ICANN ’s Privacy Progress in the Who is Databases Needs Your Input

Robert Guerra rguerra at LISTS.PRIVATERRA.ORG
Wed Jun 21 14:24:01 CEST 2006


Dear list members:

I am cc'ing the NCUC list a copy of the ALERT Kathy has sent to the
privacy community. The hope is that they networks can be mobilized,
letters can be sent, and  GAC representatives contacted in time to make
sure the friendly GNSO policy stands.



-

Memorandum

To:       The Human Rights and Privacy Community
From: Kathryn Kleiman, Esq.
      Co-Founder, ICANN’s Noncommercial Users Constituency
       & Longtime member, ICANN’s Whois Task Force.
Date: June 20, 2006

Alert:  ICANN’s Privacy Progress in the Whois Databases Needs Your
Input; Timely Communication to Your Government Advisory Committee Member
Will Help Balance and Inform Debate

ICANN needs your help.  After years of work on data protection laws,
ICANN’s GNSO Council recently took concrete steps to protect privacy in
the Whois databases.  On April 12, 2006, the GNSO Council adopted a
clearly defined “Purpose” for the Whois Databases – one that is narrow,
technical and compatible with the original purpose of this data.  At
last, we followed important comments, speeches and input!

Opposition began immediately.  The US Government is using many forums
within ICANN, public and private, to criticize the vote.  Following the
US lead, the Australian Government quickly wrote to criticize the Whois
vote.  Australia’s letter called for all personal data in the Whois
database to remain fully open and completely accessible.  Letter
attached below.  This week, the International Trademark Association, a
group with historic weight in the ICANN process, loudly voiced its
concerns and urged ICANN Chairman Vint Cerf to reverse the Whois privacy
work and keep all data (personal and otherwise) open and accessible.

The GNSO Council’s vote represented a historical alignment.  Registrars,
Registries and ICANN’s Noncommercial Users Constituency all voted to
respect data protection laws worldwide.  Yet the GNSO Council is only an
interim step.  As one of ICANN’s “Supporting Organizations,” we can only
report our policy recommendations to the ICANN Board.  The ICANN Board
and Officers make the final decisions.  We know they listen carefully to
loud voices – and rely increasingly on ICANN’s Government Advisory
Committee (“the GAC”).

Unfortunately, the GAC has only heard half of the story.  It has held
large and small meetings with law enforcement officials to hear their
opposition to introducing some privacy into the Whois database.
However, its long-promised meeting with data protection commissioners,
scheduled for 11/05 in Vancouver, was canceled at the last minuted.  Dr.
Alexander Dix, the Berlin Data Protection Commissioner, was to have been
the speaker as the representative of the Article 29 Working Party.

The Whois Task Force learned today that at the ICANN meeting in
Marrakech, the GAC will sponsor a Joint GAC/GNSO meeting on Whois --
with at least five GAC speakers.  We expect each speaker to urge the
GNSO to repeal the Purpose of Whois.  (Meeting scheduled for Monday,
June 26, 10:30 AM – 12:30 PM.)  Despite so many members from countries
with comprehensive data protection laws, GAC’s current message is an
anti-privacy message one:  the Whois databases must remain completely
open and accessible, with no protection for the personal data of tens of
millions of domain name registrants.

The GAC’s message seems counter to comprehensive and sectoral data
protection laws around the world.  It is also contrary to the Whois
privacy policies increasingly found in country code top level domain
names around in the world.  For example, .JP, .UK and .CA presented
their Whois policies at the privacy conference “Building Bridges on
ICANN’s Whois Questions” run by ICANN’s Noncommercial Users
Constituency.  (See www.ncdnhc.org under What’s New and Whois-Privacy
Conference agenda and slides linked to speaker names.)

Would you be willing to write to your GAC representative to urge them
support the GNSO Council work to date?  Would you be willing to work
with your GAC representative to discuss your country’s data protection
laws and the value you place on them, and ask them to share these views
with the GAC and ICANN?

Input now would greatly help to balance the debate.  Thank you for your
assistance!

Sincerely,
Kathryn Kleiman
Co-Founder, ICANN’s Noncommercial Users Constituency
Longtime Member, GNSO’s Whois Task Force
KathrynKl at aol.com

Appendix I:
Supplemental Materials on Whois Purpose

A. Background/GNSO Council Work on Purpose of Whois

On April 12, 2006, the GNSO Council took a pro-privacy position.  They
determined that the Whois database serves a narrow, technical purpose
(consistent with the original purpose of ICANN and the limited mission
of ICANN).

As adopted by the GNSO Council:
“The purpose of the gTLD Whois service is to provide information
sufficient to contact a responsible party for a particular gTLD domain
name who can resolve, or reliably pass on data to a party who can
resolve, issues related to the configuration of the records associated
with the domain name within a DNS nameserver.”

This technical language means that the Whois databases will serve the
narrow, technical and traditional purposes of the Domain Name System –
registration of domain names (setting them up) and configuration of
domain names (making sure domain names can be “resolved” or located in
the global domain name system via the main “look-up” tables).

The Purpose adopted by Council was originally called “Formulation 1.”
In adopting it, the GNSO Council rejected “Formulation 2” – an unbounded
and unlimited Purpose for the Whois Databases (based not only on
traditional technical purposes, but all uses of domain names, including
content of websites).   It is a view oriented in digital rights
management, and was rejected, largely because it is overbroad,
inconsistent with original purpose, and outside the scope and mission of
ICANN:

Formulation 2:
“The purpose of the gTLD Whois service is to provide information
sufficient to contact a responsible party or parties for a particular
gTLD domain name who can resolve, or reliably pass on data to a party
who can resolve, technical, legal or other issues related to the
registration or use of a domain name.”

Minutes of the GNSO Council’s vote on the Purpose of Whois can be found
at http://www.gnso.icann.org/meetings/minutes-gnso-12apr06.shtml.


B. Opposition Heard To Date:

The negative voices are strong within ICANN.  Many are quietly lobbying
in the background; others are public.  Here are some letters of
opposition that we know have been widely circulated to the Board,
Officers and staff of ICANN:

Opposition by the Australian Government,
http://www.gnso.icann.org/mailing-lists/archives/council/msg02407.html
(ironic because the Australian ccTLD, .AU, has some of the strongest
data protection regulations of any country code, and protects not only
personal data but corporate data as well).

International Trademark Association,
http://forum.icann.org/lists/gnso-dow123/msg01000.html (for historical
reasons, a group with close ties to the ICANN Board and a heavyweight in
the ICANN process).

Letters in support of the GNSO Council and the combined efforts of the
Registrar, Registry and Noncommercial Constituencies (and Nominating
Committee Representatives):  None.


C. Timely Support for the GNSO Work

ICANN starts a meeting in Marrakech on June 23rd.  The Whois Task Force
just learned today that the GAC plans to have at least five speakers
giving strong anti-privacy speeches (intended to block the Whois work).

Some opportunities for input include:

1. Contacting your country’s GAC representative.  With your
encouragement and guidance, perhaps your GAC representatives will take a
clearer position at GAC meetings in support of (and explaining) the EU
data protection laws.

The GAC list is publicly posted at:
http://gac.icann.org/web/contact/reps/index.shtml.  Some representatives
may have changed.

2. Sending a Personal Letter to your GAC representative from you and
your organization.

3. Encouraging your GAC representative to request a meeting with Kathryn
Kleiman and Milton Mueller, Co-Founders of ICANN’s Noncommercial Users
Constituency and NCUC’s Representatives to the GNSO Whois Task Force for
many years.   Kleiman and Mueller have detailed knowledge of the
background, history and abuses of the Whois database (including
stalking, harassing, spamming and profiling).  Kleiman arrives in
Marrakech on Thursday, June 22nd.
   Email:  KathrynKl at aol.com

4.  Join ICANN’s Noncommercial Users Constituency.  The dues are low;
our voice within ICANN is strong, and your membership would make us
stronger.  Please see “Join Us” at www.ncdnhc.org.


Appendix II:

Letter to ICANN from Australian Government, April 13, 2006,
http://www.gnso.icann.org/mailing-lists/archives/council/msg02407.html

[council] Input from the Australian Government on the WHOIS service
* To: <council at xxxxxxxxxxxxxx>
* Subject: [council] Input from the Australian Government on the WHOIS
service
* From: "Bruce Tonkin" <Bruce.Tonkin at xxxxxxxxxxxxxxxxxx>
* Date: Thu, 13 Apr 2006 21:14:22 +1000
* Cc: <gnso-dow123 at xxxxxxxxxxxxxx>
* Sender: owner-council at xxxxxxxxxxxxxx
* Thread-index: AcZe62pF2rsC2Ox1RTm5WvMNEaTPRQ==
* Thread-topic: Input from the Australian Government on the WHOIS service

Hello All,

The note below was sent to me four hours ago as chair of the GNSO
Council.

Regards,
Bruce Tonkin


AUSTRALIA'S CONTRIBUTION TO GNSO COUNCIL ON WHOIS

Australia would like to reiterate to the GNSO Council the position it
conveyed during the GNSO Council - Government Advisory Committee (GAC)
Working Group meeting on 26 March 2006.

On the information available to us, Formulation 2, as identified in the
Final Task Force Report on the Purpose of Whois and of the Whois
Contacts, appears to better reflect the public policy interests of a
fully functional Whois regime from an Australian perspective.

At this point, Australia considers that Whois should:

* satisfy the traditional and ongoing goal of ensuring the
security and stability of the Internet;

* provide the ability to identify and respond to those involved in
criminal activity such as child pornography, 'phishing' and identity
theft;

* provide an appropriate level of data to any user that seeks it
including, for example, civil and criminal law enforcement officials,
online consumers, network operators, intellectual property rights
holders and registrars and registries;

* support national laws and global agreements associated with
privacy, trade practices, consumer protection, intellectual property
rights and copyright protection; and

* operate in a manner that is technically feasible and cost
effective for registrars and registries, and does not rely solely on the
registrant to be implementable.

We appreciate that Whois is a complex issue with a range of interests.
Given this, we consider that it is important that the GAC and GNSO
Council continue to exchange information and views.

Australia will work with other GAC members  to ensure that the GAC is
well placed to have effective dialogue with the GNSO community in
Marrakesh.

ASHLEY CROSS
GAC Representative -AUSTRALIA
April 2006


More information about the Ncuc-discuss mailing list