Karl Auerbach's comment on Whois TF3

Chun Eung Hwi chun at PEACENET.OR.KR
Tue Jul 6 10:34:52 CEST 2004 

Incidently, I found this from Karl Auerbach's blog although it was not
posted on public comment list of TF3. It's interesting!

-------------------------------
July 05, 2004

Comments to ICANN's TF3

Here's what I sent to ICANN's Task Force 3.  My general impression of the
TF 3 output was that it was a prettified way of accusing the community of
internet users as being cheats and liars and demanding that the costs of
trademark enforcement be offloaded from the trademark owners onto the
backs of domain name registrants and the DNS registration industry.

(It is amazing how often the trademark industry forgets that the purpose
of trademarks is to protect the consumer's right and ability to identify
goods and services and to distinguish such goods and services from one
another..  The trademark industry forgets that trademarks are intended to
benefit the customer, not the seller, and that any benefit to the seller
is merely incidental.)

Here's what I sent in:

Thoughts on the TF3 (accuracy) report (WHOIS TASK FORCE 3 - IMPROVE THE
ACCURACY OF DATA COLLECTED FROM GTLD REGISTRANTS PRELIMINARY REPORT)

I find the report to be inadequate and lacking both the factual and
logical foundation to support its conclusions and recommendations.

The report begins by failing to comprehend the meaning of "accuracy".

Accuracy is not an absolute term.  One definition of accuracy is the
absence of incorrect information.  In that regard, a blank field on a form
is completely accurate.  The task force's report makes it clear that this
is not the definition of accuracy that is being used by the task force.
If the task force wishes its report to itself be able to claim that it is
accurate then the task force must necessarily articulate what it means by
accuracy.

I submit that accuracy is measured by context.  In the case of business
data the typical metric of accuracy is whether the data exchanged, in all
directions among all parties to the transaction, is whether that data is
sufficient to support the business being transacted.

In the case of domain name registrations, the parties to the transaction
are the registrar and customer (registrant) or his/her agent.  There are
no other parties to the transaction.  (The report of task force 1 makes it
clear that when examined on the basis of real numbers rather than
chicken-little-like anecdotes that the interests of trademark owners in
domain name transactions are based on events so rare and of such
individually miniscule impact on the internet community as to amount to a
factor that can be best remedied through recourse to traditional legal
processes.)

As measured in the context of the registrar-customer transaction the first
metric of accuracy is whether the information conveyed at the time of the
registration is sufficient to support that registration.  The second
metric is whether the information conveyed is sufficient to maintain the
relationship.  And the final metric is whether the information at the time
of potential renewal is sufficient to support renewal, if the potential
for such renewal was part of the original understanding.

Before going further it is necessary to distinguish the concept of
"accuracy" from that of "precision".  It is perfectly accurate for every
domain name registrant in existence to indicate that  he or she lives on
planet Earth.  But most would not consider that to be usefully precise.

At the time of the initial registration of a domain name the following
information needs to be conveyed:

  Customer-to-Registrar:
      Desired domain name
      List of name servers

   Registrar-to-Customer:
     Whether the name requested name has been allocated to the customer
(implying that the name and customer's name server list have been placed
into the appropriate zone file.)

Not all registrations involve money and billing.  Nor do all registrations
necessarily impute a desire for renewal - one area of domain name
businesses that have been arbitrarily foreclosed until now by ICANN have
been non-renewable, short term registrations for single-time events,
elections, movies, etc.

If a registration involves the payment of a fee, then the exchange of
information must be adequate to facilitate the payment of that fee.  After
that payment, that information is no longer needed to support the
registration process.  It is a well known principle of privacy that
information should be retained only if it is relevant to a transaction.
Thus a registrar that is desirous of protecting privacy would be acting
quite within reason should it erase transactional information once that
information has ceased to be of value.

Maintenance of the relationship between registrar and customer is largely
driven by the needs of the customer.  For that reason there is no
particular reason, in the context of maintenance of the registration
information (i.e. the list of name servers) for the registrar to retain
precise, that thus privacy infringing, information regarding the customer.

Third parties who today bombard the DNS whois databases are not parties to
the maintenance relationship.  As task force 1 indicated, such third
parties ought to be required to make a preliminary showing that they have
reason to examine the registration data.  The degree of precision of the
data disclosed must, therefore, vary in conformance with the degree of
precision of that showing and of the nature of the purported grievance.

Finally, renewal processing only requires sufficient information to
consummate the renewal transaction at the time of the transaction - there
is no need for such information to be exchanged in advance of renewal or
to be retained after renewal.

Additional data gathering and maintenance burdens the system with
additional costs.  Absent a clear showing of illegal activity on the part
of the majority of domain name registrars and customers it would be
improper to impose such costs on all transactions.  Yet the task force's
report seems to have elevated the ill-actions of a very, very few into a
blanket accusation against all domain name registrants as a
self-bootstrapping argument to encumber the entire domain registration
system with excess costs and an institutional system of excess information
disclosure amounting to a wholesale violation of the privacy of every
member of the community of internet users.

If the demands of such third parties trigger the gathering and maintenance
of data above and beyond the data used for registration, maintenance, and
renewal then those third parties ought to pay the costs of such gathering
and maintenance.

Posted by karl at July 5, 2004 03:44 PM


--
------------------------------------------------------------
Chun Eung Hwi
General Secretary, PeaceNet | phone:     (+82)  2-2166-2205
Seoul Yangchun P.O.Box 81   |   pcs:     (+82) 019-259-2667
Seoul, 158-600, Korea       | eMail:   chun at peacenet.or.kr
------------------------------------------------------------

More information about the Ncuc-discuss mailing list