Rome NCUC meeting minutes

Mon Mar 8 08:28:32 CET 2004

Dear Milton Mueller and others,

Thank you for your briefing!

With regard to some questions on Korea, I will try to answer.
If you want to overview what the privacy situation is in Korea, refer to 
http://www.privacyinternational.org/survey/phr2003/countries/southkorea.htm
That is very excellent brief history and overview of Korean privacy 
situation in general. 

And due to the existence of ID card, our privacy situation is never good
at all. In .kr whois, if somebody register one domain name like co.kr -
equivalent to .com, your trade number or personal ID card number should be
necessarily submitted. But in the case of non-profit domains like or.kr,
the registered number of that organization or something else if it is
registered in some governmental authorities or internal rules if it is
unregistered could be submitted. Therefore, for commercial domains, 
information accuracy is very rigid while non-profit domains relatively has 
very loose conditions for data accuracy.

However, the principles of fair information practice is applied in .kr
whois depending on our naional law provisions - The Act on Promotion of
Information and Communications Network Utilization and Data Protection.
So, to make registrants' contact information public is optional, but not
mandatory. Definitely, the present ICANN whois policy is contradictory to 
our national law at this point.

regards,

Chun

On Sat, 6 Mar 2004, Milton Mueller wrote:

> For those with time on their hands, the following provides 
> a reasonably detailed description of what went on in our Rome
> meeting. It is only a draft - those who were there can send in
> additions/corrections. Widely agreed to be a successful meeting
> - congrats to all involved!
> 
> NCUC Meeting
> ICANN Rome Meeting, March 2, 2004
> 
> Carlos Afonso, GNSO Council, RITS Brazil
> Marc Schneiders, GNSO Council, 
> Olivier Nana Nzepa, Advisory Network on African Information Society) Cameroun
> Kathy Kleiman, Esq., Arlington, VA, USA
> Frannie Wellings, EPIC
> Milton Mueller, Syracuse University Convergence Center
> Robin Gross, IP Justice
> YJ Park, Syracuse University
> Vany Martinez, Alfa-Redi
> 
> From 9:00 to 9:30 the assembled members rearranged the agenda and schedule to conform to members time commitments, and to adjust to the request by Pool.com to make a presentation about WLS.
> 
> 9:45 – 11:30 Joint Meeting on Whois with Registrar Constituency
> The NCUC meeting moved to the larger Goya room to discuss Whois policy with the Registrars. The meeting featured George Papapavlou of the European Union, to discuss “Whois Data: the Application of EU Legal Principles.” The joint meeting was chaired by NCUC Chair Milton Mueller. Approximately 80 people attended, including interested members of constituencies other than Registrars and NCUC. After Papapvlou’s presentation, there was lively Q and A, during which it became clear that there is strong support for privacy among registrars. After Papapavlou left NCUC chair solicited Registrar’s positions on TF 1 and TF 2 outcomes. It was clear that the registrars had not yet formulated firm positions on the those two task forces. There was no time to discuss Task Force 3. 
> 
> 12:00 – 1:30 
> The NCUC returned to its room to discuss whois policy internally. The minutes are divided into each task force:
> 
> TF 1 – Data Mining
> Milton Mueller is the NCUC representative on Task Force 1. He explained its relatively narrow scope and argued that its significance to NCUC was limited, in that the TF was considering only restrictions on a very specific type of access to Whois data (Port 43 by marketing users). It was mainly of interest to registrars and registries, whose facilities and customer lists are exploited by the data miners. However, the TF may have implications for the other task forces. Kathy Kleiman suggested that the TF should be confined to identifying marketing uses and restricting access for it. 
> 
> The group agreed on the following objectives for TF1:
> a)      Do not “bless” any non-marketing uses. It is outside the scope of the TF to make any determinations about the legitimacy of any non-marketing uses of whois data. 
> b)      Do not permit classification of users’ purpose to become part of the policy
> c)      The best way to stop abuse of port 43 is to get spam-valuable data out of the Whois database.
> d)      Use TF1 to make case that data that is in Whois will be accessible to lots of people; ergo, privacy concerns require getting data out of Whois or reducing access to it for all.
> e)      Do not allow minor modifications in port 43 (or other) access to become an excuse for doing nothing else
> f)      NCUC representatives need to meet with the CRISP working group, to learn more about the technical aspects of the new whois protocol and how new technical capabilities might affect the policy debate. 
> 
> Whois TF 1 survey: 7 or 8 responses so far; about 30 sent out. Marc is an occasionally user of port 43 and should take the TF 1 survey
> 
> TF2 – WHOIS Data Elements. 
> Kathy Kleiman is the NCUC representative on Whois Task Force 2. She distributed the questions about national law and whois that were distributed to the GAC. She also distributed a draft NCUC response to the TF 2 constituency survey. There were no objections to the draft.
> 
> Attendees agreed that we need a precise definition of the purpose of whois, as suggested by Papapavlou in his talk. Purpose of Whois has changed, it is now de facto fulfilling multiple purposes. The original purpose was technical coordination; the techies needed to know who’s sending out the traffic in order to troubleshoot and correct problems. We need to identify the data elements that correspond to that purpose. KK will develop list of data elements and run it by the NCUC policy committee. There was agreement that creation and expiration date may be needed to prove that you own the domain. Opt-in is ok for all other data elements. 
> 
> Our goal is to work with registrars to expand their possible goal to allow whois to identify dn registrants to the extent compatible with personal privacy and national law.
> 
> There was then some discussion of international experience. In Brazil’s ccTLD, whois returns information only on organizations, not individuals. Organizations are identified by a tax number. In S. Korea, there is a public trend to reflect privacy concerns, but it is still not there yet. S. Korea has more privacy than other Asian countries. Ask Jisuk for legal information. 
> 
> TF3 – Accuracy 
> Frannie Wellings (EPIC) is the NCUC representative on Whois Task Force 3. The TF’s data gathering does not ask about relationship between privacy and accuracy; in fact, this has been defined as out of scope. The TF is now collecting data about how other organizations collect data and ensure that it is accurate. So far, only one response. Deadline extended. 
> 
> ccTLDs have been asked about accuracy. In Korea they ask for national id numbers when you register. Originally they didn’t ask for it, but they wanted more usable information, now it is becoming more popular. 
> 
> 1:30 – 2:15 Lunch break 
> 
> 2:15 – 3:00 WLS Discussion. 
> Pool.com’s president Arrington debated VeriSign’s Chuck Gomes. Arrington asked that the trial of WLS not be approved by the Board, because it would give the .com registry a monopoly on the secondary market for .com names and put registrars and service providers based on an alternate secondary market business model out of business. Gomes countered that the only registrars put out of business were those whose only business was selling connections to the .com registry to grab expiring names; that the auctions used by Pool might be too expensive for consumers, and that some registrars support WLS over the auction model. [Note: later, NCUC GNSO Council members agreed to vote against WLS while calling attention to the need for a more competitive gTLD registry market and new TLDs.]
> 
> 3:00 – 3:30
> GNSO Council report: 
> Marc Schneiders: not very much has happened. He provided the following list:
> 1. Re-election of Alejandro Pisanty. Pisanty groomed to replace Vint Cerf? MS suggested that Cerf will be out after one year, but this was not clear.
> 2. New registry services PDP. This has been stalled. A workshop on the topic was held the next day, with inconclusive results, Registries seem to be boycotting the PDP, only Neulevel has submitted a statement. 
> 3. When Whois comes to Council, be ready. 
> 4. .Net reassignment may not happen because of VRSN’s divestiture of NSI
> 5. UDRP. Schneiders initiated some discussion of a renewed UDRP review on the list. Mueller brought up the .org proposal of the PIR Advisory Council, suggesting that it might be a narrower and more productive change to propose. 
> 6. Afonso showed particular interest in the morning’s presentation about the difficulties and inconsistencies of IDN. Diop of RIRs: ccTLDs are still ascii, can’t add IDNs for ccTLDs because it deviates from the ISO-3166 list. A policy can of worms may be opened by this. 
> 
> 3:30 – 4:00 Report on membership & finances (Mueller)
> The constituency has 35 organizational members. Two new organizations, IP Justice and ANAIS, showed up and promised to formally join. Some discussion of funding proposals that have been sent out. ABONG – Brazilian NGO Association 
> 
> [Note: at 5 pm on Thursday, March 4, Milton Mueller, Kathy Kleiman, and Carlos Afonso met to continue the discussion of new membership. Carlos Afonso will get a list of participants of the LACNIC meeting 28-29 March in Montevideo to be used for recruiting. He also mentioned Community telecentres association – nonprofit associations of small telecenters run by the local communities – as a possible source of new membership. Canada and the US also have telecenter associations, which should be looked into.]
> 
> 4:30 – 5:30 Joint meeting with the At Large
> A special meeting of NCUC and ALAC was held. The NCUC Chair expressed his appreciation for the presence of ALAC in GNSO Council and Council task forces, which increased civil society representation to (a still-quite-low) 2 of 7 constituencies. At the same time, the participants openly confronted the confusion and potentially zero-sum competition for members that might occur following the ALAC’s decision to base its membership on noncommercial organizations rather than individuals. ALAC interim committee member Roberto Gaetano noted that almost all of the European organizations he is recruiting are not NCUC members, and it was agreed that while some organizations may wish to participate in both ALAC and NCUC, active recruiting of existing NCUC member organizations by ALAC (or vice-versa) would be confusing and should be avoided. In general, NCUC and ALAC each have distinctive strengths and weaknesses and play slightly different roles in the ICANN governance structure; these should be presented clearly and objectively to new members so that they can make their own choice. NCUC and ALAC agreed to host joint sessions on policy topics at future ICANN meetings, and to host joint parties. 
> 

-- 
------------------------------------------------------------
Chun Eung Hwi
General Secretary, PeaceNet | phone:     (+82)  2-2166-2205
Seoul Yangchun P.O.Box 81   |   pcs:     (+82) 019-259-2667
Seoul, 158-600, Korea  	    | eMail:   chun at peacenet.or.kr
------------------------------------------------------------