft one, why don't we
> > initiate drafting this plan and handing it to the community. Should'nt take
> > more than a week to produce a first draft. All the materials and resources
> > needed are available already.
> >
> >
> >
> > *Recommendation 16 Annual Report*
> >
> > The recommendation within the report is too ambigious and perhaps it was
> > meant to be that way so that it is broad and you can include anything you
> > like. The downside is that if you don't spell out what you want precisely,
> > you can also get nothing. So there's a question of balance.
> >
> >
> >
> > ------------------------------
> >
> > 
> [1]<https://mail.google.com/mail/u/0/?ui=2&view=bsp&ver=ohhl4rw8mbn4#139a4561c7e803d8__ftnref1>
> > http://gnso.icann.org/en/issues/whois/studies
> >
> >
> >
> > On Thu, Sep 20, 2012 at 5:16 PM, Holly Raiche 
> <h.raiche at internode.on.net>wrote:
> >
> >> Hi Everyone
> >>
> >> If we have anything to say, it should deep disappointment and deep
> >> frustration at the delay in the GNSO doing 
> anything on this issue.  Carlton
> >> has referred to the ALAC statement on the think Whois.  We also commented
> >> on the .com and .net contracts - decrying the fact that they did not
> >> require a think Whois, even through all new gTLDs require it. We have also
> >> urged (and continue to urge) implementation 
> of the Final Final Whois report
> >> (we replied to the Board with a list of recommendations that should be
> >> implemented ASAP). Yes, there are outstanding pieces to the Whois issue.
> >> But if you read the motion - it is a litany of calls for action, and
> >> delays by GNSO.  Isn't it time to say enough is enough.  No more analysis,
> >> no more comment.  We have done that. Maybe something planted under every
> >> seat of every GNSO member so that something happens.
> >>
> >> Holly
> >>
> >>
> >> On 20/09/2012, at 9:19 AM, Salanieta T. Tamanikaiwaimaro wrote:
> >>
> >>> Dear All,
> >>>
> >>> For consideration of the working group:
> >>>
> >>> Given the GNSO Council Motion which I have copied below where it was
> >>> resolved that the Thick Whois PDP would be delayed following the first
> >> GNSO
> >>> Council meeting after 30 November 2012, I thought I would suggest the
> >>> following:-
> >>>
> >>>
> >>>  - Preparing and Receiving Community Input;
> >>>  - Analysis of Recommendations made by the Whois Review Final Report;
> >>>  - Channelling issues raised within the At Large on Thick Whois into the
> >>>  Wiki space;
> >>>  - Requesting for feedback on current studies carried out by GNSO and
> >>>  give input into current studies being carried out.
> >>>
> >>>
> >>> *20120412 - 1*
> >>>
> >>> Motion to delay the 'thick' Whois Policy Development Process
> >>>
> >>> Whereas the GNSO Council requested an Issue Report on 'thick' Whois at
> >> its
> >>> meeting on 22 September 2011 (see
> >> http://gnso.icann.org/resolutions/#201109
> >>> );
> >>>
> >>> Whereas a Preliminary Issue Report on 'thick' Whois was prepared by staff
> >>> and posted on 21 November 2011 for public comment (see
> >>> http://www.icann.org/en/announcements/announcement-2-21nov11-en.htm);
> >>>
> >>> Whereas a Final Issue Report on 'thick' Whois was published on 2 February
> >>> 2012 (see
> >>>
> >> http://gnso.icann.org/issues/whois/final-report-thick-whois-02feb12-en.pdf
> >> );
> >>>
> >>> Whereas the Final Issue Report recommends that the GNSO Council proceed
> >>> with a Policy Development Process limited to consideration of the issues
> >>> discussed in this report, and the General Counsel of ICANN has indicated
> >>> the topic is properly within the scope of the ICANN policy process and
> >>> within the scope of the GNSO;
> >>>
> >>> Whereas the GNSO Council initiated a Policy Development Process at its
> >>> meeting of 14 March 2012 (seehttp://
> >> gnso.icann.org/resolutions/#20120314-1);
> >>>
> >>> Whereas at its wrap up session on 15 March, taking into account the
> >> current
> >>> workload of the GNSO community, the GNSO Council voiced support for a
> >> delay
> >>> in the start of the PDP until both ICANN staff and GNSO resources are
> >>> available to deal with this.
> >>>
> >>> THEREFORE BE IT:
> >>>
> >>> Resolved, the next step (creating a drafting team to develop a charter)
> >> of
> >>> the 'thick' Whois PDP will be delayed until the first GNSO Council
> >> meeting
> >>> after 30 November 2012.
> >>>
> >>>
> >>>
> >>> Thanks and Kind Regards,
> >>> Sala
> >>>
> >>>
> >>> --
> >>> Salanieta Tamanikaiwaimaro aka Sala
> >>> P.O. Box 17862
> >>> Suva
> >>> Fiji
> >>>
> >>> Twitter: @SalanietaT
> >>> Skype:Salanieta.Tamanikaiwaimaro
> >>> Fiji Cell: +679 998 2851
> >>> _______________________________________________
> >>> ALAC mailing list
> >>> ALAC at atlarge-lists.icann.org
> >>> https://atlarge-lists.icann.org/mailman/listinfo/alac
> >>>
> >>> At-Large Online: http://www.atlarge.icann.org
> >>> ALAC Working Wiki:
> >> 
> https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)
> >>
> >>
> >> _______________________________________________
> >> APAC-Discuss mailing list
> >> APAC-Discuss at atlarge-lists.icann.org
> >> https://atlarge-lists.icann.org/mailman/listinfo/apac-discuss
> >>
> >> Homepage for the region: http://www.apralo.org
> >>
> >
> >
> >
> > --
> > Salanieta Tamanikaiwaimaro aka Sala
> > P.O. Box 17862
> > Suva
> > Fiji
> >
> > Twitter: @SalanietaT
> > Skype:Salanieta.Tamanikaiwaimaro
> > Fiji Cell: +679 998 2851
> > _______________________________________________
> > At-Large mailing list
> > At-Large at atlarge-lists.icann.org
> > https://atlarge-lists.icann.org/mailman/listinfo/at-large
> >
> > At-Large Official Site: http://atlarge.icann.org
> >
>
>
>_______________________________________________
>At-Large mailing list
>At-Large at atlarge-lists.icann.org
>https://atlarge-lists.icann.org/mailman/listinfo/at-large
>
>At-Large Official Site: http://atlarge.icann.org





More information about the APAC-Discuss mailing list