Current Draft of WHOIS Letter
Marc Rotenberg
rotenberg at EPIC.ORG
Sun Oct 28 00:29:38 CEST 2007
Kathy, thanks for the note.
Friends, here is the current draft. I hope we have
included everyone and the correct affiliations
Marc.

On Oct 27, 2007, at 10:52 AM, KathrynKL at AOL.COM wrote:
> Friends in NCUC, we need your help. GNSO Council is now completely
> OVERWHELMED with letters from the Intellectual Property (IP)
> Constituency. After seven years of work, IP wants to send
> everything back to beginning -- no privacy, no plan, no direction.
> We have come too far to do that. We have spent too many years on
> Task Forces and Working Groups. National laws all over the world
> gives us the right to privacy, and ICANN knows it.
>
> Would you be willing to sign on to the Electronic Privacy
> Information Center's (EPIC's letter) below? If so, please write to
> Marc Rotenberg at rotenberg at epic.org with your name and
> organization. TIME IS OF THE ESSENSE. PLEASE WRITE TODAY.
> Best,
> Kathy Kleiman (NCUC Whois Task Force member 2003-2006)
>
> (Comments can be submitted to: <whois-comments-2007 at icann.org>
> Comments may be viewed at:
> http://forum.icann.org/lists/whois-comments-2007/)
> October 25, 2007
> Mr. Vint Cerf, Chairman
> Mr. Paul Twomey, President & CEO
> Internet Corporation for Assigned Names and Numbers
> 4676 Admiralty Way, Suite 330
> Marina del Rey, CA 90292-6601
> USA
> Dear Mr Twomey and Members of the ICANN Board,
>
> The purpose of this letter is to express our support for changes to
> Whois services that would protect the privacy of individuals,
> specifically the removal of registrants’ contact information from
> the publicly accessible Whois database.1 It is also to propose a
> sensible resolution to the long-running discussion over Whois that
> would establish a bit of “policy stability” and allow the
> various constituencies to move on to other work
>
> EPIC has had long-standing involvement in the Whois issue. As a
> member of the Whois Privacy Steering Committee, EPIC assisted in
> the development of the Whois work program, and has been a member of
> the Non-Commercial Users Constituency for several years. EPIC has
> submitted extensive comments to ICANN on Whois, and has testified
> before the US Congress in support of new privacy safeguards for
> WHOIS as well as filing a brief in the US courts on the privacy
> implications of the WHOIS registry.2
>
> Both the Whois Task Force and the Whois Working Group agree that
> new mechanisms must be adopted to address an individual's right to
> privacy and the protection of his/her data.3 Current ICANN Whois
> policy conflicts with national privacy laws, including the EU Data
> Protection Directive, which requires the establishment of a legal
> framework to ensure that when personal information is collected, it
> is used only for its intended purpose. As personal information in
> the directory is used for other purposes and ICANN's policy keeps
> the information public and anonymously accessible, the database
> could be found illegal according to many national privacy and data
> protection laws including the European Data Protection Directive,
> European data protection laws and legislation in Canada and
> Australia.4
>
> The Article 29 Working Party, an independent European advisory body
> on data protection and privacy, states that “in its current form
> the [Whois] database does not take account of the data protection
> and privacy rights of those identifiable persons who are named as
> the contacts for domain names and organizations.”5 The conflict
> with national privacy law is real and cannot be dismissed. A
> sensible resolution of the Whois matter must take this into account.
>
> In addition, country code Top Level Domains are moving to provide
> more privacy protection in accordance with national law. For
> example, regarding Australia's TLD, .au, the WHOIS policy of
> the .au Domain Administration Ltd (AUDA) states in section 4.2, "In
> order to comply with Australian privacy legislation, registrant
> telephone and facsimile numbers will not be disclosed. In the case
> of id.au domain names (for individual registrants, rather than
> corporate registrants), the registrant contact name and address
> details also will not be disclosed."6
>
> The Final Outcomes Report recently published by the Whois Working
> Group contains several key compromises and useful statements and
> represents significant progress on substantive Whois issues. The
> Whois Working Group found agreement in critical areas that advance
> the Whois discussion within ICANN and provide clear guidance to the
> ICANN Board.
>
> In its report, the Whois Working Group accepted the Operational
> Point of Contact (OPoC) proposal as a starting point, and the best
> option to date. The OPoC proposal would replace publicly available
> registrant contact information with an intermediate contact
> responsible for relaying messages to the registrant. The Working
> Group agreed that there may be up to two OPoCs, and that an OPoC
> can be the Registrant, the Registrar, or any third party appointed
> by the Registrant. The Registrant is responsible for having a
> functional OPOC. The Working Party also agreed that the OPOC should
> have a consensual relationship to the Registrant with defined
> responsibilities. This would necessitate the creation of a new
> process, and changes to the Registrar Accreditation Agreement and
> Registrar-Registrant agreements to reflect this relationship.
>
> The Board should support the agreed standard for disclosure of
> unpublished Whois personal data – reasonable evidence of
> actionable harm. But the Board should leave this term undefined, as
> it is now in the RAA for proxy services. This standard will allow
> the OPoC contact, registrars and registries to work within the
> framework of their national and local laws to provide access to
> this personal data.
>
> OPoCs must be allowed to employ strategies and standards similar to
> those of the registrars and registries to ensure that the person
> receiving the protected personal Whois data is in fact a law
> enforcement official.
>
> The OPoC proposal does not impede reasonable law or intellectual
> property enforcement efforts. In fact, effective implementation of
> the OPoC proposal would benefit all stakeholders by improving the
> accuracy of the information in the database. Because personal data
> will be kept private, individuals will provide more accurate data.
> As a result, the Whois database will be more useful and more reliable.
>
> The OPoC proposal is not the ideal privacy solution. EPIC, as well
> as groups such as the Non-Commercial Users Constituency,
> recommended a distinction between commercial and non-commercial
> domains in order to protect the privacy of registrants of domain
> names used for religious purposes, political speech, organizational
> speech, and other forms of non-commercial speech. EPIC has
> previously stated that the Whois database should not publicize any
> registrant information, including name and jurisdiction.
>
> The Whois Working Group has proposed a workable framework. It is
> not a perfect framework. But it will help ensure that the WHOIS
> policy conforms with law and allow ICANN to move forward. If it is
> not possible to adopt this solution, then the only sensible
> approach would be to allow the current Whois terms to simply
> sunset. Resolution 3 would be the only real option.
>
> The signatories to this letter are willing to assist in finishing
> off the implementation details of the OPoC proposal.
>
> Sincerely,
>
>
>
> Marc Rotenberg
> EPIC Executive Director
>
>
>
> Allison Knight
> Coordinator, Public Voice Project
> 1 EPIC’s comments on the ICANN Whois Task Force’s "Preliminary
> Task Force Report on Whois Services," January 12, 2007, available
> at <http://www.epic.org/privacy/whois/comments.html>.
>
> 2 [cite]
>
> 3 Final Report of the Whois Task Force, March 12, 2007, available
> at <http://gnso.icann.org/issues/whois-privacy/whois-services-final-
> tf-report-12mar07.htm>; and Final Report of the Whois Working
> Group, August 20, 2007, available at <http://gnso.icann.org/drafts/
> icann-whois-wg-report-final-1-9.pdf>.
>
> 4 Privacy and Human Rights: An International Survey of Privacy Laws
> and Developments (EPIC and Privacy International 2006), available
> at <http://www.epic.org/phr06>.
>
> 5 Letter from Article 29 Working Party to Vinton Cerf, March 12,
> 2007, available at <http://www.icann.org/correspondence/schaar-to-
> cerf-12mar07.pdf>.
>
> 6 For additional country code Top Level Domain policy examples, see
> EPIC Testimony Before House Subcommittee, Financial Institutions
> and Consumer Credit, Committee on Financial Services “ICANN and
> the WHOIS Database: Providing Access to Protect Consumers from
> Phishing,” available at <http://financialservices.house.gov/media/
> pdf/071806mr.pdf>.
>
>
>
> See what's new at AOL.com and Make AOL Your Homepage.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20071027/f43b063a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: EPIC Whois Letter to ICANN.doc
Type: application/octet-stream
Size: 34816 bytes
Desc: not available
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20071027/f43b063a/attachment.obj>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20071027/f43b063a/attachment-0001.html>
More information about the Ncuc-discuss
mailing list