Inline
Maybe dumb bad actors. Savvy bad actors just populate whois with data of unknowing third parties, thereby rendering any verification and validation instruments useless and inconveniencing the affected data subjects as well.
Whois is the rope with which bad actors hang themselves.
Which industry? Not the domain industry. And when it comes to collection and handling of private data, our purposes for it is all that matters legally unless there is a requirement by law to collect and store.But in that case, compliance with local law would be the acceptable purpose.For every piece of data that is already gathered under the most comprehensive WHOIS regime, there is a strong industry backed argument that the data needs to continue being collected, and for it to remain available.
You have a contract with ICANN, that contract establishes requirements. Those requirements make it legal.
To drive the point home: the purposes of third parties, including law enforcement have no relevance to the legal requirements for the collection and handling of private data. None whatsoever!
But we can find criminals faster with it! - No legal relevance.
But we want to contact infringers! - No legal relevance.
etc...
Nope, the opposite is true.So fully standardizing this will probably force some registrars to collect and share far more data than they currently do, and it's unlikely to reduce the data collected by the ones who collect more.
Best,
Volker
On Tue, Mar 21, 2017 at 10:17 PM, John Bambenek via gnso-rds-pdp-wg <gnso-rds-pdp-wg@icann.org> wrote:
Excellent suggestion. Perhaps a future action item could be a survey of who various classes of stakeholders use RDS/whois.
Sent from my iPhoneI have a hard time understanding what very stakeholder wants. If every group of stakeholder could write down how they see the new RDS functioning, just by doing a Venn diagram, we could better understand what we have in common and what we need to foncus on to reduce differences of opinion.But that would require more work from already busy people. I think though, it could give us a more tangible view of what we are up against.
My .02 cents
Nathalie
On Tuesday, March 21, 2017 9:45 PM, Andrew Sullivan <ajs@anvilwalrusden.com> wrote:
On Tue, Mar 21, 2017 at 03:01:50PM -0500, John Bambenek via gnso-rds-pdp-wg wrote:
> Except that is not the only approach to the problem nor the ones exclusively used by DP authorities (i.e. Twitter). That is why I asked the question I did and why I will be lobbying them directly for whois privacy for free.
>
But I thought the point of what we were doing was to make some
proposals for what to mask and how -- basically, that's what
differential access does. And I also thought we were at the beginning
of that effort (much as it frustrates me the rate at which we move).
> The question of whether fields are optional or can be "masked" is inherently part of this discussion.
>
That's just conflating two different things. The first thing is to
ask whether something should be collected _at all_. Then one can ask,
if something is collected, who may obtain it and under what
circumstances. This latter is the "masking" of which you speak. And
it's all implemented as it currently is because whois is brain-dead.
So let us not be restricted to the functionality we can get from a
primitive protocol that had already been extended well beyond its
design constraints more than 20 years ago.
> To enable third-parties to communicate directly to resolve and troubleshoot problems.
I suggest that's already there.
> To enable third-parties to report abuse or security incidents so they may be resolved.
This too.
> To enable users and entities to have information to adjudicate an entity is who they say they are (for instance phishing, scams, fake news).
>
I find it impossible to imagine using the whois for this purpose, so
I'd like a use description for this. Since it's not authenticated or
authenticatable information anyway, as there are no signatures and so
on, it seems a pretty poor way to do it. This is partly included in
the purposes however when we discuss X.509 certificates.
> ICANN isn't just a business to confer domain names. Its a quasi-regulatory body over a "commons" and a natural monopoly. The purposes must be viewed beyond the prism of the mere registrar-consumer relationship as many interests are relevant and just as important.
>
While I strongly agree that the purposes need to be rather wider than
the domain name industry, I'm uncomfortable with both of the claims of
quasi-regulatory authority, the notion of the Internet as a commons.
The root zone is indeed a natural monopoly, though.
Best regards,
A
--
Andrew Sullivan
ajs@anvilwalrusden.com
_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg@icann.org
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg@icann.org
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg@icann.org
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
--
_________________________________
Note to self: Pillage BEFORE burning.
_______________________________________________ gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
-- Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung. Mit freundlichen Grüßen, Volker A. Greimann - Rechtsabteilung - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann@key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook: www.facebook.com/KeySystems www.twitter.com/key_systems Geschäftsführer: Alexander Siffrin Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen. -------------------------------------------- Should you have any further questions, please do not hesitate to contact us. Best regards, Volker A. Greimann - legal department - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann@key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Follow us on Twitter or join our fan community on Facebook and stay updated: www.facebook.com/KeySystems www.twitter.com/key_systems CEO: Alexander Siffrin Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
_______________________________________________ gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg