FW: [council] Regarding data collected and the purpose of collecting data
![](https://secure.gravatar.com/avatar/4467d6439e53ca632c96d571798107d9.jpg?s=120&d=mm&r=g)
Mawaki, you ask some direct questions. Here are my replies. Q1. If I understand well, are you saying that your proposed definition of the purpose for which the data is collected does not imply that the WHOIS data must remain publicly accessible? A: Correct. These are separate issues. Q2. It turns out to be that, whether you like it or not, the objective of this policy development and TF is to address the issue of the WHOIS data being made public, as any one can clearly see from the three points of the ToR recalled by Ross: a) Figure out if the current data being published is appropriate (whether it should be broadened or narrowed) b) Figure out if all of this data should be made public. c) Specify how data that is not being made public can be accessed. A: YES. This is exactly the issue. Different people are making different starting assumptions. But my assumption is a different sequence to Ross's. a) Define the purposes for which we want data. b) THEN, determine access to that data taking into account privacy needs. (I am absolutely in favour of data privacy - my own included!). Q3. Do you think the question of determining whether the WHOIS data must be publicly available or not (as your refined proposal remains silent on this, while it was the job of the TF to find out), so do you think it is a question the GNSO Council should not bother asking? A: This is a key question for the GNSO. Q4. Do you think it ICANN's mission to cater for law enforcement, just because there might be unlawful deeds over the Net? A: ICANN's earliest and most successful consensus policy is the UDRP. That is all about fairness and consumer protection.We cannot ignore this key issue. If we do governments will rightly condemn us.If we have no interest in this why did we start the PDP? Q5. Don't you think the law provides, or can provide, enough itself with the means of its own enforcement, so that it doesn't need ICANN to take on the mission of a surrogate for law enforcement? A: We are seeking to make the way we are now using WHOIS compliant with law, not vice versa. Under EU data protection laws (and most other such laws) it is illegal to use data for any purpose other than that for which it was originally collected. So if we as ICANN say WHOIS data is only for purposes of connectivity, we are saying it should never be used for reasons of consumer/user protection. At this point we have to rely on the hundreds of diverse Registrar and reseller contracts to get the wording right. I trust Ross's organisation. I trust my own registrar. I don't trust all of them. That is to my mind a lack of due diligence. Philip
participants (1)
-
Philip Sheppard