Factual studies starting to shoot down the "going dark" panic
Relevant to the work of this group is the following study from Recorded Future. https://www.recordedfuture.com/gdpr-spam-impact/?utm_content=76363539&utm_medium=social&utm_source=twitter Entitled "90 Days of GDPR: Minimal Impact on Spam and Domain Registration" Dr. Milton Mueller Professor, School of Public Policy Georgia Institute of Technology [IGP_logo_gold block_email sig]<http://www.internetgovernance.org/>
Dear All, I am not sure that such study was done fir the whole words or based on some limited area .I do not believe that one could take any conclusion on that Regards Kavouss Sent from my iPhone
On 31 Aug 2018, at 17:12, Mueller, Milton L <milton@gatech.edu> wrote:
Relevant to the work of this group is the following study from Recorded Future. https://www.recordedfuture.com/gdpr-spam-impact/?utm_content=76363539&utm_medium=social&utm_source=twitter
Entitled “90 Days of GDPR: Minimal Impact on Spam and Domain Registration”
Dr. Milton Mueller Professor, School of Public Policy Georgia Institute of Technology
<image001.jpg>
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team
This study supports the argument that WHOIS might not be an essential tool for fighting spam and the world did not see a massive spam apocalypse as it was said it will (it is "a" tool but not essential and most probably replaceable even). Yes it is a short time frame and might not be complete but it is at least based on some data. If there are other studies that provide data that can support the argument that WHOIS is an essential tool for fighting spam (other than all the statements and individual cases) and as a result of compliance with GDPR and redacted personal data of domain name registrants there is an increase in spam, then we can look into them. I would also like to note that domain name hijacking has decreased according to some registrars as a result of redacted personal info in WHOIS (as was said during our call a couple of weeks ago). Domain name hijacking is an issue domain name registrants especially in developing countries had to deal with for long with almost no recourse nor remedy. They did not have the resources and the knowledge of using UDRP or lodge transfer complaint to get their domain names back. Privacy in WHOIS might even be good for cybersecurity and protecting trademarks. Why don't we look at it this way too. Not implying that we should not address all other issues that can be raised because of redacted personal information from WHOIS, just saying WHOIS is not that dark because of protection of privacy of domain name registrants. Farzaneh On Fri, Aug 31, 2018 at 11:59 AM Arasteh <kavouss.arasteh@gmail.com> wrote:
Dear All, I am not sure that such study was done fir the whole words or based on some limited area .I do not believe that one could take any conclusion on that Regards Kavouss
Sent from my iPhone
On 31 Aug 2018, at 17:12, Mueller, Milton L <milton@gatech.edu> wrote:
Relevant to the work of this group is the following study from Recorded Future.
Entitled “90 Days of GDPR: Minimal Impact on Spam and Domain Registration”
Dr. Milton Mueller
Professor, School of Public Policy
Georgia Institute of Technology
<image001.jpg> <http://www.internetgovernance.org/>
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team
Dear Farzaneh, Milton, Having given it some thought, I disagree with your conclusion that whois is not an essential tool for fighting spam, based on the Recorded Future study you reference. Why? First, the Cisco Talos data which underpins the study is a measure of detected spam. If spam detection rates have dropped, we don’t know if that is because there’s proportionally less spam, or that it’s harder to classify. Secondly, the anti-spam work done ‘behind the scenes’ - of analysing whois data, finding correlations, and dismantling the spamming infrastructure - is done by hand, by humans. As such, any consequences of the loss of whois access to researchers won’t be immediate. And then there’s the blog post itself. My SSAC colleague John Levine explains the flaws better than I can: https://www.circleid.com/posts/20180905_gdpr_didnt_affect_spam_not_so_fast/ <https://www.circleid.com/posts/20180905_gdpr_didnt_affect_spam_not_so_fast/> It’s quite possible that we’ll discover that in reducing ready access to PII for criminals, GDPR has been a net positive in fighting spam. It’s also possible that carefully controlled access to RDDS data will also act as a net positive, by continuing to enable researchers to fight on behalf of users. The problem is that - like Zhou Enlai was supposed to have said of the effects of the French Revolution - it’s just too soon to say! Yours, Benedict.
On 31 Aug 2018, at 19:27, farzaneh badii <farzaneh.badii@gmail.com> wrote:
This study supports the argument that WHOIS might not be an essential tool for fighting spam and the world did not see a massive spam apocalypse as it was said it will (it is "a" tool but not essential and most probably replaceable even). Yes it is a short time frame and might not be complete but it is at least based on some data. If there are other studies that provide data that can support the argument that WHOIS is an essential tool for fighting spam (other than all the statements and individual cases) and as a result of compliance with GDPR and redacted personal data of domain name registrants there is an increase in spam, then we can look into them.
I would also like to note that domain name hijacking has decreased according to some registrars as a result of redacted personal info in WHOIS (as was said during our call a couple of weeks ago). Domain name hijacking is an issue domain name registrants especially in developing countries had to deal with for long with almost no recourse nor remedy. They did not have the resources and the knowledge of using UDRP or lodge transfer complaint to get their domain names back.
Privacy in WHOIS might even be good for cybersecurity and protecting trademarks. Why don't we look at it this way too. Not implying that we should not address all other issues that can be raised because of redacted personal information from WHOIS, just saying WHOIS is not that dark because of protection of privacy of domain name registrants.
Farzaneh
On Fri, Aug 31, 2018 at 11:59 AM Arasteh <kavouss.arasteh@gmail.com <mailto:kavouss.arasteh@gmail.com>> wrote: Dear All, I am not sure that such study was done fir the whole words or based on some limited area .I do not believe that one could take any conclusion on that Regards Kavouss
Sent from my iPhone
On 31 Aug 2018, at 17:12, Mueller, Milton L <milton@gatech.edu <mailto:milton@gatech.edu>> wrote:
Relevant to the work of this group is the following study from Recorded Future.
https://www.recordedfuture.com/gdpr-spam-impact/?utm_content=76363539&utm_medium=social&utm_source=twitter <https://www.recordedfuture.com/gdpr-spam-impact/?utm_content=76363539&utm_medium=social&utm_source=twitter>
Entitled “90 Days of GDPR: Minimal Impact on Spam and Domain Registration”
Dr. Milton Mueller
Professor, School of Public Policy
Georgia Institute of Technology
<image001.jpg> <http://www.internetgovernance.org/>
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org <mailto:Gnso-epdp-team@icann.org> https://mm.icann.org/mailman/listinfo/gnso-epdp-team <https://mm.icann.org/mailman/listinfo/gnso-epdp-team>_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org <mailto:Gnso-epdp-team@icann.org> https://mm.icann.org/mailman/listinfo/gnso-epdp-team <https://mm.icann.org/mailman/listinfo/gnso-epdp-team>_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team
Some additional views / points made by Dave Piscatello formerly of ICANN org via http://www.securityskeptic.com/2018/09/post-gdpr-whois-a-myriad-of-misconcep... As Benedict mentions… it’s just too soon to say. Thanks, -Ben From: Gnso-epdp-team <gnso-epdp-team-bounces@icann.org> on behalf of Benedict Addis <bee@theale.co.uk> Date: Thursday, September 6, 2018 at 5:58 AM To: farzaneh badii <farzaneh.badii@gmail.com>, "Mueller, Milton L" <milton@gatech.edu> Cc: "gnso-epdp-team@icann.org" <gnso-epdp-team@icann.org> Subject: Re: [Gnso-epdp-team] Factual studies starting to shoot down the "going dark" panic Dear Farzaneh, Milton, Having given it some thought, I disagree with your conclusion that whois is not an essential tool for fighting spam, based on the Recorded Future study you reference. Why? First, the Cisco Talos data which underpins the study is a measure of detected spam. If spam detection rates have dropped, we don’t know if that is because there’s proportionally less spam, or that it’s harder to classify. Secondly, the anti-spam work done ‘behind the scenes’ - of analysing whois data, finding correlations, and dismantling the spamming infrastructure - is done by hand, by humans. As such, any consequences of the loss of whois access to researchers won’t be immediate. And then there’s the blog post itself. My SSAC colleague John Levine explains the flaws better than I can: https://www.circleid.com/posts/20180905_gdpr_didnt_affect_spam_not_so_fast/ It’s quite possible that we’ll discover that in reducing ready access to PII for criminals, GDPR has been a net positive in fighting spam. It’s also possible that carefully controlled access to RDDS data will also act as a net positive, by continuing to enable researchers to fight on behalf of users. The problem is that - like Zhou Enlai was supposed to have said of the effects of the French Revolution - it’s just too soon to say! Yours, Benedict. On 31 Aug 2018, at 19:27, farzaneh badii <farzaneh.badii@gmail.com<mailto:farzaneh.badii@gmail.com>> wrote: This study supports the argument that WHOIS might not be an essential tool for fighting spam and the world did not see a massive spam apocalypse as it was said it will (it is "a" tool but not essential and most probably replaceable even). Yes it is a short time frame and might not be complete but it is at least based on some data. If there are other studies that provide data that can support the argument that WHOIS is an essential tool for fighting spam (other than all the statements and individual cases) and as a result of compliance with GDPR and redacted personal data of domain name registrants there is an increase in spam, then we can look into them. I would also like to note that domain name hijacking has decreased according to some registrars as a result of redacted personal info in WHOIS (as was said during our call a couple of weeks ago). Domain name hijacking is an issue domain name registrants especially in developing countries had to deal with for long with almost no recourse nor remedy. They did not have the resources and the knowledge of using UDRP or lodge transfer complaint to get their domain names back. Privacy in WHOIS might even be good for cybersecurity and protecting trademarks. Why don't we look at it this way too. Not implying that we should not address all other issues that can be raised because of redacted personal information from WHOIS, just saying WHOIS is not that dark because of protection of privacy of domain name registrants. Farzaneh On Fri, Aug 31, 2018 at 11:59 AM Arasteh <kavouss.arasteh@gmail.com<mailto:kavouss.arasteh@gmail.com>> wrote: Dear All, I am not sure that such study was done fir the whole words or based on some limited area .I do not believe that one could take any conclusion on that Regards Kavouss Sent from my iPhone On 31 Aug 2018, at 17:12, Mueller, Milton L <milton@gatech.edu<mailto:milton@gatech.edu>> wrote: Relevant to the work of this group is the following study from Recorded Future. https://www.recordedfuture.com/gdpr-spam-impact/?utm_content=76363539&utm_medium=social&utm_source=twitter Entitled “90 Days of GDPR: Minimal Impact on Spam and Domain Registration” Dr. Milton Mueller Professor, School of Public Policy Georgia Institute of Technology <image001.jpg><http://www.internetgovernance.org/> _______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org<mailto:Gnso-epdp-team@icann.org> https://mm.icann.org/mailman/listinfo/gnso-epdp-team _______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org<mailto:Gnso-epdp-team@icann.org> https://mm.icann.org/mailman/listinfo/gnso-epdp-team _______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org<mailto:Gnso-epdp-team@icann.org> https://mm.icann.org/mailman/listinfo/gnso-epdp-team
Benedict and Ben Piscatello’s blog post is almost pure fiction. For example, he claims that there’s no evidence that Whois affects spam, when systematic research commissioned by ICANN itself concluded: “The main finding of the descriptive study is that there is a statistically significant occurrence of WHOIS misuse affecting Registrants’ email addresses, postal addresses, and phone numbers, published in WHOIS when registering domains in these gTLDs. Overall, we find that 44% of Registrants experience one or more of these types of WHOIS misuse. Other types of WHOIS misuse are reported, but at a smaller, non-significant rate. Among those, a handful of reported cases appear to be highly elaborate attempts to achieve high attack impact.” Here’s the study link: http://whois.icann.org/sites/default/files/files/cmu-misuse-study-26nov13-en... From: Gnso-epdp-team [mailto:gnso-epdp-team-bounces@icann.org] On Behalf Of Ben Butler Sent: Thursday, September 6, 2018 12:16 PM To: gnso-epdp-team@icann.org Subject: Re: [Gnso-epdp-team] Factual studies starting to shoot down the "going dark" panic Some additional views / points made by Dave Piscatello formerly of ICANN org via http://www.securityskeptic.com/2018/09/post-gdpr-whois-a-myriad-of-misconcep... As Benedict mentions… it’s just too soon to say. Thanks, -Ben From: Gnso-epdp-team <gnso-epdp-team-bounces@icann.org<mailto:gnso-epdp-team-bounces@icann.org>> on behalf of Benedict Addis <bee@theale.co.uk<mailto:bee@theale.co.uk>> Date: Thursday, September 6, 2018 at 5:58 AM To: farzaneh badii <farzaneh.badii@gmail.com<mailto:farzaneh.badii@gmail.com>>, "Mueller, Milton L" <milton@gatech.edu<mailto:milton@gatech.edu>> Cc: "gnso-epdp-team@icann.org<mailto:gnso-epdp-team@icann.org>" <gnso-epdp-team@icann.org<mailto:gnso-epdp-team@icann.org>> Subject: Re: [Gnso-epdp-team] Factual studies starting to shoot down the "going dark" panic Dear Farzaneh, Milton, Having given it some thought, I disagree with your conclusion that whois is not an essential tool for fighting spam, based on the Recorded Future study you reference. Why? First, the Cisco Talos data which underpins the study is a measure of detected spam. If spam detection rates have dropped, we don’t know if that is because there’s proportionally less spam, or that it’s harder to classify. Secondly, the anti-spam work done ‘behind the scenes’ - of analysing whois data, finding correlations, and dismantling the spamming infrastructure - is done by hand, by humans. As such, any consequences of the loss of whois access to researchers won’t be immediate. And then there’s the blog post itself. My SSAC colleague John Levine explains the flaws better than I can: https://www.circleid.com/posts/20180905_gdpr_didnt_affect_spam_not_so_fast/ It’s quite possible that we’ll discover that in reducing ready access to PII for criminals, GDPR has been a net positive in fighting spam. It’s also possible that carefully controlled access to RDDS data will also act as a net positive, by continuing to enable researchers to fight on behalf of users. The problem is that - like Zhou Enlai was supposed to have said of the effects of the French Revolution - it’s just too soon to say! Yours, Benedict. On 31 Aug 2018, at 19:27, farzaneh badii <farzaneh.badii@gmail.com<mailto:farzaneh.badii@gmail.com>> wrote: This study supports the argument that WHOIS might not be an essential tool for fighting spam and the world did not see a massive spam apocalypse as it was said it will (it is "a" tool but not essential and most probably replaceable even). Yes it is a short time frame and might not be complete but it is at least based on some data. If there are other studies that provide data that can support the argument that WHOIS is an essential tool for fighting spam (other than all the statements and individual cases) and as a result of compliance with GDPR and redacted personal data of domain name registrants there is an increase in spam, then we can look into them. I would also like to note that domain name hijacking has decreased according to some registrars as a result of redacted personal info in WHOIS (as was said during our call a couple of weeks ago). Domain name hijacking is an issue domain name registrants especially in developing countries had to deal with for long with almost no recourse nor remedy. They did not have the resources and the knowledge of using UDRP or lodge transfer complaint to get their domain names back. Privacy in WHOIS might even be good for cybersecurity and protecting trademarks. Why don't we look at it this way too. Not implying that we should not address all other issues that can be raised because of redacted personal information from WHOIS, just saying WHOIS is not that dark because of protection of privacy of domain name registrants. Farzaneh On Fri, Aug 31, 2018 at 11:59 AM Arasteh <kavouss.arasteh@gmail.com<mailto:kavouss.arasteh@gmail.com>> wrote: Dear All, I am not sure that such study was done fir the whole words or based on some limited area .I do not believe that one could take any conclusion on that Regards Kavouss Sent from my iPhone On 31 Aug 2018, at 17:12, Mueller, Milton L <milton@gatech.edu<mailto:milton@gatech.edu>> wrote: Relevant to the work of this group is the following study from Recorded Future. https://www.recordedfuture.com/gdpr-spam-impact/?utm_content=76363539&utm_medium=social&utm_source=twitter Entitled “90 Days of GDPR: Minimal Impact on Spam and Domain Registration” Dr. Milton Mueller Professor, School of Public Policy Georgia Institute of Technology <image001.jpg><http://www.internetgovernance.org/> _______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org<mailto:Gnso-epdp-team@icann.org> https://mm.icann.org/mailman/listinfo/gnso-epdp-team _______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org<mailto:Gnso-epdp-team@icann.org> https://mm.icann.org/mailman/listinfo/gnso-epdp-team _______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org<mailto:Gnso-epdp-team@icann.org> https://mm.icann.org/mailman/listinfo/gnso-epdp-team
There is a deeper problem with Piscatello’s reaction to our Aug 29 blog post. Read the title of that blog ("Special interests push U.S. Congress to override ICANN’s Whois policy process") and the article and it’s obvious that our primary point is not the relationship between Whois and spam. Our point was to call attention to the efforts by some stakeholders to bypass the ICANN process and impose a U.S.-national legislative solution on ICANN. It’s interesting that Piscatello doesn’t address this. How about you? Do you care about whether the work we are doing will be pre-empted and nullified by US legislation? Do you think it is in bad faith to participate in this PDP seeking consensus and compromise from other stakeholder groups and at the same time pursue legislative action by the USG that would impose your own view upon the MS process? --MM From: Gnso-epdp-team [mailto:gnso-epdp-team-bounces@icann.org] On Behalf Of Ben Butler Sent: Thursday, September 6, 2018 12:16 PM To: gnso-epdp-team@icann.org Subject: Re: [Gnso-epdp-team] Factual studies starting to shoot down the "going dark" panic Some additional views / points made by Dave Piscatello formerly of ICANN org via http://www.securityskeptic.com/2018/09/post-gdpr-whois-a-myriad-of-misconcep... As Benedict mentions… it’s just too soon to say. Thanks, -Ben
Hi Milton, Your last question insinuates that "other stakeholder groups" are pursuing legislative action by the USG". This is simply not true. Alex On Thu, Sep 6, 2018 at 10:27 AM Mueller, Milton L <milton@gatech.edu> wrote:
There is a deeper problem with Piscatello’s reaction to our Aug 29 blog post. Read the title of that blog ("Special interests push U.S. Congress to override ICANN’s Whois policy process") and the article and it’s obvious that our primary point is not the relationship between Whois and spam.
Our point was to call attention to the efforts by some stakeholders to bypass the ICANN process and impose a U.S.-national legislative solution on ICANN.
It’s interesting that Piscatello doesn’t address this. How about you? Do you care about whether the work we are doing will be pre-empted and nullified by US legislation? Do you think it is in bad faith to participate in this PDP seeking consensus and compromise from other stakeholder groups and at the same time pursue legislative action by the USG that would impose your own view upon the MS process?
--MM
*From:* Gnso-epdp-team [mailto:gnso-epdp-team-bounces@icann.org] *On Behalf Of *Ben Butler *Sent:* Thursday, September 6, 2018 12:16 PM *To:* gnso-epdp-team@icann.org *Subject:* Re: [Gnso-epdp-team] Factual studies starting to shoot down the "going dark" panic
Some additional views / points made by Dave Piscatello formerly of ICANN org via http://www.securityskeptic.com/2018/09/post-gdpr-whois-a-myriad-of-misconcep...
As Benedict mentions… it’s just too soon to say.
Thanks,
-Ben
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team
-- ___________ *Alex Deacon* Cole Valley Consulting alex@colevalleyconsulting.com +1.415.488.6009
Your last question insinuates that "other stakeholder groups" are pursuing legislative action by the USG". This is simply not true. Alex Alex, to clarify I did not (necessarily) mean “other ICANN stakeholder groups” as in formal SGs in the GNSO. I meant “stakeholder groups” in the generic sense (organized pressure groups). That being said, I am pretty sure that some of these organizations are members of IPC and/or BC. https://secureandtransparent.org/about-csti/ Members: * ACT: The App Association * Alliance for Safe Online Pharmacies (ASOP Global) * The Center on Illicit Networks and Transnational Organized Crime (CINTOC) * Coalition for Online Accountability * Crucial Point LLC * CTO Vision * Domain Tools * LegitScript * Liberty Asia * Motion Picture Association of America (MPAA) * National Association of Boards of Pharmacy * Recording Industry Association of America * SpamHaus Dr. Milton L Mueller Professor, School of Public Policy<http://spp.gatech.edu/> Georgia Institute of Technology Internet Governance Project http://internetgovernance.org/
Thanks Milton. For the purposes of this conversation this distinction is important (ICANN SG's vs. generic sg's). Alex On Thu, Sep 6, 2018 at 11:28 AM Mueller, Milton L <milton@gatech.edu> wrote:
Your last question insinuates that "other stakeholder groups" are pursuing legislative action by the USG". This is simply not true.
Alex
Alex, to clarify I did not (necessarily) mean “other ICANN stakeholder groups” as in formal SGs in the GNSO. I meant “stakeholder groups” in the generic sense (organized pressure groups). That being said, I am pretty sure that some of these organizations are members of IPC and/or BC.
https://secureandtransparent.org/about-csti/
Members:
- ACT: The App Association - Alliance for Safe Online Pharmacies (ASOP Global) - The Center on Illicit Networks and Transnational Organized Crime (CINTOC) - Coalition for Online Accountability - Crucial Point LLC - CTO Vision - Domain Tools - LegitScript - Liberty Asia - Motion Picture Association of America (MPAA) - National Association of Boards of Pharmacy - Recording Industry Association of America - SpamHaus
Dr. Milton L Mueller
Professor, School of Public Policy <http://spp.gatech.edu/>
Georgia Institute of Technology
Internet Governance Project
-- ___________ *Alex Deacon* Cole Valley Consulting alex@colevalleyconsulting.com +1.415.488.6009
Milton, Perhaps I should have been more precise. I was providing a link to Dave's article simply to provide additional viewpoints. Dave hits on several topics, but I considered it for inclusion to the list because of the aspects dealing with the 90-days Post GDPR spam analysis. I certainly did not mean to imply that I am endorsing all his views. Since you specifically ask, I am of course very concerned about any efforts to (or that could) undermine or pre-empt the efforts of this group. I would not be here if I didn't think it was crucial work. I, as well as others I have discussed it with both at GoDaddy (one of whom is on this group) and in SSAC are distinctly opposed to the proposed legislation in question. I hope you that helps clarify things for you. Happy to discuss further off-list if desired. Thank You, Ben ________________________________ From: Mueller, Milton L <milton@gatech.edu> Sent: Thursday, September 6, 2018 10:27 AM To: Ben Butler; gnso-epdp-team@icann.org Subject: RE: [Gnso-epdp-team] Factual studies starting to shoot down the "going dark" panic There is a deeper problem with Piscatello’s reaction to our Aug 29 blog post. Read the title of that blog ("Special interests push U.S. Congress to override ICANN’s Whois policy process") and the article and it’s obvious that our primary point is not the relationship between Whois and spam. Our point was to call attention to the efforts by some stakeholders to bypass the ICANN process and impose a U.S.-national legislative solution on ICANN. It’s interesting that Piscatello doesn’t address this. How about you? Do you care about whether the work we are doing will be pre-empted and nullified by US legislation? Do you think it is in bad faith to participate in this PDP seeking consensus and compromise from other stakeholder groups and at the same time pursue legislative action by the USG that would impose your own view upon the MS process? --MM From: Gnso-epdp-team [mailto:gnso-epdp-team-bounces@icann.org] On Behalf Of Ben Butler Sent: Thursday, September 6, 2018 12:16 PM To: gnso-epdp-team@icann.org Subject: Re: [Gnso-epdp-team] Factual studies starting to shoot down the "going dark" panic Some additional views / points made by Dave Piscatello formerly of ICANN org via http://www.securityskeptic.com/2018/09/post-gdpr-whois-a-myriad-of-misconcep... Post-GDPR WHOIS: A Myriad of Misconceptions, Misinformation and Misdirection<http://www.securityskeptic.com/2018/09/post-gdpr-whois-a-myriad-of-misconceptions-misinformation-and-misdirection.html> www.securityskeptic.com One of the most memorable lyrics of For What It’s Worth (Buffalo Springfield, 1967) aptly describes the current condition of the post-GDPR debate over domain registration data access: There’s battle lines being drawn… nobody’s right if everybody’s wrong. Cybersecurity and policy pundits are heatedly engaged over the impact of the EU General Data Protection Regulation (GDPR). Both sides have done a poor job of articulating the problem space, overlooking key aspects of the regulation and ICANN’s attempt to comply to GDPR in a Temporary Specification For Whois. As difficult as it is to engage in this discussion dispassionately, it’s both... As Benedict mentions… it’s just too soon to say. Thanks, -Ben
Thanks, Ben! That is reassuring and good to know. --MM Since you specifically ask, I am of course very concerned about any efforts to (or that could) undermine or pre-empt the efforts of this group. I would not be here if I didn't think it was crucial work. I, as well as others I have discussed it with both at GoDaddy (one of whom is on this group) and in SSAC are distinctly opposed to the proposed legislation in question. I hope you that helps clarify things for you.
participants (6)
-
Alex Deacon
-
Arasteh
-
Ben Butler
-
Benedict Addis
-
farzaneh badii
-
Mueller, Milton L