WHOIS Public Comments - for your review
Dear Review Team Members, Please find attached a public comment draft announcement for your review and consideration in anticipation of your conference call scheduled for tomorrow. Kindly note that this was drafted and approved by Kathy and Emily. Many thanks in advance, Very best regards Alice
Hi All, There was a little help from Alice - tx you, Alice! If everyone could please review the public comment in preparation for our meeting tomorrow, we would appreciate it. Further, if the subteams could please check their materials to ensure that we used the most recent version of everything, we would appreciate it! Thanks so much, Kathy From: rt4-whois-bounces@icann.org [mailto:rt4-whois-bounces@icann.org] On Behalf Of Alice Jansen Sent: Tuesday, March 01, 2011 4:09 AM To: rt4-whois@icann.org WHOIS Subject: [Rt4-whois] WHOIS Public Comments - for your review Dear Review Team Members, Please find attached a public comment draft announcement for your review and consideration in anticipation of your conference call scheduled for tomorrow. Kindly note that this was drafted and approved by Kathy and Emily. Many thanks in advance, Very best regards Alice
This looks good, though I would like to suggest a change to the definition of Consumer. I would change the following: "and Users (e.g. individuals, commercial or non-commercial entities who use the data legitimately) of the WHOIS data" to "and, Users (e.g. individuals, commercial or non-commercial entities who use the data legitimately) of the WHOIS data, and non-Users. I believe this accurately captures our intention for "All global Internet users". On Mar 1, 2011, at 4:41 AM, Kathy Kleiman wrote: Hi All, There was a little help from Alice – tx you, Alice! If everyone could please review the public comment in preparation for our meeting tomorrow, we would appreciate it. Further, if the subteams could please check their materials to ensure that we used the most recent version of everything, we would appreciate it! Thanks so much, Kathy From: rt4-whois-bounces@icann.org<mailto:rt4-whois-bounces@icann.org> [mailto:rt4-whois-bounces@icann.org] On Behalf Of Alice Jansen Sent: Tuesday, March 01, 2011 4:09 AM To: rt4-whois@icann.org<mailto:rt4-whois@icann.org> WHOIS Subject: [Rt4-whois] WHOIS Public Comments - for your review Dear Review Team Members, Please find attached a public comment draft announcement for your review and consideration in anticipation of your conference call scheduled for tomorrow. Kindly note that this was drafted and approved by Kathy and Emily. Many thanks in advance, Very best regards Alice <ATT00001..txt>
Hello all, Thanks Alice for circulating this document, which I think will form an excellent basis for the team's consultation with the community. My comments are below. As you'll see, they are primarily attempts to keep the definitions broad, inclusive and as plain-English as possible, recognising the broad range of stakeholders we will be targeting. There are also some comments which I offer for discussion, as some of the proposed wording seems to me to imply a decision or inclination on the part of the review team on issues that have yet to be discussed in detail. I would also like to discuss the survey, as I am unsure what this is intended to achieve. I am happy to discuss any of these comments, and look forward to today's teleconference. Kind regards, Peter Law enforcement As noted in my earlier email, I have some reservations about the law enforcement definition that has been proposed. I think I understand what is intended and why some of the caveats have been included, but from my perspective I think a simpler formulation would achieve the same result with less ambiguity and sensitivity. As such I propose the following, based on earlier definitions circulated by the sub-group: "Law Enforcement shall be considered to be an organisation endorsed by a government and whose responsibilities include the maintenance, co-ordination, or enforcement of laws, multi-national treaty or other legal obligations." My reasoning is below: * The exclusive list of 'department, division...' etc appears to be unnecessary, and risks excluding a legitimate law enforcement organisation. Reference to an organisation appears to achieve the same goal. * I do not understand what is meant by 'part and parcel'. In my view, reference to an organisation 'endorsed' by a government (noting that it must have specific and legitimate legal responsibilities) is sufficient and clearer. * I suggest that the reference to 'responsibilities' should be inclusive, as a legitimate law enforcement organisation may have other responsibilities (e.g. advising government t on the effectiveness of laws etc). * I understand the reference to 'regulations', but think that it should be broader (in Australia, regulation has a particular meaning and is only one type of 'legislative instrument', all of which have the force of law). I propose that we use 'other legal obligations' instead, as a broader formulation. * I do not think the references to boundaries are necessary, and raise sensitive geo-political issues beyond the remit of the review team. Applicable laws With regard to applicable laws, I think the definition does a good job of covering the field of possible laws that regulate personal data. However, I note that the relevant sentence in the AoC refers to an obligation on ICANN to enforce its WHOIS policies (without caveats). Without specific advice from ICANN on what it considers the relevant laws to be, I propose a simple change to the proposed definition to make it inclusive rather than exclusive. In this way, if ICANN decides that the contract/commercial law of a country is relevant to its ability to enforce a contract obligation, then we haven't inadvertently excluded this. I also have concerns about the phrase 'internationally recognised legal norms', as agreement about what an internationally recognised legal norm is would appear to be beyond the scope of the review team. I have tried to simplify the definition accordingly: "Includes any and all local and national laws that regulate and/or control the collection, use, access, and disclosure of personally identifiable information. It may also include other relevant legal obligations or treaties." Consumer trust I think the definition is good, noting that I agree with Bill's recently proposed edit. However, I have some reservations about the preamble. If this is to be retained, I would suggest that it be generalised to avoid the impression that the review is focused on one particular jurisdiction, region or other type of grouping. As such, I propose the following to replace the existing two paragraphs of preamble: "There is no single universally agreed definition of 'consumer', and legal definitions in different jurisdictions vary widely. Some are narrow and limited to 'natural persons', while others are broader and include various types of organisations. The WHOIS review team has been considering a broad interpretation of the term 'consumer', as this would allow a broad range of perspectives to be considered by the review team. This appears to be consistent with the intention of the drafters of the AoC." With regard to 'B. What promotes consumer trust?', I would like to discuss further the phrase 'WHOIS data is provided accurately and with consent'. I initially read this as a simple recognition of the need to consider privacy issues. However, I now wonder whether this can be read as an unambiguous statement of a specific requirement (i.e. the need for consent). If so, I do not think we have reached a settled position on this issue yet. I'm not advocating a view either way on this, and I think the discussion forward will need to be detailed and nuanced, but I am concerned that the existing text could be seen to close off these discussions. I have a similar comment on question 5 in the survey, which refers to 'legitimate options available to hide the WHOIS data'. Again, I do not think the existing situation is so clear cut, and I personally have not got a settled position on this. With regard to the survey as a whole, I have some comments on the wording of specific questions (particularly relating to clarity), but I wanted to raise a broader issue. In particular, I note that the current proposed survey is essentially closed and qualitative, and I wonder what exactly we are aiming to achieve from it? From: rt4-whois-bounces@icann.org [mailto:rt4-whois-bounces@icann.org] On Behalf Of Alice Jansen Sent: Tuesday, 1 March 2011 8:09 PM To: rt4-whois@icann.org WHOIS Subject: [Rt4-whois] WHOIS Public Comments - for your review Dear Review Team Members, Please find attached a public comment draft announcement for your review and consideration in anticipation of your conference call scheduled for tomorrow. Kindly note that this was drafted and approved by Kathy and Emily. Many thanks in advance, Very best regards Alice ------------------------------------------------------------------------------- The information transmitted is for the use of the intended recipient only and may contain confidential and/or legally privileged material. Any review, re-transmission, disclosure, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited and may result in severe penalties. If you have received this e-mail in error please notify the Security Advisor of the Department of Broadband, Communications and the Digital Economy, 38 Sydney Ave, Forrest ACT 2603, telephone (02) 6271-1376 and delete all copies of this transmission together with any attachments. Please consider the environment before printing this email. -------------------------------------------------------------------------------
Peter et al, Thank you for your very thorough and valuable points. Since I am not sure whether I will be able to make the call tonight, I thought I should send my responses now and that will also give everyone at least some time to mull over them. Generally, I certainly understand your concerns and attempt to be as inclusive as possible and that is, quite often, one of the most difficult issues in legal drafting. As I am sure everyone has seen in some contract or another a definition which seems to be quite clear and it even lists some definitive examples, but then there is all of a sudden a sub-clause that is the "catch-all" phrase which basically says "and everything else that could possibly be included". The problem with those kind of approaches is that it makes legal documents and legislation virtually impossible to interpret accurately and effectively and the courts have to parse the "intent" from external sources, i.e, outside the four corners of the contract or statute. Therefore, I am a strong proponent of clear and, if possible, closely defined terms, definitions, etc. The reason for that is that it is always easier to give more down the road than to take away. With respect to "law enforcement" and applicable law" I think that your broader definitions are a little bit too broad for the purpose that the AOC statement puts forth: “ICANN additionally commits to enforcing its existing policy relating to WHOIS, subject to applicable laws. Such existing policy requires that ICANN implement measures to maintain timely, unrestricted and public access to accurate and complete WHOIS information, including registrant, technical, billing, and administrative contact information. One year from the effective date of this document and then no less frequently than every three years thereafter, ICANN will organize a review of WHOIS policy and its implementation to assess the extent to which WHOIS policy is effective and its implementation meets the legitimate needs of law enforcement and promotes consumer trust.” I feel that your definitions are more encompassing than is required for the purpose of the definition, i.e., in relation to WHOIS only. I have provided my specific comments to your points below:
Law enforcement
As noted in my earlier email, I have some reservations about the law enforcement definition that has been proposed. I think I understand what is intended and why some of the caveats have been included, but from my perspective I think a simpler formulation would achieve the same result with less ambiguity and sensitivity.
As such I propose the following, based on earlier definitions circulated by the sub-group:
“Law Enforcement shall be considered to be an organisation endorsed by a government and whose responsibilities include the maintenance, co-ordination, or enforcement of laws, multi-national treaty or other legal obligations.”
=> "endorsed" is a fairly ambiguous term and can be interpreted too broadly. Indeed, certain IP constituencies here in Canada are "endorsed" by the government, but, by no means, I would argue should be considered "law enforcement". Also, for example, chartered banks are "endorsed" by government, but I don't think anyone would suggest that they should also be included in "law enforcement". All of the aforementioned is not fettered by the second part of the definition, i.e,. "whose responsibility include..." etc. since either of the examples I raised do, maintain, co-ordinate, etc. some laws of some sort.
My reasoning is below:
· The exclusive list of ‘department, division...’ etc appears to be unnecessary, and risks excluding a legitimate law enforcement organisation. Reference to an organisation appears to achieve the same goal.
=> just the reference to an "organization" does not result in the same meaning and is significantly broader especially with the word following it - "endorsed".
· I do not understand what is meant by ‘part and parcel’. In my view, reference to an organisation ‘endorsed’ by a government (noting that it must have specific and legitimate legal responsibilities) is sufficient and clearer.
=> the part and parcel was meant to convey that it has to be part of a government and cannot be just an entity which is, e.g., an IP constituency or a bank some of which are "organizations" and are "endorsed" by governments.
· I suggest that the reference to ‘responsibilities’ should be inclusive, as a legitimate law enforcement organisation may have other responsibilities (e.g. advising government t on the effectiveness of laws etc).
=> the "maintenance, co-ordination" covers the aspect of the example you raised. Indeed, I would argue that you cannot maintain and co-ordinate anything unless you have some metrics against which you measure your success in maintaining and co-ordinating. However, the advising responsibilities with respect to policy changes (which then eventually may lead to revised laws) are not.
· I understand the reference to ‘regulations’, but think that it should be broader (in Australia, regulation has a particular meaning and is only one type of ‘legislative instrument’, all of which have the force of law). I propose that we use ‘other legal obligations’ instead, as a broader formulation.
=> the addition of "other legal obligations" makes the entire definition fairly obsolete because with the other changes proposed, the pool of "actual" law enforcement (based on the revised definition) is exceptionally broad and I believe that that opens the door for exactly the kind of organizations we intended to exclude. I agree with your point that regarding regulations as they do also have a specific meaning here in Canada. In essence, regulations are attached to statutes as the "operating" part of a statute. To be more inclusive, we should also include directives, ordinances, by-laws, etc. In light of that, I would propose that we change that part of the definition to simply refer to "laws or multi-national treaty obligations" or simply "government imposed legal obligations".
· I do not think the references to boundaries are necessary, and raise sensitive geo-political issues beyond the remit of the review team.
=> I would argue that it is actually quite important. While I understand your concerns, but there are numerous countries which have and still are using their "long arm jurisdiction" to influence the behavior of people outside their respective jurisdictional boundaries.
Applicable laws
With regard to applicable laws, I think the definition does a good job of covering the field of possible laws that regulate personal data.
However, I note that the relevant sentence in the AoC refers to an obligation on ICANN to enforce its WHOIS policies (without caveats). Without specific advice from ICANN on what it considers the relevant laws to be, I propose a simple change to the proposed definition to make it inclusive rather than exclusive. In this way, if ICANN decides that the contract/commercial law of a country is relevant to its ability to enforce a contract obligation, then we haven’t inadvertently excluded this.
I also have concerns about the phrase ‘internationally recognised legal norms’, as agreement about what an internationally recognised legal norm is would appear to be beyond the scope of the review team. I have tried to simplify the definition accordingly:
“Includes any and all local and national laws that regulate and/or control the collection, use, access, and disclosure of personally identifiable information. It may also include other relevant legal obligations or treaties.”
=> I do believe that the reference to the human rights norms etc. is an important one and as such I don't think it should be deleted. With respect to "other relevant legal obligations or treaties", I think that makes the definition to broad and as such defeats the purpose of defining the term "applicable law". I do understand your point about trying to make it more inclusive, but we, as the sub-team, were of the view that when you boil all of the aspects of the WHOIS down to its core, the issues at hand are: collection, use, access, disclosure, and destruction of personally identifiable information. All the other issues, such as torts, contract, ip, etc. laws are laws which provide for limits and exceptions to the general tenant of the collection, use, access, disclosure, and destruction of personally identifiable information. We are not talking about "legitimate uses" in this definition, but are simply stating that the core applicable law is founded in the administration, within a government, of the collection, use, access, disclosure, and destruction of personally identifiable information. Each privacy law and the EU or the UN data/privacy protection regime carve out numerous exceptions. Therefore, the other laws, uses, etc. are by reference included in this definition through the respective privacy and data protection regimes in each country. I hope my rambling made some sense. Again thank you for your comments and I think this discussion is a very beneficial one for all of us because it leads us to a clearer and, eventually, mutual understanding of all the issues involved in this review which, in turn will provide us withe hymnbook from which we all can sing. Kim
Hi Kim, Thanks for your comprehensive reply. I agree that this is a useful discussion for the review team as a whole, and wanted to follow up your points further. At the risk of losing the thread of the conversation, I have inserted my comments into your email below. In case my formatting efforts to make the new text clear fail, I have put a 'P:' in from of each of my comments - I hope this makes sense when you read the below. Kind regards, Peter From: Kim G. von Arx [mailto:kim@vonarx.ca] Sent: Wednesday, 2 March 2011 1:57 PM To: Nettlefold, Peter Cc: rt4-whois@icann.org WHOIS Subject: Re: [Rt4-whois] WHOIS Public Comments - for your review [SEC=UNCLASSIFIED] Peter et al, Thank you for your very thorough and valuable points. Since I am not sure whether I will be able to make the call tonight, I thought I should send my responses now and that will also give everyone at least some time to mull over them. Generally, I certainly understand your concerns and attempt to be as inclusive as possible and that is, quite often, one of the most difficult issues in legal drafting. As I am sure everyone has seen in some contract or another a definition which seems to be quite clear and it even lists some definitive examples, but then there is all of a sudden a sub-clause that is the "catch-all" phrase which basically says "and everything else that could possibly be included". The problem with those kind of approaches is that it makes legal documents and legislation virtually impossible to interpret accurately and effectively and the courts have to parse the "intent" from external sources, i.e, outside the four corners of the contract or statute. Therefore, I am a strong proponent of clear and, if possible, closely defined terms, definitions, etc. P: I agree with your sentiments, and I am also an advocate for clarity. In this case, I had understood that we are trying to reach out to the community for input. As a result of that input, we may decide that our initial definitions are too broad, too narrow or even inappropriate. If we get some responses that we later decide are out of scope because our initial definitions were too broad, then I do not see a particular issue with that (if that were the case, then presumably we would have reasoned arguments to explain our position). I would be more concerned if someone with a legitimate interest did not interact with the review team as they felt excluded. If I have misunderstood this process, and we are offering final definitions designed to include and exclude stakeholders, and that these will form a pre-set basis for our final analysis and recommendations, then I think we need to have a different conversation. The reason for that is that it is always easier to give more down the road than to take away. With respect to "law enforcement" and applicable law" I think that your broader definitions are a little bit too broad for the purpose that the AOC statement puts forth: "ICANN additionally commits to enforcing its existing policy relating to WHOIS, subject to applicable laws. Such existing policy requires that ICANN implement measures to maintain timely, unrestricted and public access to accurate and complete WHOIS information, including registrant, technical, billing, and administrative contact information. One year from the effective date of this document and then no less frequently than every three years thereafter, ICANN will organize a review of WHOIS policy and its implementation to assess the extent to which WHOIS policy is effective and its implementation meets the legitimate needs of law enforcement and promotes consumer trust." I feel that your definitions are more encompassing than is required for the purpose of the definition, i.e., in relation to WHOIS only. I have provided my specific comments to your points below: Law enforcement As noted in my earlier email, I have some reservations about the law enforcement definition that has been proposed. I think I understand what is intended and why some of the caveats have been included, but from my perspective I think a simpler formulation would achieve the same result with less ambiguity and sensitivity. As such I propose the following, based on earlier definitions circulated by the sub-group: "Law Enforcement shall be considered to be an organisation endorsed by a government and whose responsibilities include the maintenance, co-ordination, or enforcement of laws, multi-national treaty or other legal obligations." => "endorsed" is a fairly ambiguous term and can be interpreted too broadly. Indeed, certain IP constituencies here in Canada are "endorsed" by the government, but, by no means, I would argue should be considered "law enforcement". Also, for example, chartered banks are "endorsed" by government, but I don't think anyone would suggest that they should also be included in "law enforcement". All of the aforementioned is not fettered by the second part of the definition, i.e,. "whose responsibility include..." etc. since either of the examples I raised do, maintain, co-ordinate, etc. some laws of some sort. P: Leaving aside the question of whether 'part and parcel' or 'endorsed' is clearer or more appropriate, I would respond directly to what I think your point is - i.e. the exclusion of some organisations. I would pose the following question: if a relevant government decided to endorse an organisation with responsibility for maintaining, co-ordinating or enforcing laws, is it really the place of this review team to argue that this is inappropriate? If so, on what basis? My reasoning is below: * The exclusive list of 'department, division...' etc appears to be unnecessary, and risks excluding a legitimate law enforcement organisation. Reference to an organisation appears to achieve the same goal. => just the reference to an "organization" does not result in the same meaning and is significantly broader especially with the word following it - "endorsed". P: I'm not wedded to the word 'organisation'. I only offer it as an alternative to an exclusive list, which has an inherent risk of exclusion. * I do not understand what is meant by 'part and parcel'. In my view, reference to an organisation 'endorsed' by a government (noting that it must have specific and legitimate legal responsibilities) is sufficient and clearer. => the part and parcel was meant to convey that it has to be part of a government and cannot be just an entity which is, e.g., an IP constituency or a bank some of which are "organizations" and are "endorsed" by governments. P: See above. * I suggest that the reference to 'responsibilities' should be inclusive, as a legitimate law enforcement organisation may have other responsibilities (e.g. advising government t on the effectiveness of laws etc). => the "maintenance, co-ordination" covers the aspect of the example you raised. Indeed, I would argue that you cannot maintain and co-ordinate anything unless you have some metrics against which you measure your success in maintaining and co-ordinating. However, the advising responsibilities with respect to policy changes (which then eventually may lead to revised laws) are not. P: I agree with your response to my example. My concern is that we exclude an agency that has a legitimate role in law enforcement because that is not its only function. So long as an organisation has such a legitimate role, I think it should be included. * I understand the reference to 'regulations', but think that it should be broader (in Australia, regulation has a particular meaning and is only one type of 'legislative instrument', all of which have the force of law). I propose that we use 'other legal obligations' instead, as a broader formulation. => the addition of "other legal obligations" makes the entire definition fairly obsolete because with the other changes proposed, the pool of "actual" law enforcement (based on the revised definition) is exceptionally broad and I believe that that opens the door for exactly the kind of organizations we intended to exclude. I agree with your point that regarding regulations as they do also have a specific meaning here in Canada. In essence, regulations are attached to statutes as the "operating" part of a statute. To be more inclusive, we should also include directives, ordinances, by-laws, etc. In light of that, I would propose that we change that part of the definition to simply refer to "laws or multi-national treaty obligations" or simply "government imposed legal obligations". P: I agree. I had a similar discussion with stakeholders, but we could not think of an alternative that worked. You've provided one, and so I'd support your formulation of 'government imposed legal obligations'. * I do not think the references to boundaries are necessary, and raise sensitive geo-political issues beyond the remit of the review team. => I would argue that it is actually quite important. While I understand your concerns, but there are numerous countries which have and still are using their "long arm jurisdiction" to influence the behavior of people outside their respective jurisdictional boundaries. P: I have to disagree. It seems to me to be sensitive territory, and I don't understand what would be gained by the review team focusing on this. Applicable laws With regard to applicable laws, I think the definition does a good job of covering the field of possible laws that regulate personal data. However, I note that the relevant sentence in the AoC refers to an obligation on ICANN to enforce its WHOIS policies (without caveats). Without specific advice from ICANN on what it considers the relevant laws to be, I propose a simple change to the proposed definition to make it inclusive rather than exclusive. In this way, if ICANN decides that the contract/commercial law of a country is relevant to its ability to enforce a contract obligation, then we haven't inadvertently excluded this. I also have concerns about the phrase 'internationally recognised legal norms', as agreement about what an internationally recognised legal norm is would appear to be beyond the scope of the review team. I have tried to simplify the definition accordingly: "Includes any and all local and national laws that regulate and/or control the collection, use, access, and disclosure of personally identifiable information. It may also include other relevant legal obligations or treaties." => I do believe that the reference to the human rights norms etc. is an important one and as such I don't think it should be deleted. P: No argument from me that human rights are important. What I do question is what is meant by an 'internationally recognised legal norm'? With respect to "other relevant legal obligations or treaties", I think that makes the definition to broad and as such defeats the purpose of defining the term "applicable law". I do understand your point about trying to make it more inclusive, but we, as the sub-team, were of the view that when you boil all of the aspects of the WHOIS down to its core, the issues at hand are: collection, use, access, disclosure, and destruction of personally identifiable information. All the other issues, such as torts, contract, ip, etc. laws are laws which provide for limits and exceptions to the general tenant of the collection, use, access, disclosure, and destruction of personally identifiable information. We are not talking about "legitimate uses" in this definition, but are simply stating that the core applicable law is founded in the administration, within a government, of the collection, use, access, disclosure, and destruction of personally identifiable information. P: I agree, and disagree. The problem may be that I didn't explain myself fully (although I accept that you may still disagree). My point is that 'applicable laws' is set out in the AoC differently to the parts that set out the scope for the review team. As such, it covers 'applicable laws' from ICANN's perspective in 'enforcing its existing policy'. I think we've all agreed that one way that ICANN implements and enforces its policies (even if they're not the official 'policy' as such) is through its RAA and RRA contracts. The extent to which ICANN can enforce these is presumably subject to commercial/company/contract etc law. That is my point. I agree that it's not directly related to the WHOIS data as such, but may be relevant to how effectively ICANN can implement and enforce its WHOIS policies. Each privacy law and the EU or the UN data/privacy protection regime carve out numerous exceptions. Therefore, the other laws, uses, etc. are by reference included in this definition through the respective privacy and data protection regimes in each country. I hope my rambling made some sense. Again thank you for your comments and I think this discussion is a very beneficial one for all of us because it leads us to a clearer and, eventually, mutual understanding of all the issues involved in this review which, in turn will provide us withe hymnbook from which we all can sing. Kim ------------------------------------------------------------------------------- The information transmitted is for the use of the intended recipient only and may contain confidential and/or legally privileged material. Any review, re-transmission, disclosure, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited and may result in severe penalties. If you have received this e-mail in error please notify the Security Advisor of the Department of Broadband, Communications and the Digital Economy, 38 Sydney Ave, Forrest ACT 2603, telephone (02) 6271-1376 and delete all copies of this transmission together with any attachments. Please consider the environment before printing this email. -------------------------------------------------------------------------------
With regard to B. What promotes consumer trust?, I would like to discuss further the phrase WHOIS data is provided accurately and with consent. I initially read this as a simple recognition of the need to consider privacy issues. However, I now wonder whether this can be read as an unambiguous statement of a specific requirement (i.e. the need for consent). If so, I do not think we have reached a settled position on this issue yet. Im not advocating a view either way on this, and I think the discussion forward will need to be detailed and nuanced, but I am concerned that the existing text could be seen to close off these discussions. I have a similar comment on question 5 in the survey, which refers to legitimate options available to hide the WHOIS data. Again, I do not think the existing situation is so clear cut, and I personally have not got a settled position on this. Sarmad è Trust is a perceptual measure. Understanding of privacy and legitimacy may vary from one person to another, depending on the culture they are coming from. Thus, these questions can still gauge perceptions even with agreeing with definitions which are not clearly settled. However, this is not to say that we should work harder to define many of these terms as clearly as we can. With regard to the survey as a whole, I have some comments on the wording of specific questions (particularly relating to clarity), but I wanted to raise a broader issue. In particular, I note that the current proposed survey is essentially closed and qualitative, and I wonder what exactly we are aiming to achieve from it? Sarmad è We are perhaps wanting to break down different aspects of Consumer Trust to better measure how the relevant stakeholders perceive the contribution of the service in the context. The break down will also help identify which specific areas of the cumulative Consumer Trust need to be addressed. This is in the context of the our specific mandate: review of WHOIS policy and its implementation to assess the extent to which WHOIS policy promotes consumer trust Regards, Sarmad From: rt4-whois-bounces@icann.org [mailto:rt4-whois-bounces@icann.org] On Behalf Of Alice Jansen Sent: Tuesday, 1 March 2011 8:09 PM To: rt4-whois@icann.org WHOIS Subject: [Rt4-whois] WHOIS Public Comments - for your review Dear Review Team Members, Please find attached a public comment draft announcement for your review and consideration in anticipation of your conference call scheduled for tomorrow. Kindly note that this was drafted and approved by Kathy and Emily. Many thanks in advance, Very best regards Alice ---------------------------------------------------------------------------- --- The information transmitted is for the use of the intended recipient only and may contain confidential and/or legally privileged material. Any review, re-transmission, disclosure, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited and may result in severe penalties. If you have received this e-mail in error please notify the Security Advisor of the Department of Broadband, Communications and the Digital Economy, 38 Sydney Ave, Forrest ACT 2603, telephone (02) 6271-1376 and delete all copies of this transmission together with any attachments. Please consider the environment before printing this email. ---------------------------------------------------------------------------- --- No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.872 / Virus Database: 271.1.1/3475 - Release Date: 03/01/11 12:34:00
participants (6)
-
Alice Jansen -
Dr. Sarmad Hussain -
Kathy Kleiman -
Kim G. von Arx -
Nettlefold, Peter -
Smith, Bill