Compromise wording on WHOIS
![](https://secure.gravatar.com/avatar/4467d6439e53ca632c96d571798107d9.jpg?s=120&d=mm&r=g)
Council, In preparation for the discussion and possible vote on WHOIS purpose please find attached a proposed compromise definition. The background to this compromise is as follows: - It is not intended to be a new formulation 2 but a new approach and thus an amendment to the proposed vote. - The new wording seeks to accommodate numerous concerns expressed at the last Council meeting and in the recent WG paper: 1. it speaks not of the purpose of "WHOIS" but the purpose for which the "data is collected". This reflects the concerns rightly raised by the non-commercial constituency in that previous definitions were not compliant with data protection laws such as the EU data protection directive. The intent here is that the scope should be no wider than the scope of such laws. 2. The new wording removes the overly wide phrase "or other uses" phrase in a previous definition. In this way it stays compliant also with data protection laws in that purpose has to be explicit. 3. The definition is silent on questions of subsequent access to data or data publication. This issue was raised by the Registrars in that the purpose of WHOIS was being defined in the context of the current manifestation of WHOIS with its current open access and publication. This definition is intended not to make ANY assumption about access. 4. In the same way this definition is not intended to override any subsequent debate on privacy. I hope that by addressing the concerns above, we can get the full support of Council to a definition describing the purposes of data collection and one that is not blind to the use that such data is being put today in pursuit of consumer protection and measures to prevent crime. To pursue a vote that would divide Council between the previous formulations 1 and 2 would not move us forward. I hope this third way ( excuse me sounding like UK prime minister Tony Blair!) will be a positive way forward for Council and one that will also get the full support of the GAC. Philip
![](https://secure.gravatar.com/avatar/ab3795c4b730c5963930e2dbd4a1b854.jpg?s=120&d=mm&r=g)
In preparation for the discussion and possible vote on WHOIS purpose
proposed compromise definition. The background to this compromise is as follows: - It is not intended to be a new formulation 2 but a new approach and
the proposed vote. - The new wording seeks to accommodate numerous concerns expressed at
meeting and in the recent WG paper: 1. it speaks not of the purpose of "WHOIS" but the purpose for which
Philip - please find attached a thus an amendment to the last Council the "data is
collected". This reflects the concerns rightly raised by the non-commercial constituency in that previous definitions were not compliant with data protection laws such as the EU data protection directive. The intent here is that the scope should be no wider than the scope of such laws.
The Task Force terms of reference are explicit on the point that the definition is to deal with the purpose of whois, not the purpose of the data collection. While your intentions are well-placed, I believe that this amendment is "out-of-order". The purpose of the data collection is currently defined by the registrar in their respective terms of service. I would expect these to vary from registrar to registrar and I fail to understand what benefits come from standardizing the language. Right now, we very clearly have a broad support amongst the constituencies for Formulation #1. During our recent council meeting, it became clear that what I had viewed as being equally broad support for Formulation #2 was in fact not all that broad (I don't believe that any of the former supporters of Formulation #2 were willing to endorse the proposition as written). Now you have presented us with a completely new formulation that attempts to deal with the issue by answering a question related to the collection of Whois data, and not the purpose of the Whois system itself. I fail to see how this represents a compromise. It is an answer to a question that we are not asking. The task force has spent an incredible amount of time preparing these formulations - despite the fact that it was unable to come to complete agreement between all of the constituencies (3 for, 3 against). I believe that we owe it to the Task Force to consider and vote on the language that they have prepared for us, or at the very least, amend the existing language such that it more appropriately deals with the concerns that Council might have. Your proposal takes the discussion in a completely different direction and is not in scope relative to the terms of reference of the task force. It would be inadvisable for us to turn our backs on the body of work undertake by this committee in the way that you propose.
3. The definition is silent on questions of subsequent access to data or data publication. This issue was raised by the Registrars in that the purpose of WHOIS was being defined in the context of the current manifestation of WHOIS with its current open access and publication. This definition is intended not to make ANY assumption about access.
I'm not sure that this was the point I was making (or that anyone from the Registrar constituency made this point). I believe this was raised by someone else, although I haven't read through the transcripts to figure out whom. Also, it was my understanding that the point was raised as it relates to Formulation #2. In any event, the more general point is that Formulation #1 is intended to create a standardized definition for the path forward that is consistent with ICANN's scope and mission. The problem with Formulation #2 is that it attempts to create a standardized definition that is consistent with past practices - which are not necessarily consistent with ICANN's scope and mission.
definition describing the purposes of data collection and one that is not blind to the use that such data is being put today in pursuit of consumer protection and measures to prevent crime.
I completely sympathize with the concerns raised re: criminal activity and consumer protection. It is worth pointing out that this has become a bit of a red herring in this discussion in that it fails to distinguish between "purpose" and "use". i.e. The purpose of the DNS is to map domain names to IP addresses. Its use is far broader than that. Similarly, the purpose of the gTLD Whois service can be equally simple and narrow, while facilitating a much broader set of uses - i.e. nothing in its application prevents the responsible party from passing on law enforcement requests in exactly the same manner that they do today. I do appreciate the effort that you've made to bridge the gap, but I believe it is in our interests to select one of the two current formulations in a timely manner so that the Task Force can continue with the rest of its work. I cannot support your proposal on these grounds. Regards, -- -rr "Don't be too timid and squeamish about your actions. All life is an experiment. The more experiments you make the better." - Ralph Waldo Emerson Contact Info: Ross Rader Director, Research & Innovation Tucows Inc. c. 416.828.8783 Get Started? http://start.tucows.com My Blogware: http://www.byte.org
![](https://secure.gravatar.com/avatar/ab3795c4b730c5963930e2dbd4a1b854.jpg?s=120&d=mm&r=g)
Ross Rader wrote:
The purpose of the data collection is currently defined by the registrar in their respective terms of service. I would expect these to vary from registrar to registrar and I fail to understand what benefits come from standardizing the language.
I thought it might be helpful if I shared the purposes for data collection that Tucows has adopted in accordance with Canadian privacy law. This is excerpted from our Privacy Policy which can be found here: http://resellers.tucows.com/privacy It is also worth noting that this document also specifically deals with the Whois and data collection/publication issues associated with Whois. ... Principle 2 – Identifying Purposes for Collection of Personal Information Tucows shall identify the purposes for which personal information is collected at or before the time the information is collected. A. Tucows collects personal information only for the following purposes: i. To establish and maintain responsible commercial relations with customers and to provide ongoing services and offers; ii. To understand customer needs; iii. To develop, enhance, market or provide products and services; iv. To manage and develop Tucows' business and operations, including personnel and employment matters; and v. To meet legal and regulatory requirements. Further references to "identified purposes" mean the purposes identified in this Principle 2 - A. B. Unless the purpose is implied from the nature of the service provided, Tucows shall specify orally, electronically or in writing the identified purposes to the customer or employee at or before the time personal information is collected. Upon request, persons collecting personal information shall explain these identified purposes or refer the individual to a designated person within Tucows who shall explain the purposes. C. Unless required by law, Tucows shall not use or disclose for any new purpose, personal information that has been collected without first identifying and documenting the new purpose and obtaining the consent of the customer. -- -rr "Don't be too timid and squeamish about your actions. All life is an experiment. The more experiments you make the better." - Ralph Waldo Emerson Contact Info: Ross Rader Director, Research & Innovation Tucows Inc. c. 416.828.8783 Get Started? http://start.tucows.com My Blogware: http://www.byte.org
![](https://secure.gravatar.com/avatar/ab3795c4b730c5963930e2dbd4a1b854.jpg?s=120&d=mm&r=g)
In preparation for the discussion and possible vote on WHOIS purpose please find attached a proposed compromise definition.
Philip - Some further thoughts... It is worth pointing out that under this proposal, a registrar could not use the data collected to; a) inquire of a registrant regarding the accuracy of their whois data (not a technical, legal or networking matter) b) send out renewal messaging (same) c) comply with the whois data reminder policy (same) d) comply with pending escrow requirements (information can only be used to contact the name holder or representative, it does not specify that part of the purpose of collecting the data is to share the data with a third party for technical reasons) ...etc. It would also prevent the implementation of Whois privacy services (the processing of the data must be sufficient to identify who the registered name holder is) Not only does this proposal attempt to answer a question that we're not asking, it does so in a very inadequate way. -- -rr "Don't be too timid and squeamish about your actions. All life is an experiment. The more experiments you make the better." - Ralph Waldo Emerson Contact Info: Ross Rader Director, Research & Innovation Tucows Inc. c. 416.828.8783 Get Started? http://start.tucows.com My Blogware: http://www.byte.org
![](https://secure.gravatar.com/avatar/ab3795c4b730c5963930e2dbd4a1b854.jpg?s=120&d=mm&r=g)
Philip -
Some further thoughts...
It is worth pointing out that under this proposal, a registrar could not use the data collected to;
I've been asked why Philip's proposal will prevent registrars from engaging in the tasks I outlined earlier. This is due to the fact that most data privacy regulation prevents the use of data for purposes other than which it was collected. Therefore under this proposal a registrar would be faced with three choices; a) perpetual non-compliance with ICANN consensus policy, b) ignoring local regulation c) remove and add terms to the purpose of data collection to make it consistent with the realities of running a business. None is optimal. Most registrars would immediately apply for exemption of this policy under the conflict with national laws policy that we recently endorsed. Does this make sense? We should be seeking to craft policy that is broadly applicable as possible. c) is even less of a solution because this would replicate the current status quo. In other words, Philip's proposal may as well just simply read; "gTLD Registrars may state whatever they want in terms of the purpose for which the data that populates the gTLD Whois service." Which leads me to ask - if the proposal simply replicates the status quo, then why would we need to adopt it as policy? The answer is that we don't. Instead, we should focus on the motion before us, which is to recommend that the TF adopt formulation #1 as the definition necessary to guide their work. -r
![](https://secure.gravatar.com/avatar/4467d6439e53ca632c96d571798107d9.jpg?s=120&d=mm&r=g)
Ross, Council members The question ---------------- I make no apology for changing the question. The TF failed to come up with an answer to the question posed, so this does suggest it might have been the wrong one in the first place. Evidence for this assertion is all around us. If one reads the argumentation in the TF report from those in favour of formulation 1 or 2, it is clear many favour one option or the other based on issues of data use. It is the question of use that divides us. We cannot escape addressing this issue. The objective ------------------ If Council accepts that use by law enforcement or other parties pursuing objectives of user/consumer protection is an objective we endorse, then we MUST agree to define the "purpose for which data is collected". Without that such use contravenes most data protection laws. This is the issue. The blind alley -------------------- Defining WHOIS purpose based on its historic technical context may be a statement of fact but it does nothing to enlighten the WHOIS issues that have been aired over the last 5 years. That is our task. Not restating the past. Formulation 1 is an historic truth, conveniently devoid of today's issue. Formulation 2 was attempting to recognise today's issue but used fuzzy language. My compromise seeks to focus the language more specifically on the issue. Philip
![](https://secure.gravatar.com/avatar/ab3795c4b730c5963930e2dbd4a1b854.jpg?s=120&d=mm&r=g)
Philip Sheppard wrote:
Ross, Council members
The question ---------------- I make no apology for changing the question.
Philip - this is unhelpful and disruptive. You have floated an unworkable proposition which makes absolutely no sense. It is not rooted in any sort of task force process, nor is it a compromise of any sort. We cannot, as you propose, deal with the question of "purpose of Whois" by dealing with the question that you seek to divert our attention to. I'm not going to wade into the rhetorical mire that you've laid out as justification of this counter-productive exercise. Some facts might be helpful though: 1. Formulation #1 is not* an* affirmation of historic truths. We wrote this with a clean-sheet approach, and did so cognizant that the policy recommendations of the GNSO Council must be consistent with ICANN's scope and mission. Formulation #1 proposes a well-considered balance between the privacy requirements of individual and corporate users and the legitimate needs of other users, such as the law enforcement, intellectual property and big business interests like those you represent. Maintaining this balance will be critical as we scale our policy development efforts into areas like IDN and those challenges created by the digital divide. Tipping the scales in the favor of your constituents as you propose is dangerous and short-sighted. 2. In a recent council meeting, only one member of council made an unqualified endorsement of Formulation #2. The rest of those representatives making an unqualified endorsement did so in favor of Formulation #1. Those doing so represented a majority of the Council votes. This mirrors the level of support at a task force level where a majority of the participants also supported Formulation #1. My view is that you haven't presented us with a compromise, you've presented us with a distraction. My hope is that this is not yet another attempt to prolong a debate on what is otherwise and extremely straightforward consideration and a pair of well-crafted propositions. I urge my fellow councilors to remain focused on evaluating the merits of Formulation #1 v. Formulation #2 lest we throw our task force into disarray. -- -rr "Don't be too timid and squeamish about your actions. All life is an experiment. The more experiments you make the better." - Ralph Waldo Emerson Contact Info: Ross Rader Director, Research & Innovation Tucows Inc. c. 416.828.8783 Get Started? http://start.tucows.com My Blogware: http://www.byte.org
![](https://secure.gravatar.com/avatar/5fd1fdef916946e68e1218ce1f2a61a8.jpg?s=120&d=mm&r=g)
Greetings to all! Philip, So now you are recognizing that the Formulations #2 are all flawed, and the only way for you to justify them is to redesign the terms of reference of the WHOIS Task Force? Of course the question of use divides us, and to address that, we need to address the bigger picture as to what the Whois has been defined to achieve. For the use cannot go against the purpose, right? or are you asking ICANN to cover a misuse? It's fine with me if you want to define the "purpose for which data is collected," but what I'm saying is defining that, based on the practice, does not make it the legitimate purpose of the WHOIS which ICANN is concerned with. So you cannot by any means substitute that definition to the definition of the purpose of WHOIS (not even by criticizing the TF or its report). We are all for law enforcement, with this precision: through due processes, as it has worked fine so far in the democratic countries we are living in, or would like to live in. And I'm sure it will still work. Formulation #1 is not only an "historic truth" that is still a source of legitimacy (since we're still living in the era of that history, as long as ICANN has the mission it has as of today), but it is an effort to keep a healthy consistency between the mission and purpose on one hand and the use on the other hand, while balancing different interests. Formulation #2 is an attempt to entrench today's practice and use into the ICANN's mission and core values and maybe subsequently, into its Bylaws. The Wednesday call will take place early in the morning o my side, and I have other commitments an hour or so after the planned starting time. So I' hopinp that the Council will not divert its business to debating what would be the best Formulation #2, or playing a remake of the Whois TF's work. Let's vote between Formulation #1 and Formulation #2 (revised or not), keeping in mind the question we are here to address: the definition of the purpose of WHOIS, thanks you. Best regards, Mawaki --- Philip Sheppard <philip.sheppard@aim.be> wrote:
Ross, Council members
The question ---------------- I make no apology for changing the question. The TF failed to come up with an answer to the question posed, so this does suggest it might have been the wrong one in the first place. Evidence for this assertion is all around us. If one reads the argumentation in the TF report from those in favour of formulation 1 or 2, it is clear many favour one option or the other based on issues of data use. It is the question of use that divides us. We cannot escape addressing this issue.
The objective ------------------ If Council accepts that use by law enforcement or other parties pursuing objectives of user/consumer protection is an objective we endorse, then we MUST agree to define the "purpose for which data is collected". Without that such use contravenes most data protection laws. This is the issue.
The blind alley -------------------- Defining WHOIS purpose based on its historic technical context may be a statement of fact but it does nothing to enlighten the WHOIS issues that have been aired over the last 5 years. That is our task. Not restating the past. Formulation 1 is an historic truth, conveniently devoid of today's issue. Formulation 2 was attempting to recognise today's issue but used fuzzy language. My compromise seeks to focus the language more specifically on the issue.
Philip
![](https://secure.gravatar.com/avatar/e3e8b6deddd4a0d0f83e07ba12b4a48f.jpg?s=120&d=mm&r=g)
Dear All, It has been an interesting reading and debate on this subject. Thank you all for your views and clarifications. I have read the Final task force report in detail on the purposes of Whois and of Whois contacts, dated 15 March 2006. I have also discussed with various colleagues and businesses regarding the issue. I have also seen the latest compromise sent out by Phillip. Here is my short response to the issue and my views: 1- I will have to agree we are tryng to address an original question in WHOIS that is not stated clearly i.e 'what is the purpose' of WHOIS'; where the original intent of WHOIS( purely technical) and its current practice/use has come a long way, that which has raised the 'legitimacy issue', that we have at our table. 2- Both Formulations are similar, in that they stand for privacy issues from different angles. The major gap between the two as I see it is on the question of 'use'. However, given ICANN's scope and mandate, this 'use' seem to be out of scope, unless ICANN's 'mission' is expanded to that of policing the Internet. As such, F2 appear to shade down among other things, the freedom of speech issue. Additionally, aside from scope of ICANN, the current revision of the F2 have not taken into account the scope within the TOR of the TF work. It deals with the 'collection of data vs. the ' purpose of data'. 3 - As I see it, most of the questions and concerns raised by F2 i.e, spam, phishing, legal, privacy etc.. has been addressed adequately by F1. It is available for access to resolve all other technical, networking, legal or social issues or concerns consistent with law and due process. However, without any implication, I think F2 fails to recognize that its proposal as such would circumvent due process in the data collection process. 4 - I have to also agree that F2 completely ignores the controls that need to be in place by each registry/registrar to strengthen their compliance in their contractual requirements. F2 in this case contradicts itself. 5 - I was hoping the revised 'compromise' proposal would revisit some of the privacy issues that myself/global Internet community is concerned about, by explicitly stating that certain detail data, i.e address, phone no etc.. information was to be omitted. This was the basis of my support for F2 during our Council meeting in Wellington.
Terms of reference no. 3 is quite clear:
"Determine what data collected should be available for public access in
the context of the purpose of WHOIS. Determine how to access data that is not available for public access."
6- In this case, I find that F1 appears to be in line with ICANN's mission scope and mission and F1 strikes a healthy balance between 'use' of data between the public at large and various interest groups.
On the above grounds, I cannot support F2 to date. Thank you and regards, Sophia On 10/04/06, Mawaki Chango <ki_chango@yahoo.com> wrote:
Greetings to all!
Philip,
So now you are recognizing that the Formulations #2 are all flawed, and the only way for you to justify them is to redesign the terms of reference of the WHOIS Task Force? Of course the question of use divides us, and to address that, we need to address the bigger picture as to what the Whois has been defined to achieve. For the use cannot go against the purpose, right? or are you asking ICANN to cover a misuse?
It's fine with me if you want to define the "purpose for which data is collected," but what I'm saying is defining that, based on the practice, does not make it the legitimate purpose of the WHOIS which ICANN is concerned with. So you cannot by any means substitute that definition to the definition of the purpose of WHOIS (not even by criticizing the TF or its report).
We are all for law enforcement, with this precision: through due processes, as it has worked fine so far in the democratic countries we are living in, or would like to live in. And I'm sure it will still work.
Formulation #1 is not only an "historic truth" that is still a source of legitimacy (since we're still living in the era of that history, as long as ICANN has the mission it has as of today), but it is an effort to keep a healthy consistency between the mission and purpose on one hand and the use on the other hand, while balancing different interests. Formulation #2 is an attempt to entrench today's practice and use into the ICANN's mission and core values and maybe subsequently, into its Bylaws.
The Wednesday call will take place early in the morning o my side, and I have other commitments an hour or so after the planned starting time. So I' hopinp that the Council will not divert its business to debating what would be the best Formulation #2, or playing a remake of the Whois TF's work. Let's vote between Formulation #1 and Formulation #2 (revised or not), keeping in mind the question we are here to address: the definition of the purpose of WHOIS, thanks you.
Best regards,
Mawaki
--- Philip Sheppard <philip.sheppard@aim.be> wrote:
Ross, Council members
The question ---------------- I make no apology for changing the question. The TF failed to come up with an answer to the question posed, so this does suggest it might have been the wrong one in the first place. Evidence for this assertion is all around us. If one reads the argumentation in the TF report from those in favour of formulation 1 or 2, it is clear many favour one option or the other based on issues of data use. It is the question of use that divides us. We cannot escape addressing this issue.
The objective ------------------ If Council accepts that use by law enforcement or other parties pursuing objectives of user/consumer protection is an objective we endorse, then we MUST agree to define the "purpose for which data is collected". Without that such use contravenes most data protection laws. This is the issue.
The blind alley -------------------- Defining WHOIS purpose based on its historic technical context may be a statement of fact but it does nothing to enlighten the WHOIS issues that have been aired over the last 5 years. That is our task. Not restating the past. Formulation 1 is an historic truth, conveniently devoid of today's issue. Formulation 2 was attempting to recognise today's issue but used fuzzy language. My compromise seeks to focus the language more specifically on the issue.
Philip
![](https://secure.gravatar.com/avatar/5fd1fdef916946e68e1218ce1f2a61a8.jpg?s=120&d=mm&r=g)
Philip, Thanks for your effort, but until further notice, this is NOT really a _compromise_ definition of the purpose of Whois. In my opinion, a compromise would have been something that would have brought together or closer previously opposing viewpoints, and be recognized by the opponents as such. I am afraid we are still far from such configuration; instead, what you're proposing is at best, a revision trying to address the same initial F2's own flaws and weaknesses, and doing so by all means while giving up nothing of the intention of the proponents of the initial F2 (let alone any compromise with F1), you're now providing us with the improbable answer for a question that is not asked, as rightly pointed out by Ross. Nevertheless, I'm still willing to understand, with more comments/questions below... --- Philip Sheppard <philip.sheppard@aim.be> wrote: > > Council, > In preparation for the discussion and possible vote on WHOIS > purpose please find attached a > proposed compromise definition. > The background to this compromise is as follows: >>>SNIP>>> > 1. it speaks not of the purpose of "WHOIS" but the purpose for > which the "data is > collected". This reflects the concerns rightly raised by the > non-commercial constituency Thank you for recognizing this. But the problem is we are requested to define the purpose of the WHOIS, which is genuinely and primarily an ICANN issue and must comply with its mission and core values, but not "the purpose for which the data is collected," which might vary from one country (even from one registrar) to the other while addressing the broader requirement by ICANN. >>>SNIP>>> > 3. The definition is silent on questions of subsequent access to > data or data publication. If I understand well, are you saying that your proposed definition of the purpose for which the data is collected does not imply that the WHOIS data must remain publicly accessible? >>>SNIP>>> > I hope that by addressing the concerns above, we can get the full > support of Council to a > definition describing the purposes of data collection and one that > is not blind to the use > that such data is being put today in pursuit of consumer protection > and measures to prevent > crime. For one, there is still that confusion between the purpose and the actual use of the Whois, and furthermore it is not ICANN mission or role to enforce law, or prevent crimes. There are institutions for that, and in the states enjoying the rule of law, they have always done their job by going through due processes. The IP Whois clearly catters for the need to track any malicious or dangerous cyber-attacks to the origin of the IP address attached to it. And if necessary, the rest is a matter of normal legal processes as in everyday life. Really, I don't understand where that idea that without the DNS Whois readily available to anyone, the world would be more dangerous than it was before. The truth is that a big part of the evil is in the so-called remedy itself; the current use of the gTLD Whois allows the cyber-vandalism that we have been experiencing, as I have myself from the day I registered a domain name and had to leave an email contact in the Whois. Where I used to have 3 or 4 messages in my bulk folder for weeks, I've started receiving several dozens of spam messages every 3 or 4 days, including phishing and all kinds of deceptive messages with various character strings (ascii and different asians, though I can't read the latter), the kind of message that could harm a user who is not well aware, as there are still several millions on this earth, and the kind of traffic that eats the very limited and costly bandwidth available in the developing world. The new formulation reads: "to resolve [...] technical, networking, or legal issues related to the registration or use of a gTLD domain name." Could you tell us, Philip, what does that phrase not include for an ISP or a Business, for example? What type of question, query or request is not covered there? Is there anything left out? Nearly everything could be said technical, networking or legal - is that ICANN's mission? Mawaki To pursue a vote that would divide Council between the > previous formulations 1 and 2 > would not move us forward. I hope this third way ( excuse me > sounding like UK prime minister > Tony Blair!) will be a positive way forward for Council and one > that will also get the full > support of the GAC. > > > Philip > >
![](https://secure.gravatar.com/avatar/6f5a3fb7f25f7c132baebf69b1c6272b.jpg?s=120&d=mm&r=g)
Hi Philip, While it is very much appreciated that effort is being made to address the privacy and other concerns about the over-broad Formulation #2 of the WHOIS purpose definition, I don't see how this reformulation is any better. What purposes would have been included in the original Formulation#2, but are now excluded due to its rewording? It seems to me that just about every purpose under the sun falls within the scope of re-Formulation#2. Every issue about the use of a domain name relates to either the "networking use", or "technical use", or "legal use" of a domain name. So taking out the phrase "or other uses" makes no difference in practice. ** Are there any concrete examples of types of uses that are no longer within the ambit of #2, but previously did fall within the admittedly over-broad definition of the original #2? ** Also, the Formulation#2's stated purpose of "legal use" is clearly outside of the scope of ICANN's purely technical mission. Thank you, Robin Philip Sheppard wrote:
Council, In preparation for the discussion and possible vote on WHOIS purpose please find attached a proposed compromise definition. The background to this compromise is as follows: - It is not intended to be a new formulation 2 but a new approach and thus an amendment to the proposed vote. - The new wording seeks to accommodate numerous concerns expressed at the last Council meeting and in the recent WG paper: 1. it speaks not of the purpose of "WHOIS" but the purpose for which the "data is collected". This reflects the concerns rightly raised by the non-commercial constituency in that previous definitions were not compliant with data protection laws such as the EU data protection directive. The intent here is that the scope should be no wider than the scope of such laws.
2. The new wording removes the overly wide phrase "or other uses" phrase in a previous definition. In this way it stays compliant also with data protection laws in that purpose has to be explicit.
3. The definition is silent on questions of subsequent access to data or data publication. This issue was raised by the Registrars in that the purpose of WHOIS was being defined in the context of the current manifestation of WHOIS with its current open access and publication. This definition is intended not to make ANY assumption about access.
4. In the same way this definition is not intended to override any subsequent debate on privacy.
I hope that by addressing the concerns above, we can get the full support of Council to a definition describing the purposes of data collection and one that is not blind to the use that such data is being put today in pursuit of consumer protection and measures to prevent crime. To pursue a vote that would divide Council between the previous formulations 1 and 2 would not move us forward. I hope this third way ( excuse me sounding like UK prime minister Tony Blair!) will be a positive way forward for Council and one that will also get the full support of the GAC.
Philip
participants (5)
-
Mawaki Chango
-
Philip Sheppard
-
Robin Gross
-
Ross Rader
-
Sophia B