Telnic WHOIS Proposal

[Danny Younger]

http://www.icann.org/minutes/prelim-report-16oct07.htm

Discussion of Registry Services Proposal from Telnic
(.TEL) re: Public Display of WHOIS information

Kurt Pritz advised that this is submitted for
information only to acquaint Board with issues
regarding the Telnic proposal and in preparation for a
possible board vote at a later meeting. The Telnic
proposal contains a complex set of issues. Two major
questions arise: by what standard should proposal be
measured and how should this proposal be evaluated
against that standard.

Telnic submitted a proposal to limit the public
display of Whois information. This is of interest to
constituencies who have an interest in access to full
Whois information such as the Intellectual Property
constituency who seek to protect the rights of their
clients.

Kurt Pritz indicated further, that issues were raised
regarding what the proposed change should be measured
against, and cited three available tools: 1) the
process for considering registry services (funnel
process); 2) the Whois Procedure for Conflicts with
National Laws; and 3) a request for registry contract
change. In this case the staff is using all three
standards.

The registry services funnel process provides a
threshold question to evaluate whether there are
stability or security issues associated with the
proposal. In this case no such issues were identified.


The Whois Procedure for Conflicts with National Laws
is not yet implemented pending GAC input, however,
interim GAC advice on this procedure was published at
the ICANN San Juan meeting. This draft procedure
suggests public consultation and requires Board
approval. This evaluation is not complete, and is
expected to be discussed at the upcoming Los Angeles
ICANN Meeting.

Finally, the proposal is being evaluated as a material
contract change, requiring public posting and Board
approval. As a result of public consultations, there
have been a number of iterations of the proposal.

With respect to the Whois Procedure for Conflicts with
National Laws there are two issues in the evaluation
of the proposal that require careful analysis.

First, is an evaluation of whether there is government
action that might conflict with ICANN contractual
Whois requirements? Telnic is not scheduled to start
registry operations until early 2008 and there is a
question as to whether there is a government action
absent an actual violation of a national law.

The second issue is whether the modifications to the
proposal made by Telnic sufficiently address concerns
raised by members of the community. As a result of
comment in reaction to their first proposal, Telnic
has significantly modified its request. The 13-step
procedure for an interested party with a reason to
gain access to full information has been eliminated.
It has been replaced with a streamlined process where
qualified individual have full access through a user
name and password issued by Telnic. In another change,
Telnic abolished a fee for the service, replacing it
with some additional authentication procedure. With
this and other changes, the test is whether the
modifications to the proposal made by Telnic
sufficiently address concerns raised by members of the
community and whether the changes preserves the
ability to comply with contractual obligations to the
greatest extent possible. To answer those questions,
ICANN has held follow-up consultations with the UK
Information Commissioner’s Office and the IP
constituency. The next step will be to post the
amended proposal by Telnic and weigh community
response as part of this analysis.

After that, the procedure calls for a General Counsel
report to the Board (essentially a Board paper) asking
the Board to consider the Telnic procedure. Noting
this was for information and not looking for Board
action, the Chair asked what is the expectation for
next steps.

Kurt Pritz advised that the revised proposal would be
posted for public comment to help determine if the
modifications have addressed community concerns. After
this discussion and an additional staff report, the
Board will be prepared to take a vote.

The Chair inquired whether this would be included on
the Los Angeles Meeting Agenda. Kurt replied that
Telnic has made recent changes to the proposal in
response to additional feedback. There is not time for
a public comment period between now and the LA
meeting.

Steve Goldstein asked if law enforcement requirements
had been examined and their need to access. The Chair
asked if he could interpret the statement—the
information collected by a registry or registrar is
not made public but avenues exist for law enforcement
agencies to obtain information but not through public
display. Law enforcement has long had the ability on a
national basis to obtain other information considered
private. Law enforcement access is not impaired. There
is a strong IP interest in obtaining data.

Steve Crocker noted that he has come to understand
that for United States law enforcement authorities,
that if a law enforcement agency is given non-public
access without using a warrant they cannot use this
information in a court process.

Susan Crawford noted that there will be a report in
Los Angeles on Whois issues in general and all of
these concerns can be aired then.

Janis Karklins advised that GAC agreed that we would
try to accomplish the work relating to GAC advice on
the conflicts policy during the Los Angeles Meeting.
He noted that there has been an active exchange among
GAC members, with the European members relatively
optimistic to reach agreement. The GAC will be working
in Los Angeles on a draft that has been circulated but
he is not optimistic that the GAC will be able to
complete this work because of serious difference in
approach to data protection in different countries.

Janis noted as a personal comment on Telnic—no
responsible business would engage on any operation
that would lead them to the court. Instead they would
try to find a solution to get the procedure right from
the start. ICANN should be sensitive to this approach.


Bruce Tonkin noted in this debate is what a lot of
lawyers want to see is written advice from a privacy
commissioner and then challenge this advice. A privacy
commissioner does not want to publish what could be
used in court. Staff has done a lot of due diligence,
spoken to UK GAC representative who has confirmed it
is normal procedure that the Commission would provide
advice in confidence. A lot of information relied on
here is private. Bruce raised the issue of how to
handle such confidentially provided information going
forward.

The Chair noted that it might be that we will have
difficulty in establishing a uniform policy for Whois
data and may end up with regional or national
policies. The policy would depend on where the data is
stored. This would not be unlike what we have with
other industries that have private information. Rita
Rodin completely agreed with that principle. She has
concern if we continue to seek to have something
uniform, then ICANN will have officials debating this
forever.


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com