[ncsg-policy] Proposed NCUC Comments on the WHOIS Review Team Discussion Paper

[Nuno Garcia]

Hi all, hi Timothe,

Allow me to disagree with some of the things you say bellow, mostly because
I think the comparison you chose is not adequate.

In the Information Society we are all trying to build, to prevent someone
from accessing information in the manner it is published is a violation of
some of the basic Human Rights (and I mean the ones from the charter of
rights published some 50 years ago by the UN).

Let me explain: some governenments and almost all companies publish
information that is critical to a responsible citizenship in the web,
sometimes only in the web, many times free on the web but payable everywhere
else.

To put it bluntly, in Europe, the access to Internet is view by legislators
as as important as the access to electricity, water and health.

Please don't get me wrong, I too am a strong advocate of responsible
citizenship.

Yet I am not ever in favou that this group takes on the responsabilities or
tries to impose or define responsabilities onto its represented elements.
There are authorities for that and that would be way out of our powers.

I propose that if that is the case, we build a charter of rights and
responsabilities for a responsible cyber-citizenship (or whatever name you
find more suitable).

Let me know explain why the example you chose is ill formed.

If a driver misbehaves you may prevent him from driving, not as a
punishment, but as a mean to safeguard all other users of public roads.

Again, the government may prevent him from driving, but unless the offense
was a crime, it cannot prevent him from using public transportation, or
walking.

What you propose is somehow similar to put the citizen in a jail where he
cannot move or has limited movements.

On another aspect, the Internet (capital I), is a privilede, and a right. A
right that derives from the fact that the information it contains is public
domain. A right like reading a newspaper, or listening to the news and the
music in the radio or watching TV.

The Internet is the mean through which many of the rights described in the
Human Rights Charter are made available to us.

And may I add, even risking to be one of the "crooks" you mention: we should
never take this discussion to the point where we define who is a crook and
who isn't. This is a very very very dangerous path and this is not the way
we should go. In no time we will be discussing religion, moral, and other
extremely personal and subjective things.

I hope to have contributed to this discussion.
Warm regards from Portugal,

Nuno Garcia


2011/7/22 Timothe Litt <litt at acm.org>

> At the risk of becoming even less popular, let's see where your analogy
> takes us:
>
> Like driving, a network presence, including a domain name, is a privilege
> and not an absolute right.
>
> On the roads, there are standards of behavior that are enforced for the
> safety and convenience of all.  And vehicles must have tags that identify
> the owner/operator.  An unidentified vehicle strewing sharp objects (or
> explosives) down the road is a problem for everyone.  While it will
> eventually be stopped, the damage it causes is amplified by the amount of
> time that it takes to identify it.  So we have registration tags...  And
> those who drive sufficiently irresponsibly have their privilege revoked -
> even if it means they lose their livelihood.
>
> The internet is a far more complex machine.  With the privilege of becoming
> a part of that machine come some responsibilities.  Being able to be
> contacted when, through error, malfunction, or malicious intent one has a
> negative impact on the machine and/or its users is a basic responsibility.
> And those "network operators" aren't (just) some big anonymous corporation
> staffed by paid technicians; they're also individuals with their one PC
> running their own mail/web/dns server - because they don't want to entrust
> their personal data to the whims of some ISP.  Burdening "them" is
> burdening
> "us".  And it's hard enough for "us" to get "them" to take action against
> bad actors when we can identify them - when we can't, it's virtually
> impossible.
>
> Reachability via proxy provides anonymity sufficient for protecting the
> privacy needs of virtually anyone who needs to be part of the network.
>  Just
> like the vehicle whose registration address is a trust or corporation's
> attorney.  That scheme protects those with the need (or simply desire) for
> privacy.  The strength of the proxy can be adjusted to need - providing it
> still provides access.  So maybe you trust your government-run ISP to proxy
> your contact information - or maybe you employ an attorney in a state on
> the
> other side of the world with different privacy laws and a private army.  I
> don't care which - as long as I can communicate thru the proxy to someone
> who can fix or diagnose a problem.  And as long as failure to
> respond/cooperate allows the privilege of being part of the network to be
> terminated - with due process (and lots of "reasonable" in the
> definitions).
>
> Providing fraudulent/no contact information is not consistent with being a
> good citizen.  Proxies provide an adequate alternative, with sufficient
> privacy protection for those who need/desire it.
>
> We (NCUC) can't be just about "rights"; responsibilities are part of
> citizenship too.  We should not be advocating bad citizenship, or making it
> "officially acceptable".  It's bad for the network.  It's bad for our
> credibility as an organization of responsible people.  It's even bad for
> good people who think it in their interest to be unreachable - because they
> can lose domain names, connectivity and operational help.  The only people
> it's good for are the crooks/bad actors.  And NCUC should not be helping to
> make their lives easier.
>
> It's a choice to be part of the network, just as it's a choice to become a
> licensed driver.  Those who can't/won't accept the rules of good
> citizenship
> can employ others to network - or drive - for them.  (Yes, bad/unreasonable
> rules can/should be fought.  This isn't one.)
>
> We don't tolerate unlicensed drivers or unregistered vehicles - or
> vandalism
> of others' vehicles and roads.  And while we allow proxy registration of
> vehicles, driver's licenses have a verifiable name, contact address and
> photo.  Perhaps that's a sacrifice of some absolutist sense of "liberty",
> but it does make our transportation system work (more or less).  I don't
> think it unreasonable to expect the same of those on the network of
> electrons as of those on the network of roads.
>
> Timothe Litt
> ACM Distinguished Engineer
> ---------------------------------------------------------
> This communication may not represent the ACM or my employer's views,
> if any, on the matters discussed.
>
>
> -----Original Message-----
> From: NCSG-NCUC [mailto:NCSG-NCUC-DISCUSS at LISTSERV.SYR.EDU] On Behalf Of
> Nicolas Adam
> Sent: Thursday, July 21, 2011 22:09
> To: NCSG-NCUC-DISCUSS at LISTSERV.SYR.EDU
> Subject: Re: [ncsg-policy] Proposed NCUC Comments on the WHOIS Review Team
> Discussion Paper
>
> I guess in principle (or in theory, if you'd prefer) i would be tempted to
> say that privacy trumps the pragmatics of efficient network maintenance,
> but
> i'm not so sure that I get the whole technical challenge of actually
> keeping
> the stuff working ... so....
>
> If i may venture a question, at the risk of exposing my ignorance: what if
> something needs be dealt with and you can't reach a responsible person. In
> the end, depending on the gravity of the situation of course, won't the
> unreachable party be the one ultimately penalized by the stabilizing
> actions
> of network operators? And if so, and granted that anonymity does indeed put
> pressure on network operators, isn't the balance achieved one where network
> operators have a hard(er) job but where anonymous registrants mostly
> support
> the risk of potentially drastic actions by network operators striving to
> keep things going?
>
> Because frankly whois rules cannot be made to easily protect every person
> protected by a restraining order, that would be overreaching, in my
> opinion.
> Privacy, in a twisted but important sense, give us a "right"
> to misbehave in my opinion. It's what gives value to good behavior. Any
> system that makes it practically impossible to misbehave (think cars with
> built-in police radars) sap the value of good behavior right out of life. I
> believe this argument was made often -- whether from a moral, legal,
> political or economical point of view -- under the rubric of "liberty".
>
> Tentatively,
>
> Nicolas
>
> On 7/21/2011 8:17 AM, Timothe Litt wrote:
> > Although I support most of the proposed comments, I disagree with
> > recommendation 14.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20110722/15fd963f/attachment-0001.html>