On Tuesday, August 16, 2016, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> wrote:
Did you mean 16? It seems so. With great respect Greg, I think you are turning this case on its head. Yes, WHOIS has been and likely will continue to be a useful source of info for identifying perpetrators of abuse. We don't need a separate case for each type of abuse (child porn, selling counterfeit goods, post intimate relationship hassment, etc etc). This use case identified the risk that abusers will get the data they need to abuse from the WHOIS. Lets be clear, investigators of abuse can go to the registrar. It is not as if this data suddenly becomes unavailable if it is not publicly displayed. It is just not available so readily. And that, as Martha might say, is a good thing.
Stephanie Perrin
On 2016-08-16 19:31, Greg Shatan wrote:
I think that Case 19 ("WHOIS misused to shame, anger or scare a registrant") suggests a potential gap or at least a counter-case ("WHOIS used to find those posting personally identifiable information to shame, anger or scare a registrant"'). As Case 19 posits, this involves posting information on the Internet. In many cases, the information is posted on websites using domains registered for such purpose, or sent using email addresses using domains registered for that purpose. WHOIS data is an important and much-used tool in determining the identity of those disseminating the PII under those circumstances.
I have personal experience with this. When my client was the victim of a doxing attack (and this involved publishing confidential documents, not merely publicly available contact information), WHOIS data was critical in tracking down the identity of the individuals responsible. There was much more to it, but the WHOIS data was the first lead in the chain. Without that data, the results may have been quite different.
Rather than drafting a whole new use case, I think that this use case is similar enough to existing use cases 06, 09, 21 and 22 to point to those cases for more detail. I would point in particular to use case 21's statement that "telltales may be found in resources used to register the domain" which in turn lead to other information necessary to move forward. "Telltales" may also be found in information that is not completely accurate. This point should not be lost -- WHOIS records can reveal telltales and "breadcrumbs" even when the information is not a bald-faced registration in the name of the "miscreant" (as use case 22) put its.
Of course, if it's deemed necessary, I can create a separate use case for this.
Greg
On Fri, Aug 12, 2016 at 2:18 PM, Lisa Phifer <lisa@corecom.com> wrote:
Dear all,
To address the following action item:
Action item: WG members to review example use cases and identify any gaps that should be filled - preferably volunteering to draft and present them
Example use cases identified by this WG to date are listed below and can be found here: https://community.icann.org/x/JA6bAw
In addition, cases originally drafted by the EWG are listed here:
EWG Report - Example Use Case and Related Data Annexes.doc
Contact staff if you would like to a copy of any EWG draft use case.
As we are trying to examine a representative but not exhaustive set of examples prior to deliberation (see https://community.icann.org/x/JA6bAw ), if you believe that a different and important example is missing from the above table, please raise that gap to the WG's attention.
Best regards,
Lisa
_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg@icann.org
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
_______________________________________________ gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg@icann.org https://mm.icann.org/mailman/ listinfo/gnso-rds-pdp-wg