Thank you for speaking with me yesterday about the Research purpose. In answer to your second question, I have clarified in the document that the registry will pseudonymise registration data before it is transmitted to ICANN.
Regarding your first question, I have spoken to both current and former members of the OCTO team. They have provided the following additional input:
"Octo used registration data as part of LE [Law Enforcement] training.
Like other opsec [operational security] practitioners we used reg[istration] data when collaborating with public/private sector investigators.
We also used it when we were invited to work with Compliance on a particular complaint."
and
"[we] used full whois when we initiated our own investigations but that activity was self-directed not explicitly part of SSR role and remit. I also used whois to report phishing and brand infringements against ICANN.
Lastly I used whois as part of research into bulk registrations and other consensus policy or registrar practices that had undesirable or unintended consequences."
I should note that prior to 25th May, OCTO used public whois data. Since then, this work is on hold.
Lastly, I’m sorry that this document is reaching you at the 11th hour. I have been waiting for guidance from ICANN before sending it, which was requested over a month ago.
Best,
Benedict.