Re: [At-Large] [NA-Discuss] Community Input Requested on Two Draft Statements from ALAC to the ICANN Board
At-Large Staff wrote:
Dear Community members:
[ENGLISH TEXT]
We have been asked to notify you that two draft statements to the ICANN Board from the At-Large Advisory Committee are now open for comments from all members of the At-Large community. Comments will be accepted until 16th April 2008, at 1200 UTC, after which time comments will be reviewed by the ALAC Finance and Budget committee before transmitting the final text to the Board of Directors as an Advisory Committee statement.
Draft Statement to the ICANN Board on the Budget and Operational Plan Framework for 2008/2009: https://st.icann.org/alac/index.cgi?al_alac_bud_sc_0308_1_2
The statement, appended below, is completely anodyne. My comments: Drop the "compliments" bs. Trade WHOIS accuracy for WHOIS privacy. When inaccuracy is the way to preserve privacy, it's better than forced accuracy. Drop the crap about increased working capacity on ALAC - there's no evidence the community is working any better, when these statements come out with little evidence of community input. How about focusing on some things important to end-users? * Getting new gTLDs introduced already to foster market competition; * reforming an intellectual-property-centric UDRP; * introducing DNSSEC so users can verify the accuracy of domain lookup; * protection of Internet users and registrants against abuse of data they send through DNS lookups or registration inquiries. for just a few. --- AL.ALAC/BUD.SC/0308/1/2 STATUS OF THIS DOCUMENT: Draft COMMITTE RESPONSIBLE FOR THE TEXT: ALAC Finance and Budget Subommittee DOCUMENT BEGAN COMMUNITY REVIEW ON: 6th April 2008 COMMUNITY REVIEW CONCLUDES ON: 16th April 2008 NEXT STEP AFTER COMMUNITY REVIEW: Committee responsible reviews comments, produces final draft which is transmitted to the Board of Directors of ICANN Community members are invited to use the 'Comment' button to provide their views on the text here until 16th April 2008 at 1200 UTC. At-Large Advisory Committee Statement to the ICANN Board on the Draft Operating Plan for FY 2008/2009 We present our compliments to the Board of Directors of ICANN and welcome the opportunity to make our comments on the Draft Operating Plan and Budget Framework for FY 2008/2009. Firstly, please note our endorsement of the change to the budgeting and operational planning process introduced this year. It seems to us that the combination of the consultation on these obviously closely-related issues is eminently sensible. We also welcome the longer public consultation timelines that this allows. As this is the first stage of this process, these comments are introductory. We provide this document so that these preliminary reactions and comments may be taken into account as the Staff prepare the Budget and Operating Plan for its first iteration consultation. Our comments, therefore, are primarily related to the various “Activities/Outcomes by Initiative”. We do not propose to comment on each of these, but on those most important to the At-Large Community. IDN Activities This is a very important area of work for At-Large – and also for all of ICANN. The extra funding and greatly increased ICANN activity in this area is therefore welcomed. We would like to emphasise the element of communications related to IDNs. Fundamental choices that will affect the many communities that do not rely upon the Latin character set will be made in the next few years. For that reason, we believe ICANN, in partnership with other stakeholders of course, needs to make a substantial, sustained, greatly increased effort to communicate with these communities –to ensure that the message about the forthcoming choices to be made related to IDNs reaches a far larger pool of potential contributors to the process than is currently aware and participating. This should not simply take the form of translated press releases but really a well-thought-out media campaign which ‘reaches out’ to the public. We know that efforts to do this work exist – we wish to emphasise that this is extremely important. We note that we have asked the At-Large staff to propose funding in the forthcoming FY to revise and expand the available materials related to outreach to the individual Internet user community and this is just one aspect that such an effort must address. Compliance Activities We note the increase in staffing and staff work related to compliance. We are pleased to see that the budget framework proposes further considerable investment in this area. However we wish to note what we see as two crucial missing major activities in this area related to compliance: * WHOIS Accuracy and Reporting. We all know that WHOIS is very inaccurate. This is a very serious problem and considerable effort needs to be made to improve this situation. Multiplying the number of gTLDs as is proposed when the existing database is inaccurate is just asking to make a big problem worse – and the existing reporting system is already not fit for purpose. ICANN is not living up to its obligations with respect to WHOIS – fixing this should be a headline compliance activity in the Operational Plan for 2008/2009. Whilst we are limiting our comments here to compliance activities related to the operational planning cycle, this should not be understood to mean that our concerns related to WHOIS are limited to data accuracy. Our previous statements on the policy aspects of WHOIS remain valid. * Complaints Processing. We note that there is now some information on how registrants can complain on the ICANN website, which is a welcome improvement. We also note that there is a provision as a headline activity in the Operational Plan Framework to “Implement Complaints Process System to address complaints and forward them to correct parties as approved”. This is a start but is not nearly enough – such a system needs to also verify whether or not the forwarded complaints were addressed, and provide options so that the complainant can easily report whether or not they are satisfied with the result. The underlying philosophy should be that, as the contractor, ICANN should ensure that the contractees are living up to their side of the ‘deal’ and completely offloading complaints to the contractee – or anyone else – is in our opinion not satisfactory. Global Outreach This is a particularly important area to us. The various communities in ICANN are not representative of the worldwide Internet-using community. Whilst we appreciate the initial provision of a substantial increase in funds allocated to Global Outreach – we will look forward to seeing more detail about precisely what this consists of when the draft budget is posted. However, we note that on page 23 of the Draft Framework, under Global Outreach, there is a major area of work listed as ‘Implement business engagement outreach’. If this is intended to be outreach only to business communities, this is, in our opinion, clearly far too narrow – outreach efforts and recruitment efforts must be be even-handed, global – and to all communities and potential participant communities, not just ‘business’. We draw the attention of the board to the many comments about the importance of dramatically increasing the outreach and recruitment of ALL stakeholders that was a common theme of the respondents to the JPA review recently; From this we propose that there is broad support for greatly increased work by ICANN in these respects. We welcome the continued support for participation by our community from ICANN. Without it the Internet end-user’s voice will simply not be adequately represented. Facilitation of community participation (and specifically that of volunteers) in ICANN is an extremely important issue and one important aspect of this is covered in greater depth in our statement to you in relation to the development of a volunteer travel and expense support policy, in document AL.ALAC/BUD.SC/0308/2 which is accessible at <insert url here>. Policy Development Support We welcome the major theme associated with this area of work on page 25, that ICANN will “provide additional secretariat support to SOs, constituencies and ACs to make volunteer efforts more effective.” We are direct beneficiaries of this, with the addition of two members of staff on the At-Large team. It should be noted that the recent filling of these long-open positions is already beginning to increase our capacity for working with greater efficiency (particularly in the RALO’s), and we hope that the support our community receives of this kind will become generally available across the constituencies and communities and look forward to seeing the detailed plans for how the objective listed in this area is to be achieved. Registrant Protections We welcome the increased activity in this area – however, the board needs to be aware that from our perspecitve, the RAA review process appears to have ceased operation. We hear anecdotally that there is current work in this area inside ICANN, but it is not visible to us (or anyone else from what we can tell). This is a very important area of work for ICANN and to our community. It should not suffer, for example, due to work on new gTLDs taking priority –the priority must be given to the protection of existing registrants and only then worrying about adding many more through new gTLDs. We believe there should be meaningful deadlines set for the concluding of work on the RAA – in a completely open and transparent manner. Transcription and Translation Our community has been calling for ICANN to become a truly multilingual organisation for years now. We appreciate and appplaud the increased budget commitment, draft translation framework, and other moves in this direction but we wish to remind you that ICANN has a very, very long way to go to reach the mission that the translation programme proposes. In our opinion, this area of work is of absolutely central importance to the organisation’s credibility, as we do not believe that any consultation or policy development process conducted entirely in English is globally legitimate. This is especially true with subjects like IDNs that – incredibly –continue to be largely English-only, with multilingual documents provided only in some cases, often far later than the original English versions, and only as an afterthought. Ensuring that the work of ICANN becomes truly multilingual is a core, critical objective. It must not be sidelined, or de-emphasised by other objectives like new gTLDs. Broaden Participation This area is of great importance – not just to our community but to all communities. In particular, whilst the provisions for teleconferences for our community have improved by changing vendors, we do not believe that it makes sense to continue to outsource this core communications function and so we welcome the news that ICANN proposes to purchase a truly fit-for-purpose system to facilitate telephonic interactions. We hope that in doing so choices will be made which truly facilitate equal access and quality for all participants, regardless of where they might be. In particular, the new system must provide for the technical operation of simultaneous interpretation on teleconferences. This is an absolutely essential function, not something that is “nice to have”. Our experience with this has clearly shown that the ability to work, interact and correspond (both face to face and remotely) in the language that is most comfortable and easy to work with greatly increases and enhances effective participation. We would also like to emphasise how important it is to broadening participation of effective remote participation in meetings, of which telephonic two-way participation is only one element. We believe that the current remote participation modalities for ICANN meetings are not fit for purpose. Our statement in relation to the development of a volunteer travel and expense support policy, in document AL.ALAC/BUD.SC/0308/2 accessible at <insert url here> also has the elaboration on our views on the subject of remote participation, and meetings. In addition to these points, we wish to emphasise that one of the most important elements of participation is ICANN producing documents in standardised formats which are accessible, written in plain language, with excellent summaries, indices, glossaries, and the like. This is a real shortcoming of present document production at ICANN and it is a real barrier to participation. We also believe that fostering participation actually requires a regionally sensitive approach and often regionally differentiated materials. In developing countries, radio and audiovisual materials, to mention just two formats, are the best way to reach non-traditional ICANN stakeholders. It is understood that this kind of outreach would not be in the nature of general Internet education but should be related to the mission of ICANN and its mandate. In closing, we thank the board in advance for its consideration of our views, and look forward to a response to our concerns and recommendations in due course.
Wendy Seltzer wrote:
Trade WHOIS accuracy for WHOIS privacy. When inaccuracy is the way to preserve privacy, it's better than forced accuracy. ... ...
* WHOIS Accuracy and Reporting. We all know that WHOIS is very inaccurate. This is a very serious problem and considerable effort needs to be made to improve this situation. Multiplying the number of gTLDs as is proposed when the existing database is inaccurate is just asking to make a big problem worse – and the existing reporting system is already not fit for purpose. ICANN is not living up to its obligations with respect to WHOIS – fixing this should be a headline compliance activity in the Operational Plan for 2008/2009. Whilst we are limiting our comments here to compliance activities related to the operational planning cycle, this should not be understood to mean that our concerns related to WHOIS are limited to data accuracy. Our previous statements on the policy aspects of WHOIS remain valid.
Wendy I respectfully disagree. Whois accuracy severely impacts end users in enforcing their legal rights and hampers effective . I am also sticking my neck out here, but not all inaccurate whois is submitted in an attempt at pure privacy. Many domains that are abused to spam, scam and phish etc end users, have fake whois. This is by design. This issue is also briefly mentioned in ICANN advisory dated 3 April 2003, http://www.icann.org/announcements/advisory-03apr03.htm , which is sadly hardly ever enforced. I have a lot of evidence of how existing WHOIS privacy mechanisms are being abused to simply prolong a fraudulent domain's existence endangering more clueless end users. Under the privacy protection we find more fake whois details fort many domains. WHOIS privacy is a very sharp two sided sword. As an example of why we need whois details currently: Right now a big corporate is giving away free domains. At AA419.org we noticed a disproportionate large number of registrants from small towns across America shown in domains spoofing banks, government agencies and other businesses. We contacted numerous of these registrants who in turn had no knowledge of these domains; 4X year old teachers, estate agents etc. We have contacted the big corporate and registrar in an attempt to address this issue. The domains are "disabled" in the corporate's system. However the result of the ID theft is clearly visible in WHOIS without the victims' permission. Without verifiable whois this problem would have been denied (as was originally attempted) and the problem invisible. This situation is still ongoing. I am talking far in excess of a thousand domains in a year! Yet this is just the tip of the iceberg ... To really represent end users, current issues and procedures should be fixed first. If not, the problem is merely disguised and we would all be worse off at the end of the day. It is a sad fact that much more money is lost due to internet fraud and abuse than merely WHOIS being visible. Long term I would love general WHOIS privacy, however not at the price of partially disarming those currently doing what they do to make the Internet a safer place - it is not only LEA's I am referring to, though they would have the same problem. Personally I have numerous domains with whois protection, but my whois details are 100% correct for those domains and I am using an available acknowledged privacy mechanism. I accept responsibility for them. These mechanisms are available to other users as well, if privacy is a concern to them - with the exception of the initially much abused .us TLD. However nobody is forced to use a .us domain. We do have choices. In a nutshell, there is also a reason why whois is sometimes not accurate on many domains: To evade responsibility illegal activities. How do you protect against that? To fix, we have to fully understand the implications of each action. Sadly not all internet registrants are as honorable as we would wish. Whatever WHOIS system emerges has to acknowledge this fact. Best regards, Derek Smythe http://www.aa419.org
I say leave privacy as an option for each individual user and enforce the accuracy of the information either way. Chris McElroy ----- Original Message ----- From: "Derek Smythe" <derek@aa419.org> To: "Wendy Seltzer" <wendy@seltzer.com> Cc: <alac@atlarge-lists.icann.org> Sent: Sunday, April 06, 2008 6:29 PM Subject: Re: [At-Large] [NA-Discuss] Community Input Requested on Two Draft Statements from ALAC to the ICANN Board
Wendy Seltzer wrote:
Trade WHOIS accuracy for WHOIS privacy. When inaccuracy is the way to preserve privacy, it's better than forced accuracy. ... ...
* WHOIS Accuracy and Reporting. We all know that WHOIS is very inaccurate. This is a very serious problem and considerable effort needs to be made to improve this situation. Multiplying the number of gTLDs as is proposed when the existing database is inaccurate is just asking to make a big problem worse – and the existing reporting system is already not fit for purpose. ICANN is not living up to its obligations with respect to WHOIS – fixing this should be a headline compliance activity in the Operational Plan for 2008/2009. Whilst we are limiting our comments here to compliance activities related to the operational planning cycle, this should not be understood to mean that our concerns related to WHOIS are limited to data accuracy. Our previous statements on the policy aspects of WHOIS remain valid.
Wendy
I respectfully disagree. Whois accuracy severely impacts end users in enforcing their legal rights and hampers effective .
I am also sticking my neck out here, but not all inaccurate whois is submitted in an attempt at pure privacy. Many domains that are abused to spam, scam and phish etc end users, have fake whois. This is by design. This issue is also briefly mentioned in ICANN advisory dated 3 April 2003, http://www.icann.org/announcements/advisory-03apr03.htm , which is sadly hardly ever enforced.
I have a lot of evidence of how existing WHOIS privacy mechanisms are being abused to simply prolong a fraudulent domain's existence endangering more clueless end users. Under the privacy protection we find more fake whois details fort many domains. WHOIS privacy is a very sharp two sided sword.
As an example of why we need whois details currently: Right now a big corporate is giving away free domains. At AA419.org we noticed a disproportionate large number of registrants from small towns across America shown in domains spoofing banks, government agencies and other businesses. We contacted numerous of these registrants who in turn had no knowledge of these domains; 4X year old teachers, estate agents etc. We have contacted the big corporate and registrar in an attempt to address this issue. The domains are "disabled" in the corporate's system. However the result of the ID theft is clearly visible in WHOIS without the victims' permission. Without verifiable whois this problem would have been denied (as was originally attempted) and the problem invisible. This situation is still ongoing. I am talking far in excess of a thousand domains in a year! Yet this is just the tip of the iceberg ...
To really represent end users, current issues and procedures should be fixed first. If not, the problem is merely disguised and we would all be worse off at the end of the day. It is a sad fact that much more money is lost due to internet fraud and abuse than merely WHOIS being visible.
Long term I would love general WHOIS privacy, however not at the price of partially disarming those currently doing what they do to make the Internet a safer place - it is not only LEA's I am referring to, though they would have the same problem.
Personally I have numerous domains with whois protection, but my whois details are 100% correct for those domains and I am using an available acknowledged privacy mechanism. I accept responsibility for them. These mechanisms are available to other users as well, if privacy is a concern to them - with the exception of the initially much abused .us TLD. However nobody is forced to use a .us domain. We do have choices.
In a nutshell, there is also a reason why whois is sometimes not accurate on many domains: To evade responsibility illegal activities. How do you protect against that?
To fix, we have to fully understand the implications of each action. Sadly not all internet registrants are as honorable as we would wish. Whatever WHOIS system emerges has to acknowledge this fact.
Best regards,
Derek Smythe http://www.aa419.org
_______________________________________________ ALAC mailing list ALAC@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
At-Large Official Site: http://atlarge.icann.org
I would agree with our European colleagues, that being that the default should be consistent with the high level of privacy mandated at the EU and Canadian level. WHOIS information should should not be seen as a data mine, to be used by spammers, law enforcement and the Intellectual property constituency. It is a key database, one that should .. that must.. be adequately protected against abuse . regards Robert On 7-Apr-08, at 12:45 PM, Blogs.pn wrote:
I say leave privacy as an option for each individual user and enforce the accuracy of the information either way.
Chris McElroy
----- Original Message ----- From: "Derek Smythe" <derek@aa419.> To: "Wendy Seltzer" <wendy@s org eltzer.com> Cc: <alac@atlarge-lists.icann.org> Sent: Sunday, April 06, 2008 6:29 PM Subject: Re: [At-Large] [NA-Discuss] Community Input Requested on Two Draft Statements from ALAC to the ICANN Board
Wendy Seltzer wrote:
Trade WHOIS accuracy for WHOIS privacy. When inaccuracy is the way to preserve privacy, it's better than forced accuracy. ... ...
* WHOIS Accuracy and Reporting. We all know that WHOIS is very inaccurate. This is a very serious problem and considerable effort needs to be made to improve this situation. Multiplying the number of gTLDs as is proposed when the existing database is inaccurate is just asking to make a big problem worse – and the existing reporting system is already not fit for purpose. ICANN is not living up to its obligations with respect to WHOIS – fixing this should be a headline compliance activity in the Operational Plan for 2008/2009. Whilst we are limiting our comments here to compliance activities related to the operational planning cycle, this should not be understood to mean that our concerns related to WHOIS are limited to data accuracy. Our previous statements on the policy aspects of WHOIS remain valid.
Wendy
I respectfully disagree. Whois accuracy severely impacts end users in enforcing their legal rights and hampers effective .
I am also sticking my neck out here, but not all inaccurate whois is submitted in an attempt at pure privacy. Many domains that are abused to spam, scam and phish etc end users, have fake whois. This is by design. This issue is also briefly mentioned in ICANN advisory dated 3 April 2003, http://www.icann.org/announcements/advisory-03apr03.htm , which is sadly hardly ever enforced.
I have a lot of evidence of how existing WHOIS privacy mechanisms are being abused to simply prolong a fraudulent domain's existence endangering more clueless end users. Under the privacy protection we find more fake whois details fort many domains. WHOIS privacy is a very sharp two sided sword.
As an example of why we need whois details currently: Right now a big corporate is giving away free domains. At AA419.org we noticed a disproportionate large number of registrants from small towns across America shown in domains spoofing banks, government agencies and other businesses. We contacted numerous of these registrants who in turn had no knowledge of these domains; 4X year old teachers, estate agents etc. We have contacted the big corporate and registrar in an attempt to address this issue. The domains are "disabled" in the corporate's system. However the result of the ID theft is clearly visible in WHOIS without the victims' permission. Without verifiable whois this problem would have been denied (as was originally attempted) and the problem invisible. This situation is still ongoing. I am talking far in excess of a thousand domains in a year! Yet this is just the tip of the iceberg ...
To really represent end users, current issues and procedures should be fixed first. If not, the problem is merely disguised and we would all be worse off at the end of the day. It is a sad fact that much more money is lost due to internet fraud and abuse than merely WHOIS being visible.
Long term I would love general WHOIS privacy, however not at the price of partially disarming those currently doing what they do to make the Internet a safer place - it is not only LEA's I am referring to, though they would have the same problem.
Personally I have numerous domains with whois protection, but my whois details are 100% correct for those domains and I am using an available acknowledged privacy mechanism. I accept responsibility for them. These mechanisms are available to other users as well, if privacy is a concern to them - with the exception of the initially much abused .us TLD. However nobody is forced to use a .us domain. We do have choices.
In a nutshell, there is also a reason why whois is sometimes not accurate on many domains: To evade responsibility illegal activities. How do you protect against that?
To fix, we have to fully understand the implications of each action. Sadly not all internet registrants are as honorable as we would wish. Whatever WHOIS system emerges has to acknowledge this fact.
Best regards,
Derek Smythe http://www.aa419.org
_______________________________________________ ALAC mailing list ALAC@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ ALAC mailing list ALAC@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
At-Large Official Site: http://atlarge.icann.org
Blogs.pn wrote:
I say leave privacy as an option for each individual user and enforce the accuracy of the information either way.
The problem is that the average user doesn't really know about WHOIS or what it contains or how it can be abused. We, as internet professionals, owe a duty of care to our clients. The current "status quo" with gTLDs does not work in anyone's favour be they private individuals, law enforcement or intellectual property rights people -- Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ Tel. 1850 929 929 Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
I inform my clients as I'm sure you do. Registrars could help by explaining it at registration time and giving the user options. Chris McElroy http://www.blogcontentprovider.com ----- Original Message ----- From: "Michele Neylon" <michele@blacknight.ie> To: <alac@atlarge-lists.icann.org> Sent: Monday, April 07, 2008 5:57 PM Subject: Re: [At-Large] [NA-Discuss] Community Input Requested on Two Draft Statements from ALAC to the ICANN Board
Blogs.pn wrote:
I say leave privacy as an option for each individual user and enforce the accuracy of the information either way.
The problem is that the average user doesn't really know about WHOIS or what it contains or how it can be abused.
We, as internet professionals, owe a duty of care to our clients.
The current "status quo" with gTLDs does not work in anyone's favour be they private individuals, law enforcement or intellectual property rights people
-- Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ Tel. 1850 929 929 Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
_______________________________________________ ALAC mailing list ALAC@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
At-Large Official Site: http://atlarge.icann.org
Speaking for CAUCE, we agree with all of Wendy's comments ...
Trade WHOIS accuracy for WHOIS privacy. When inaccuracy is the way to preserve privacy, it's better than forced accuracy.
... except this one. The vast majority of bogus WHOIS info is clearly not there for reasons of personal privacy, but rather to hide the identities of perpetrators of phishing, spam, and other kinds of fraud. R's, John
John Levine wrote:
Speaking for CAUCE, we agree with all of Wendy's comments ...
Trade WHOIS accuracy for WHOIS privacy. When inaccuracy is the way to preserve privacy, it's better than forced accuracy.
... except this one.
The vast majority of bogus WHOIS info is clearly not there for reasons of personal privacy, but rather to hide the identities of perpetrators of phishing, spam, and other kinds of fraud.
I agree with Wendy's comments given John's exception. - Evan
Speaking for CAUCE, we agree with all of Wendy's comments ...
Trade WHOIS accuracy for WHOIS privacy. When inaccuracy is the way to preserve privacy, it's better than forced accuracy.
... except this one.
The vast majority of bogus WHOIS info is clearly not there for reasons of personal privacy, but rather to hide the identities of perpetrators of phishing, spam, and other kinds of fraud.
John, Wendy: I think you're both equally right/wrong. I am quite sure spammers, others trying to con, steal (whatever), abuse WHOIS. But I am equally sure there are many (as many, as few? I am not able to guess) who provide inaccurate (or un-helpful) information for privacy reasons. We are generally advised not to put personal information online. WHOIS is contrary to best practise. It's in users best interests that WHOIS is accurate and WHOIS preserves privacy (give me privacy and I'll give you accurate information.) About this part of the statement, I don't remember ALAC ever making such a strong claim:
However we wish to note what we see as two crucial missing major activities in this area related to compliance:
* WHOIS Accuracy and Reporting. We all know that WHOIS is very inaccurate. This is a very serious problem and considerable effort needs to be made to improve this situation. Multiplying the number of gTLDs as is proposed when the existing database is inaccurate is just asking to make a big problem worse and the existing reporting system is already not fit for purpose. ICANN is not living up to its obligations with respect to WHOIS fixing this should be a headline compliance activity in the Operational Plan for 2008/2009. Whilst we are limiting our comments here to compliance activities related to the operational planning cycle, this should not be understood to mean that our concerns related to WHOIS are limited to data accuracy. Our previous statements on the policy aspects of WHOIS remain valid.
Think it needs re-writing so ALAC's established positions are represented. (and can people stop using high ascii curly quotes etc in email? Plain text not possible?) Thanks, Adam
R's, John
_______________________________________________ ALAC mailing list ALAC@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
At-Large Official Site: http://atlarge.icann.org
Adam Peake wrote:
I am quite sure spammers, others trying to con, steal (whatever), abuse WHOIS. But I am equally sure there are many (as many, as few? I am not able to guess) who provide inaccurate (or un-helpful) information for privacy reasons. We are generally advised not to put personal information online. WHOIS is contrary to best practise.
Well, of course, especially when the "privacy" is desired because you're trying to con and steal and WHOIS. Sorry, but refusing to be identified -- when using a facility primarily used to _provide_ identity -- seems absurd. Registrars can perhaps offer proxy/escrow services, then, as part of their arsenal of tools to sell registrants for that kind of thing. You can get an unlisted phone number, but you pay for that and the phone company still maintains correct records on who owns a certain line. In other fields of public communications, people who want a buffer between themselves and others -- celebrities, victims, whistleblowers -- obtain agents to act as that buffer. But they still need to provide accurate information to their agent, and the agent is part of a chain of responsibility that is not obliged to protect those who use the buffer as a means to lie, cheat or misrepresent themselves. The right to privacy is not an absolute one -- it has numerous limits and is often subservient to many other human rights (such as the legal right to confront one's accuser). The right to maintain privacy, while maintaining the freedom to abuse the privacy rights of others, is neither best practise nor a suitable excuse for maintaining inaccurate information. Many people would certainly like to give fake information on their drivers' licenses or passports for various privacy-related reasons, and would certainly do so if certain laws did not prohibit that form of "privacy". - Evan
Evan, On Mon, 07 Apr 2008 08:07:27 -0400, Evan Leibovitch <evan@telly.org> wrote:
Well, of course, especially when the "privacy" is desired because you're trying to con and steal and WHOIS.
Sorry, but refusing to be identified -- when using a facility primarily used to _provide_ identity -- seems absurd.
Registrars can perhaps offer proxy/escrow services, then, as part of their arsenal of tools to sell registrants for that kind of thing. You can get an unlisted phone number, but you pay for that and the phone company still maintains correct records on who owns a certain line.
Depends on the country. Over here (in Belgium, but also in other European countries), being unlisted is the default, unless you specifically _require_ your number to be added to the public directory. There is no cost to get unlisted. The underlying logic is that privacy is a fundamental human right, and these are not for sale. I would not agree to pay for freedom of expression, either. Obviously, the phone company will provide the subscriber's details to a law enforcement authority showing proper and written credentials.
The right to privacy is not an absolute one -- it has numerous limits and is often subservient to many other human rights (such as the legal right to confront one's accuser).
Fully agree. The normal process against libel, defamation, trademark infringments, etc in most countries is to file a complaint with the law enforcement agencies and wait for them to obtain the information. Patrick
Evan Leibovitch schreef:
Adam Peake wrote:
I am quite sure spammers, others trying to con, steal (whatever), abuse WHOIS. But I am equally sure there are many (as many, as few? I am not able to guess) who provide inaccurate (or un-helpful) information for privacy reasons. We are generally advised not to put personal information online. WHOIS is contrary to best practise.
WHOIS information on the registrant should be public in case registrant is an official organisation, a company, a self-employed or any other public organisation. In Belgium, you need to publish on any official document, including your website, your official organisation form, full address and company registration number. As such, you can always be identified in an official national database (KBO). Why should we not apply these rules on registrant information ?
Rudi Vansnick ISOC Belgium chair Board member ISOC-ECC Board member EURALO
Well, of course, especially when the "privacy" is desired because you're trying to con and steal and WHOIS.
Sorry, but refusing to be identified -- when using a facility primarily used to _provide_ identity -- seems absurd.
Registrars can perhaps offer proxy/escrow services, then, as part of their arsenal of tools to sell registrants for that kind of thing. You can get an unlisted phone number, but you pay for that and the phone company still maintains correct records on who owns a certain line.
In other fields of public communications, people who want a buffer between themselves and others -- celebrities, victims, whistleblowers -- obtain agents to act as that buffer. But they still need to provide accurate information to their agent, and the agent is part of a chain of responsibility that is not obliged to protect those who use the buffer as a means to lie, cheat or misrepresent themselves.
The right to privacy is not an absolute one -- it has numerous limits and is often subservient to many other human rights (such as the legal right to confront one's accuser).
The right to maintain privacy, while maintaining the freedom to abuse the privacy rights of others, is neither best practise nor a suitable excuse for maintaining inaccurate information. Many people would certainly like to give fake information on their drivers' licenses or passports for various privacy-related reasons, and would certainly do so if certain laws did not prohibit that form of "privacy".
- Evan
_______________________________________________ ALAC mailing list ALAC@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
At-Large Official Site: http://atlarge.icann.org
participants (10)
-
Adam Peake -
Blogs.pn -
Derek Smythe -
Evan Leibovitch -
John Levine -
Michele Neylon -
Patrick Vande Walle -
Robert Guerra -
Rudi Vansnick -
Wendy Seltzer