Comments: WHOIS Task Forces: due Thursday
KathrynKL at AOL.COM
KathrynKL at AOL.COM
Tue Jun 15 14:56:41 CEST 2004
All:
Just a fast reminder about the deadline approaching (Thursday!) for public
comments to the 3 WHOIS Task Forces that have met for the last six months. If
you/your organization have time to do nothing else, would you please consider
comments supporting the privacy proposals in the reports of TF1 and TF2?
Frannie has made it easy, with a website at
http://www.thepublicvoice.org/take_action/default.html with key points written by Milton (TF1) and Frannie
(TF2), and the email address for comments. Since I am a bit late posting my
suggestions for comments, I include them in text below.
Even short comments would be great. Thursday end of day is the deadline.
Regards and thanks, Kathy (TF2)
------------------------------------------------------------------------------
--------------------
TF2 Report: Some suggested points comments
------------------------------------------------------------------------------
-------------------
Overall, I think the TF2 Report is good -- pretty balanced and a good
presentation of our interests. Thus, for comments, I would suggest a double
strategy: praise the positive (to reinforce our issues) and then criticize the
negatives. An outline of key issues below.
A. Highlight the positives.
1. For the first time, an ICANN report highlights both the uses of
WHOIS and the abuses of WHOIS data. We want to emphasize the abuses
and possible abuses of continuing an open directory with this data (address,
phone and email) available to all. What are you organization's concerns for
itself or its members regarding this data? (Please consider mentioning your
own concerns, or those on behalf of human rights organizations, other
noncommercial organizations, and individuals).
2. For the first time, an ICANN report outlines the privacy laws
and freedom of expression protections in laws around the world (Sections
2.3 and 3.3/National Law, and first section of Appendix). Please support
the report here. If you are in a country with comprehensive data laws,
please talk about the human rights principles underlying your national
privacy laws. If you are in a country with free speech laws, please write
about the importance of speaking privately and even anonymously, even in
public dialogue.
3. We have a great recommendation: that "Registries and
Registrars should not have to violate local data protection laws in order to
conform with WHOIS policy. If there is a conflict of law and WHOIS
policy, as process should be in place to allow for registrars to show such
conflict and make appropriate changes needed for it to conform to the
respective local laws." (See 1.4, 2.3, and 3.3). Please support this
recommendation!
B. Opportunity to comment and shape the work ahead: Tiered Access
Background: The Registrars for a long time have proposed a Tiered Access
system. While they agree that all personal data should not be public,
Registrars do not want to be involved in the day to day task of screening all
the requests for domain name holders. Thus, they propose an automated
system for making personal data available to those who say they need it.
This system is called Tiered Access ("TA"). TA is a series of gates or
tiers. Still in formation, it is beginning to gain momentum. Comments now
would be very timely and useful! [Sections 2.4, 2.5, 3.4, 3.5]
1. Support the concept of "Tier 1" -- that personal or sensitive data
including address, phone and email for individuals, organizations and even
companies (such as small business) *would not* be published on the first
Tier and not available to all. (Note: 3.5 recommendation proposes that a
registrant could choose to put all this data into the WHOIS directory, but
that would be his/her/its choice).
2. Argue that "Tier 2" needs to be much better defined. Registrars
call Tier 2 the place for "known users with known uses" to access
personal/sensitive domain name data. But what are the limits and
protections for domain name owners? These we must fight for. Please
think of your own ideas for protections against abuse, but here are some of
mine:
A. Tier 2 should still not publish all the
personal/sensitive data.
Let it be name/email (ideally) or name/address
(alternatively). But not all the data.
B. No unlimited access to the WHOIS database, even if you
are the world's most famous intellectual property law firm.
Although you are a "known user," you should still not have
infinite access to the WHOIS personal data and database.
Searches should be one by one, and for each and every
access, the user (however famous) should enter a clear and
specific text reason for the legal problem being raised by the
domain name and the legal reason for needing to contact the
domain name holder. This explanation must be sent to the
domain name holder.
C. The system must provide *immediate notification by email
to the domain name holder* whenever his/her/its
personal/sensitive data is released to any third party in Tier
2. Such immediate notification will allow domain name
holders to better protection themselves -- and flee if their
address (as a human rights organization, an abortion clinic,
or a woman with a stalking ex-spouse) has just been given
away. (Domain name holders should have the option to
"opt-out" of such immediate notification if their safety is not
in danger, perhaps for a weekly listing.)
3. Support the concept of a Tier 3 that all the data is available to
ICANN-accredited registrars and registries for technical purposes, such as
domain name transfers.
Thanks again!
Kathy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20040615/e1957d91/attachment.html>
More information about the Ncuc-discuss
mailing list