Current Draft of WHOIS Letter

[Marc Rotenberg]

Kathy, thanks for the note.

Friends, here is the current draft. I hope we have
included everyone and the correct affiliations

Marc.

On Oct 27, 2007, at 10:52 AM, KathrynKL at AOL.COM wrote:

> Friends in NCUC, we need your help. GNSO Council is now completely  
> OVERWHELMED with letters from the Intellectual Property (IP)  
> Constituency.  After seven years of work, IP wants to send  
> everything back to beginning -- no privacy, no plan, no direction.   
> We have come too far to do that.  We have spent too many years on  
> Task Forces and Working Groups.  National laws all over the world  
> gives us the right to privacy, and ICANN knows it.
>
> Would you be willing to sign on to the Electronic Privacy  
> Information Center's (EPIC's letter) below?  If so, please write to  
> Marc Rotenberg at rotenberg at epic.org with your name and  
> organization. TIME IS OF THE ESSENSE.  PLEASE WRITE TODAY.
> Best,
> Kathy Kleiman (NCUC Whois Task Force member 2003-2006)
>
> (Comments can be submitted to: <whois-comments-2007 at icann.org>
> Comments may be viewed at:
> http://forum.icann.org/lists/whois-comments-2007/)
> October 25, 2007
> Mr. Vint Cerf, Chairman
> Mr. Paul Twomey, President & CEO
> Internet Corporation for Assigned Names and Numbers
> 4676 Admiralty Way, Suite 330
> Marina del Rey, CA 90292-6601
> USA
> Dear Mr Twomey and Members of the ICANN Board,
>
> The purpose of this letter is to express our support for changes to  
> Whois services that would protect the privacy of individuals,  
> specifically the removal of registrants’ contact information from  
> the publicly accessible Whois database.1 It is also to propose a  
> sensible resolution to the long-running discussion over Whois that  
> would establish a bit of “policy stability” and allow the  
> various constituencies to move on to other work
>
> EPIC has had long-standing involvement in the Whois issue. As a  
> member of the Whois Privacy Steering Committee, EPIC assisted in  
> the development of the Whois work program, and has been a member of  
> the Non-Commercial Users Constituency for several years. EPIC has  
> submitted extensive comments to ICANN on Whois, and has testified  
> before the US Congress in support of new privacy safeguards for  
> WHOIS as well as filing a brief in the US courts on the privacy  
> implications of the WHOIS registry.2
>
> Both the Whois Task Force and the Whois Working Group agree that  
> new mechanisms must be adopted to address an individual's right to  
> privacy and the protection of his/her data.3 Current ICANN Whois  
> policy conflicts with national privacy laws, including the EU Data  
> Protection Directive, which requires the establishment of a legal  
> framework to ensure that when personal information is collected, it  
> is used only for its intended purpose. As personal information in  
> the directory is used for other purposes and ICANN's policy keeps  
> the information public and anonymously accessible, the database  
> could be found illegal according to many national privacy and data  
> protection laws including the European Data Protection Directive,  
> European data protection laws and legislation in Canada and  
> Australia.4
>
> The Article 29 Working Party, an independent European advisory body  
> on data protection and privacy, states that “in its current form  
> the [Whois] database does not take account of the data protection  
> and privacy rights of those identifiable persons who are named as  
> the contacts for domain names and organizations.”5 The conflict  
> with national privacy law is real and cannot be dismissed. A  
> sensible resolution of the Whois matter must take this into account.
>
> In addition, country code Top Level Domains are moving to provide  
> more privacy protection in accordance with national law. For  
> example, regarding Australia's TLD, .au, the WHOIS policy of  
> the .au Domain Administration Ltd (AUDA) states in section 4.2, "In  
> order to comply with Australian privacy legislation, registrant  
> telephone and facsimile numbers will not be disclosed. In the case  
> of id.au domain names (for individual registrants, rather than  
> corporate registrants), the registrant contact name and address  
> details also will not be disclosed."6
>
> The Final Outcomes Report recently published by the Whois Working  
> Group contains several key compromises and useful statements and  
> represents significant progress on substantive Whois issues. The  
> Whois Working Group found agreement in critical areas that advance  
> the Whois discussion within ICANN and provide clear guidance to the  
> ICANN Board.
>
> In its report, the Whois Working Group accepted the Operational  
> Point of Contact (OPoC) proposal as a starting point, and the best  
> option to date. The OPoC proposal would replace publicly available  
> registrant contact information with an intermediate contact  
> responsible for relaying messages to the registrant. The Working  
> Group agreed that there may be up to two OPoCs, and that an OPoC  
> can be the Registrant, the Registrar, or any third party appointed  
> by the Registrant. The Registrant is responsible for having a  
> functional OPOC. The Working Party also agreed that the OPOC should  
> have a consensual relationship to the Registrant with defined  
> responsibilities. This would necessitate the creation of a new  
> process, and changes to the Registrar Accreditation Agreement and  
> Registrar-Registrant agreements to reflect this relationship.
>
> The Board should support the agreed standard for disclosure of  
> unpublished Whois personal data – reasonable evidence of  
> actionable harm. But the Board should leave this term undefined, as  
> it is now in the RAA for proxy services. This standard will allow  
> the OPoC contact, registrars and registries to work within the  
> framework of their national and local laws to provide access to  
> this personal data.
>
> OPoCs must be allowed to employ strategies and standards similar to  
> those of the registrars and registries to ensure that the person  
> receiving the protected personal Whois data is in fact a law  
> enforcement official.
>
> The OPoC proposal does not impede reasonable law or intellectual  
> property enforcement efforts. In fact, effective implementation of  
> the OPoC proposal would benefit all stakeholders by improving the  
> accuracy of the information in the database. Because personal data  
> will be kept private, individuals will provide more accurate data.  
> As a result, the Whois database will be more useful and more reliable.
>
> The OPoC proposal is not the ideal privacy solution. EPIC, as well  
> as groups such as the Non-Commercial Users Constituency,  
> recommended a distinction between commercial and non-commercial  
> domains in order to protect the privacy of registrants of domain  
> names used for religious purposes, political speech, organizational  
> speech, and other forms of non-commercial speech. EPIC has  
> previously stated that the Whois database should not publicize any  
> registrant information, including name and jurisdiction.
>
> The Whois Working Group has proposed a workable framework. It is  
> not a perfect framework. But it will help ensure that the WHOIS  
> policy conforms with law and allow ICANN to move forward. If it is  
> not possible to adopt this solution, then the only sensible  
> approach would be to allow the current Whois terms to simply  
> sunset. Resolution 3 would be the only real option.
>
> The signatories to this letter are willing to assist in finishing  
> off the implementation details of the OPoC proposal.
>
> Sincerely,
>
>
>
> Marc Rotenberg
> EPIC Executive Director
>
>
>
> Allison Knight
> Coordinator, Public Voice Project
> 1 EPIC’s comments on the ICANN Whois Task Force’s "Preliminary  
> Task Force Report on Whois Services," January 12, 2007, available  
> at <http://www.epic.org/privacy/whois/comments.html>.
>
> 2 [cite]
>
> 3 Final Report of the Whois Task Force, March 12, 2007, available  
> at <http://gnso.icann.org/issues/whois-privacy/whois-services-final- 
> tf-report-12mar07.htm>; and Final Report of the Whois Working  
> Group, August 20, 2007, available at <http://gnso.icann.org/drafts/ 
> icann-whois-wg-report-final-1-9.pdf>.
>
> 4 Privacy and Human Rights: An International Survey of Privacy Laws  
> and Developments (EPIC and Privacy International 2006), available  
> at <http://www.epic.org/phr06>.
>
> 5 Letter from Article 29 Working Party to Vinton Cerf, March 12,  
> 2007, available at <http://www.icann.org/correspondence/schaar-to- 
> cerf-12mar07.pdf>.
>
> 6 For additional country code Top Level Domain policy examples, see  
> EPIC Testimony Before House Subcommittee, Financial Institutions  
> and Consumer Credit, Committee on Financial Services “ICANN and  
> the WHOIS Database: Providing Access to Protect Consumers from  
> Phishing,” available at <http://financialservices.house.gov/media/ 
> pdf/071806mr.pdf>.
>
>
>
> See what's new at AOL.com and Make AOL Your Homepage.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20071027/7133bbc4/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: EPIC Whois Letter to ICANN.doc
Type: application/octet-stream
Size: 34816 bytes
Desc: not available
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20071027/7133bbc4/attachment.obj>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20071027/7133bbc4/attachment-0001.html>