Evan and all, Doesn't the ALAC have a WG list for Whois issues? I believe it does. The rest of my remarks are interspersed below Evan's... -----Original Message-----
From: Evan Leibovitch <evan@telly.org> Sent: Apr 16, 2008 9:58 PM To: "Brendler, Beau" <Brenbe@consumer.org> Cc: NA Discuss <na-discuss@atlarge-lists.icann.org> Subject: Re: [NA-Discuss] WHOIS study group...NA RALO weigh in?
Brendler, Beau wrote:
Ross, I'm not so anxious to pick up torches, but there are new people coming on board in the NA RALO community who don't have the benefit of your years of experience as a senior executive at a registrar dealing with this issue, so that's why I posted this here -- in hopes of hearing something from new faces in the room, groups representing users, consumers, etc.
I guess I fit into this category. A little over a year ago I had nothing to do with ICANN. Thanks to Jacob's initiative, a better (but far from complete) understanding of the issues, and a knowledgeable and generally welcoming bunch of colleagues, I'm in a little deeper now. :-) And while my ALS's membership is reasonably technically inclined, I'd say that the proportion of them that own domains is definitely a minority (though higher than the general public).
We have not done an extensive survey of our ALS's members but the issue has come up at the executive/board level and some informal user group discussions. Generally I have heard agreement with what Beau stated as the Webwatch position:
Oversimply stated, we are interested in seeing a compromise that would allow a consumer to use accurate WHOIS data to help determine the credibility of a Web site with which the consumer is about to do business, while not compromising, say, the right of Burmese citizens to create Web sites to describe the conditions within their country without fear of being tracked down and harmed by their government via WHOIS data.
To be more specific, WHOIS accuracy is a non-issue -- it must exist -- what is at issue is the level of public access to that accurate informaion. I would suggest that any domain owned by a government agency or for-profit corporation must be public (just as corporate registration information is already public). Non-profits and individuals should be able to enable some kind of privacy while allowing appropriate legitimate access (ie, I would not want the above scenario to give said Burmese citizens the ability to engage in personal libel, or publishing secrets of others, with impunity).
Agreed here. I think that you mean is that the public access to Whois data remain pretty much as it is other than that data or whois listing must be accurate, which at the present time many if not most are not accurate. Too much access such as access to PII is a sure way of enabeling personal libel, Email farming for purposes of phishing, spam and other forms of illegal activity.
To extend this to the "intended" purpose of TLDs, I could live with all of .com, .int and .gov being required to be public, while .org could allow surrogates under proper circumstances. CCTLDs that use .com. or .org. subdomains an easily make similar distinctions.
Could allow yes, will be required to allow such surrogates certain levels of access beyond what is avaliable today, no. The idea of those .org's having an opt-in for such access is a potential good compermise.
I agree that study at a policy level is pointless -- the facts and opinions on all sides are well known and it's time for a political decision that takes a stand with the given information. The only required further study would IMO be regarding the business and mechanical implementation of the kinds of proxy / escrow / whatever models are required to allow a balance of privacy and accountability. Even unlisted telephone numbers are on record at the telco and are accessible under certain well-defined legal circumstances. There are other non-Internet examples -- such as access to auto license-plate registration information -- that indicate reasonable societal compromises between privacy and accountability. We're not the first ones with this dilemma.
All true, but not all that information is avaliable to the general public due to certain privacy laws and/or protections even with a subpoena. Even law enforcment cannot without significant cause get some of the information you list above, as I hope and believe you know... Whois was never meant to be a law enforcment tool, nor a tool for the general public to track an Domain Name holder but was intended for network operators to get in contact to Domain Name admins. in the there was a problem of once sort or another.
- Evan
------ NA-Discuss mailing list NA-Discuss@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/na-discuss_atlarge-lists.ica... Visit the NA-RALO Wiki at https://st.icann.org/naralo/ ------
Regards, Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] =============================================================== Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827