Input from the Australian Government on the WHOIS service

Tue Apr 18 23:45:19 CEST 2006

Carlos:
Thanks for this offer. Here is the relevant info. (below your message) 

>>> Carlos Afonso <ca at rits.org.br> 4/17/2006 4:40 PM >>>
>If someone can complete the empty field regarding what Aussie's national 
>law says, I would be glad to send her the text as a formal message from 
>NCUC, with copy to GNSO.

from the Australian National privacy principles at:
http://www.privacy.gov.au/publications/npps01.html 

It states under the heading of "Use and disclosure":
"An organisation must not use or disclose personal information about an
individual for a purpose (the secondary purpose) other than the primary
purpose of collection UNLESS:

"(f) the organisation has reason to suspect that unlawful activity has
been, is being or may be engaged in, and uses or discloses the personal
information as a necessary part of its investigation of the matter or in
reporting its concerns to relevant persons or authorities; or

(g) the use or disclosure is required or authorised by or under law; or

(h) the organisation reasonably believes that the use or disclosure is
reasonably necessary for one or more of the following by or on behalf of
an enforcement body:

(i) the prevention, detection, investigation, prosecution or
punishment of criminal offences, breaches of a law imposing a penalty
or sanction or breaches of a prescribed law;

(ii) the enforcement of laws relating to the confiscation of the
proceeds of crime;

(iii) the protection of the public revenue;

(iv) the prevention, detection, investigation or remedying of
seriously 	improper conduct or prescribed conduct;

(v) the preparation for, or conduct of, proceedings before any
court or 	tribunal, or implementation of the orders of a court or
tribunal."

The privacy principle also states:
"If an organisation uses or discloses personal information under
paragraph (h), it must make a written note of the use or disclosure."

So at least in Australia, law enforcement activities are already covered
under the privacy laws.

What is not envisaged in the privacy laws is that the method to provide
data to law enforcement should be via public publication.

There is literally no practical way to restrict the subsequent "use" of
data once it is published in the public.

> A letter should be sent to her saying:
> 
> 1. Why do Australia's national laws say [_____]. Are you contradicting AU national policy or suggesting that its laws be changed? 
> 
> 2. Why are you supporting Form. 2 when .au has a whois policy and purpose that corresponds to Form 1? 
> 
> 3. If GAC itself has not come to a unified position on Form. 1 vs. 2 (and we know that it has not), what relevance does your position have? 
> 
> I would like for this message to be conveyed to her as an official inquiry from NCUC and copied to all GAC members. If GAC can request that its propaganda be sent tot he GNSO Council, why can't we do likewise. 
> 
> .
> 

-- 

Carlos A. Afonso
diretor de planejamento
Rits -- http://www.rits.org.br 

********************************************
* Sacix -- distribuição Debian CDD Linux   *
* orientada a projetos de inclusão digital *
* com software livre e de código aberto,   *
* mantida pela Rits em colaboração com o   *
* Coletivo Digital.                        *
* Saiba mais: http://www.sacix.org.br      *
********************************************