Timely - Please sign on to EPIC letter!
KathrynKL at AOL.COM
KathrynKL at AOL.COM
Sat Oct 27 16:52:18 CEST 2007
Friends in NCUC, we need your help. GNSO Council is now completely
OVERWHELMED with letters from the Intellectual Property (IP) Constituency. After
seven years of work, IP wants to send everything back to beginning -- no privacy,
no plan, no direction. We have come too far to do that. We have spent too
many years on Task Forces and Working Groups. National laws all over the
world gives us the right to privacy, and ICANN knows it.
Would you be willing to sign on to the Electronic Privacy Information
Center's (EPIC's letter) below? If so, please write to Marc Rotenberg at _rot
enberg at epic.org_ (mailto:rotenberg at epic.org) with your name and organization.
TIME IS OF THE ESSENSE. PLEASE WRITE TODAY.
Best,
Kathy Kleiman (NCUC Whois Task Force member 2003-2006)
(Comments can be submitted to: <whois-comments-2007 at icann.org>
Comments may be viewed at:
_http://forum.icann.org/lists/whois-comments-2007/_
(http://forum.icann.org/lists/whois-comments-2007/) )
October 25, 2007
Mr. Vint Cerf, Chairman
Mr. Paul Twomey, President & CEO
Internet Corporation for Assigned Names and Numbers
4676 Admiralty Way, Suite 330
Marina del Rey, CA 90292-6601
USA
Dear Mr Twomey and Members of the ICANN Board,
The purpose of this letter is to express our support for changes to Whois
services that would protect the privacy of individuals, specifically the
removal of registrants’ contact information from the publicly accessible Whois
database._1_ (aoldb://mail/write/template.htm#sdfootnote1sym) It is also to
propose a sensible resolution to the long-running discussion over Whois that
would establish a bit of “policy stability” and allow the various constituencies
to move on to other work
EPIC has had long-standing involvement in the Whois issue. As a member of
the Whois Privacy Steering Committee, EPIC assisted in the development of the
Whois work program, and has been a member of the Non-Commercial Users
Constituency for several years. EPIC has submitted extensive comments to ICANN on
Whois, and has testified before the US Congress in support of new privacy
safeguards for WHOIS as well as filing a brief in the US courts on the privacy
implications of the WHOIS registry._2_
(aoldb://mail/write/template.htm#sdfootnote2sym)
Both the Whois Task Force and the Whois Working Group agree that new
mechanisms must be adopted to address an individual's right to privacy and the
protection of his/her data._3_ (aoldb://mail/write/template.htm#sdfootnote3sym)
Current ICANN Whois policy conflicts with national privacy laws, including the
EU Data Protection Directive, which requires the establishment of a legal
framework to ensure that when personal information is collected, it is used only
for its intended purpose. As personal information in the directory is used
for other purposes and ICANN's policy keeps the information public and
anonymously accessible, the database could be found illegal according to many
national privacy and data protection laws including the European Data Protection
Directive, European data protection laws and legislation in Canada and
Australia._4_ (aoldb://mail/write/template.htm#sdfootnote4sym)
The Article 29 Working Party, an independent European advisory body on data
protection and privacy, states that “in its current form the [Whois] database
does not take account of the data protection and privacy rights of those
identifiable persons who are named as the contacts for domain names and
organizations.”_5_ (aoldb://mail/write/template.htm#sdfootnote5sym) The conflict with
national privacy law is real and cannot be dismissed. A sensible resolution
of the Whois matter must take this into account.
In addition, country code Top Level Domains are moving to provide more
privacy protection in accordance with national law. For example, regarding
Australia's TLD, .au, the WHOIS policy of the .au Domain Administration Ltd (AUDA)
states in section 4.2, "In order to comply with Australian privacy
legislation, registrant telephone and facsimile numbers will not be disclosed. In the
case of id.au domain names (for individual registrants, rather than corporate
registrants), the registrant contact name and address details also will not be
disclosed."_6_ (aoldb://mail/write/template.htm#sdfootnote6sym)
The Final Outcomes Report recently published by the Whois Working Group
contains several key compromises and useful statements and represents significant
progress on substantive Whois issues. The Whois Working Group found
agreement in critical areas that advance the Whois discussion within ICANN and
provide clear guidance to the ICANN Board.
In its report, the Whois Working Group accepted the Operational Point of
Contact (OPoC) proposal as a starting point, and the best option to date. The
OPoC proposal would replace publicly available registrant contact information
with an intermediate contact responsible for relaying messages to the
registrant. The Working Group agreed that there may be up to two OPoCs, and that an
OPoC can be the Registrant, the Registrar, or any third party appointed by the
Registrant. The Registrant is responsible for having a functional OPOC. The
Working Party also agreed that the OPOC should have a consensual relationship
to the Registrant with defined responsibilities. This would necessitate the
creation of a new process, and changes to the Registrar Accreditation
Agreement and Registrar-Registrant agreements to reflect this relationship.
The Board should support the agreed standard for disclosure of unpublished
Whois personal data – reasonable evidence of actionable harm. But the Board
should leave this term undefined, as it is now in the RAA for proxy services.
This standard will allow the OPoC contact, registrars and registries to work
within the framework of their national and local laws to provide access to
this personal data.
OPoCs must be allowed to employ strategies and standards similar to those of
the registrars and registries to ensure that the person receiving the
protected personal Whois data is in fact a law enforcement official.
The OPoC proposal does not impede reasonable law or intellectual property
enforcement efforts. In fact, effective implementation of the OPoC proposal
would benefit all stakeholders by improving the accuracy of the information in
the database. Because personal data will be kept private, individuals will
provide more accurate data. As a result, the Whois database will be more useful
and more reliable.
The OPoC proposal is not the ideal privacy solution. EPIC, as well as groups
such as the Non-Commercial Users Constituency, recommended a distinction
between commercial and non-commercial domains in order to protect the privacy of
registrants of domain names used for religious purposes, political speech,
organizational speech, and other forms of non-commercial speech. EPIC has
previously stated that the Whois database should not publicize any registrant
information, including name and jurisdiction.
The Whois Working Group has proposed a workable framework. It is not a
perfect framework. But it will help ensure that the WHOIS policy conforms with law
and allow ICANN to move forward. If it is not possible to adopt this
solution, then the only sensible approach would be to allow the current Whois terms
to simply sunset. Resolution 3 would be the only real option.
The signatories to this letter are willing to assist in finishing off the
implementation details of the OPoC proposal.
Sincerely,
Marc Rotenberg
EPIC Executive Director
Allison Knight
Coordinator, Public Voice Project
_1_ (aoldb://mail/write/template.htm#sdfootnote1anc) EPIC’s comments on the
ICANN Whois Task Force’s "Preliminary Task Force Report on Whois Services,"
January 12, 2007, available at
<http://www.epic.org/privacy/whois/comments.html>.
_2_ (aoldb://mail/write/template.htm#sdfootnote2anc) [cite]
_3_ (aoldb://mail/write/template.htm#sdfootnote3anc) Final Report of the
Whois Task Force, March 12, 2007, available at
<http://gnso.icann.org/issues/whois-privacy/whois-services-final-tf-report-12mar07.htm>; and Final Report of
the Whois Working Group, August 20, 2007, available at
<http://gnso.icann.org/drafts/icann-whois-wg-report-final-1-9.pdf>.
_4_ (aoldb://mail/write/template.htm#sdfootnote4anc) Privacy and Human
Rights: An International Survey of Privacy Laws and Developments (EPIC and
Privacy International 2006), available at <http://www.epic.org/phr06>.
_5_ (aoldb://mail/write/template.htm#sdfootnote5anc) Letter from Article 29
Working Party to Vinton Cerf, March 12, 2007, available at
<http://www.icann.org/correspondence/schaar-to-cerf-12mar07.pdf>.
_6_ (aoldb://mail/write/template.htm#sdfootnote6anc) For additional country
code Top Level Domain policy examples, see EPIC Testimony Before House
Subcommittee, Financial Institutions and Consumer Credit, Committee on Financial
Services “ICANN and the WHOIS Database: Providing Access to Protect Consumers
from Phishing,” available at
<http://financialservices.house.gov/media/pdf/071806mr.pdf>.
************************************** See what's new at http://www.aol.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20071027/b7b6ff3b/attachment.html>
More information about the Ncuc-discuss
mailing list