Proposed statement on Whois TF 1

Milton Mueller Mueller at SYR.EDU
Fri Mar 12 18:57:50 CET 2004 

Hello, this is just a first draft. The key element of my approach to all the Whois Task Forces is that we insist on getting ICANN to define the
purpose of the Whois database. This means that TF2 is primary,
and must be completed first, and the others are secondary. 

=========


Proposed NCUC statement on Whois Task force 1

Whois Task Force 1 (TF1) deals with the relatively narrow 
issue of restricting marketing users' access to Whois  data through means other than bulk access under license. 

This Task Force is mainly of interest to registrars and registries, 
whose facilities and customer lists are exploited 
by automated processes. Users of course have some interest 
in protecting access to their contact data, but this  interest extends well beyond the narrow remit of TF1. 

NCUC notes, however, that the results of Whois TF1 may 
have implications for the other task forces. Our approach 
to TF1 takes this into account, and will be guided by the 
following principles:

First, NCUC thinks it imperative that ICANN recognize the well-
established data protection principle that the purpose of data 
and data collection processes must be well-defined before 
policies regarding its use and access can be established. Therefore 
we believe that TF1 should await the outcome of Whois Task 
Force 2 (TF2), which will determine what data elements belong 
in Whois. That determination of TF2 must be based on a  definition of the purpose of the Whois database. In other 
words, we cannot know whether or not to restrict port 43  and port 80 access until TF2 has completed its work. 

Second, NCUC does not believe it is possible to develop 
technical or policy mechanisms that can restrict port 43  or port 80 access only to a specific type of user; e.g., 
marketers. Access restrictions imposed by TF1 will inevitably 
apply to all users and uses. The policies developed by TF1 
must keep this in mind. 

Third, given the limited scope of TF1, we think it important 
for the task force to refrain from making judgments  about the legitimacy of, justifications for, or "need" for any 
non-marketing uses. It is outside the scope of TF1 to  make any such determinations. Accordingly, we will oppose 
any access restriction policy based on classification of users. 

Fourth, we note as a principle that the best way to stop abuse 
of port 43 is to get data that is valuable to spammers out of 
the public Whois database. Data that is in Whois will be accessible 
to lots of people; therefore, privacy concerns require getting data 
out of Whois or reducing access to it for all. This is, of course, a 
matter for Whois Task force 2, dealing with data elements. 

Fifth, our participation in TF1 will try to make sure that minor 
modifications in port 43 (or other) access do not  become an excuse for doing nothing else to protect Internet 
users' privacy.

More information about the Ncuc-discuss mailing list