Input from the Australian Government on the WHOIS service

Fri Apr 21 16:22:18 CEST 2006

Agreed, that you send this as the chair of NCUC to Bruce, make it more 
formal: address it to "Bruce Tonkin, Chair of the GNSO Council" - and 
copy it also to Glen de Saint Géry (GNSO secretariat - 
gnso.secretariat at gnso.icann.org).

Norbert

=

Carlos Afonso wrote:
> People, this is the message and statement Milton and I suggest NCUC 
> sends Ashley Gross and the GNSO council, with copy to all GAC reps.
>
> Please read and send any comments/ammendments asap.
>
> frt rgds
>
> --c.a.
>
> ++++++++++++
> Dear Bruce,
>
> Regarding Australia's contribution to GNSO on the Whois issues 
> recently submitted by the GAC representative Ashley Gross, the NCUC 
> would like that the statement below be conveyed to her as an official 
> inquiry from NCUC and copied to GNSO Council, as well as to all GAC 
> members.
>
> fraternal regards
>
> --c.a.
> Carlos A. Afonso
> Chair, NCUC
>
> ===============================================================
>
> NCUC statement on Australia's contribution to GNSO on the Whois issues
> (submitted to GNSO in April, 2006, by the GAC representative Ashley 
> Gross)
>
> 1. We would like to recall the Australian national privacy principles 
> (at http://www.privacy.gov.au/publications/npps01.html), which, under 
> the heading "Use and disclosure", state: "An organisation must not use 
> or disclose personal information about an individual for a purpose 
> (the secondary purpose) other than the primary purpose of collection 
> unless:
>
> "(f) the organisation has reason to suspect that unlawful activity has 
> been, is being or may be engaged in, and uses or discloses the 
> personal information as a necessary part of its investigation of the 
> matter or in reporting its concerns to relevant persons or 
> authorities; or
>
> (g) the use or disclosure is required or authorised by or under law; or
>
> (h) the organisation reasonably believes that the use or disclosure is 
> reasonably necessary for one or more of the following by or on behalf 
> of an enforcement body:
>
> (i) the prevention, detection, investigation, prosecution or 
> punishment of criminal offences, breaches of a law imposing a penalty 
> or sanction or breaches of a prescribed law;
>
> (ii) the enforcement of laws relating to the confiscation of the 
> proceeds of crime;
>
> (iii) the protection of the public revenue;
>
> (iv) the prevention, detection, investigation or remedying of 
> seriously improper conduct or prescribed conduct;
>
> (v) the preparation for, or conduct of, proceedings before any court 
> or tribunal, or implementation of the orders of a court or
> tribunal."
>
> The Australian national privacy principles also state: "If an 
> organisation uses or discloses personal information under
> paragraph (h), it must make a written note of the use or disclosure."
>
> So, at least in Australia, law enforcement activities are already 
> covered under the privacy laws. What is not envisaged in the privacy 
> laws is that the method to provide data to law enforcement should be 
> via public publication.
>
> There is literally no practical way to restrict the subsequent "use" 
> of data once it is published in the public.
>
> In light of the above, is the Australia GAC representative 
> contradicting Australia's national policy or suggesting that its laws 
> be changed?
>
> 2. Why is the Australia GAC representative supporting Formulation 2, 
> when ".au" has a Whois policy and purpose that corresponds to 
> Formulation 1?
>
> 3. If GAC itself has not come to a unified position on Formulation 1 
> versus Formulation 2 (and we know that it has not), what relevance 
> does the position of the Australia GAC representative have?
>
> April 21st, 2006
> ====================================================
>